Unverified Commit d8c0132a authored by RoyUP9's avatar RoyUP9 Committed by GitHub
Browse files

Fixed location of pre tap permission files (#852)

parent c5a36a49
Showing with 10 additions and 25 deletions
+10 -25
......@@ -2,8 +2,8 @@ package cmd
import (
"context"
"embed"
"fmt"
"github.com/up9inc/mizu/shared"
rbac "k8s.io/api/rbac/v1"
"k8s.io/apimachinery/pkg/runtime"
"k8s.io/client-go/kubernetes/scheme"
......@@ -17,6 +17,11 @@ import (
"github.com/up9inc/mizu/shared/semver"
)
var (
//go:embed permissionFiles
embedFS embed.FS
)
func runMizuCheck() {
logger.Log.Infof("Mizu checks\n===================")
......@@ -248,12 +253,12 @@ func checkK8sTapPermissions(ctx context.Context, kubernetesProvider *kubernetes.
var filePath string
if config.Config.IsNsRestrictedMode() {
filePath = "./examples/roles/permissions-ns-tap.yaml"
filePath = "permissionFiles/permissions-ns-tap.yaml"
} else {
filePath = "./examples/roles/permissions-all-namespaces-tap.yaml"
filePath = "permissionFiles/permissions-all-namespaces-tap.yaml"
}
data, err := shared.ReadFromFile(filePath)
data, err := embedFS.ReadFile(filePath)
if err != nil {
logger.Log.Errorf("%v error while checking kubernetes permissions, err: %v", fmt.Sprintf(uiUtils.Red, "✗"), err)
return false
......
......@@ -85,4 +85,4 @@ By default Mizu requires cluster-wide permissions.
If these are not available to the user, it is possible to run Mizu in namespace-restricted mode which has a reduced set of requirements.
This is done by by setting the `mizu-resources-namespace` config option. See [configuration](CONFIGURATION.md) for instructions.
The different requirements are listed in [the example roles dir](../examples/roles)
The different requirements are listed in [the permission templates dir](../cli/cmd/permissionFiles)
package shared
import (
"io/ioutil"
"os"
)
func ReadFromFile(path string) ([]byte, error) {
reader, err := os.Open(path)
if err != nil {
return nil, err
}
data, err := ioutil.ReadAll(reader)
if err != nil {
return nil, err
}
return data, nil
}
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment