-
Notifications
You must be signed in to change notification settings - Fork 249
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[plugin] use namespace to get the PodDisruptionBudgetList #4530
[plugin] use namespace to get the PodDisruptionBudgetList #4530
Conversation
63bfbf9
to
04be000
Compare
❗ By default, the pull request is configured to backport to all release branches.
|
i think b4c24da fixed it in a better way as the namespace is mandatory to get the cluster status. Now also non cluster-admin users are able to receive the correct pdb status. |
As these lines are added to 157 var pdbl policyv1.PodDisruptionBudgetList
158 if err := plugin.Client.List(ctx, &pdbl, client.MatchingLabels{utils.ClusterLabelName: clusterName}); err != nil {
159 return nil, fmt.Errorf("while extracting PodDisruptionBudgetList: %w", err)
160 } it can be backported to
|
b4c24da
to
99a0398
Compare
Hi @HaveFun83, thank you for contributing to CNPG! |
sure i will try |
948b21c
to
3b08dc8
Compare
Started an E2e test run on the EDB repo to save some OSS workers: https://github.com/EnterpriseDB/cloudnative-pg/actions/runs/9094968817 |
@leonardoce thanks a lot for your support |
E2e tests are green |
Signed-off-by: HaveFun83 <38665716+HaveFun83@users.noreply.github.com>
Signed-off-by: HaveFun83 <38665716+HaveFun83@users.noreply.github.com>
Signed-off-by: HaveFun83 <38665716+HaveFun83@users.noreply.github.com>
Signed-off-by: Leonardo Cecchi <leonardo.cecchi@enterprisedb.com>
25d5774
to
f9bfc6b
Compare
Looks good to me. Waiting for another maintainer to review it. |
/ok-to-merge e2e tests are green |
In the kubectl plugin, when getting the list of PodDisruptionBudgets, the code wasn't restricting the selection to the namespace where the target Cluster resource has been created. This patch fixes that, with the added benefit of restricting the set of privileges needed by the user. Fixes #4522 Signed-off-by: HaveFun83 <38665716+HaveFun83@users.noreply.github.com> Signed-off-by: Leonardo Cecchi <leonardo.cecchi@enterprisedb.com> Co-authored-by: Leonardo Cecchi <leonardo.cecchi@enterprisedb.com> (cherry picked from commit 7420aed)
In the kubectl plugin, when getting the list of PodDisruptionBudgets, the code wasn't restricting the selection to the namespace where the target Cluster resource has been created. This patch fixes that, with the added benefit of restricting the set of privileges needed by the user. Fixes #4522 Signed-off-by: HaveFun83 <38665716+HaveFun83@users.noreply.github.com> Signed-off-by: Leonardo Cecchi <leonardo.cecchi@enterprisedb.com> Co-authored-by: Leonardo Cecchi <leonardo.cecchi@enterprisedb.com> (cherry picked from commit 7420aed)
In the kubectl plugin, when getting the list of PodDisruptionBudgets, the code wasn't restricting the selection to the namespace where the target Cluster resource has been created. This patch fixes that, with the added benefit of restricting the set of privileges needed by the user. Fixes #4522 Signed-off-by: HaveFun83 <38665716+HaveFun83@users.noreply.github.com> Signed-off-by: Leonardo Cecchi <leonardo.cecchi@enterprisedb.com> Co-authored-by: Leonardo Cecchi <leonardo.cecchi@enterprisedb.com> (cherry picked from commit 7420aed)
This PR mitigate the behavior of
kubectl cnpg status
when the user don't have sufficient rights to list poddisruptionbudgets at the cluster scrope an error and the cnpg status output will be displayed.example output
Fixes #4522