You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
To push images to the Openshift repo, the system:admin needs to grant access to the developer user. That's not in the deployment scripts. I wrote this, should probably go in the 1_create_conjur_namespace.sh script.
This may grant excessive privileges so some scrutiny/testing is warranted.
$ cat grant-user-access.sh
#!/bin/bash
if [[ $# -ne 1 ]]; then
echo "Provide name of developer user..."
exit -1
fi
USER=$1
oc adm policy add-role-to-user system:registry $USER
oc adm policy add-role-to-user system:image-builder $USER
To push images to the Openshift repo, the system:admin needs to grant access to the developer user. That's not in the deployment scripts. I wrote this, should probably go in the 1_create_conjur_namespace.sh script.
This may grant excessive privileges so some scrutiny/testing is warranted.
$ cat grant-user-access.sh
#!/bin/bash
if [[ $# -ne 1 ]]; then
echo "Provide name of developer user..."
exit -1
fi
USER=$1
oc adm policy add-role-to-user system:registry $USER
oc adm policy add-role-to-user system:image-builder $USER
oc adm policy add-role-to-user admin developer -n default
oc adm policy add-role-to-user admin developer -n $CONJUR_NAMESPACE_NAME
The text was updated successfully, but these errors were encountered: