From 6bacda0d180437b97d358deedc285db3ac9ab619 Mon Sep 17 00:00:00 2001 From: Miel Donkers Date: Tue, 21 Dec 2021 10:22:55 +0100 Subject: [PATCH] Release Operator bundle with updated RBAC configuration --- ...stana-agent-operator.clusterserviceversion.yaml | 14 ++++++++++++++ ci/pipeline.yaml | 2 +- 2 files changed, 15 insertions(+), 1 deletion(-) diff --git a/bundle/manifests/instana-agent-operator.clusterserviceversion.yaml b/bundle/manifests/instana-agent-operator.clusterserviceversion.yaml index a9959691..00835cb7 100644 --- a/bundle/manifests/instana-agent-operator.clusterserviceversion.yaml +++ b/bundle/manifests/instana-agent-operator.clusterserviceversion.yaml @@ -272,6 +272,11 @@ spec: - events verbs: - create + - nonResourceURLs: + - /version + - /healthz + verbs: + - get - apiGroups: - "" resources: @@ -343,6 +348,15 @@ spec: verbs: - get - list + - watch + - apiGroups: + - security.openshift.io + resourceNames: + - privileged + resources: + - securitycontextconstraints + verbs: + - use serviceAccountName: controller-manager deployments: - name: controller-manager diff --git a/ci/pipeline.yaml b/ci/pipeline.yaml index 9b0b0b57..202ccdd6 100644 --- a/ci/pipeline.yaml +++ b/ci/pipeline.yaml @@ -369,7 +369,7 @@ jobs: # Store the SHA of the manifest in a variable for use in the next pipeline task. Can only retrieve it while pushing echo "---> Pushing multi-architectural manifest to docker.io" docker manifest push --purge "docker.io/instana/instana-agent-operator:$OPERATOR_DOCKER_VERSION" | tee "latest-operator-image-manifest-sha/sha-${VERSION}" - + # Validate the SHA to be sure we captured something if ! [[ $(cat "latest-operator-image-manifest-sha/sha-${VERSION}") =~ ^sha256:[0-9a-zA-Z]+$ ]]; then echo "---> Did not manage to capture a valid digest for the manifest, aborting; $(cat "latest-operator-image-manifest-sha/sha-${VERSION}")"