Skip to content
GitLab
  • Menu
Projects Groups Snippets
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
  • Sign in
  • K Kubevela
  • Project information
    • Project information
    • Activity
    • Labels
    • Members
  • Repository
    • Repository
    • Files
    • Commits
    • Branches
    • Tags
    • Contributors
    • Graph
    • Compare
    • Locked Files
  • Issues 0
    • Issues 0
    • List
    • Boards
    • Service Desk
    • Milestones
    • Requirements
  • Merge requests 0
    • Merge requests 0
  • CI/CD
    • CI/CD
    • Pipelines
    • Jobs
    • Schedules
    • Test Cases
  • Deployments
    • Deployments
    • Environments
    • Releases
  • Packages & Registries
    • Packages & Registries
    • Package Registry
    • Infrastructure Registry
  • Monitor
    • Monitor
    • Incidents
  • Analytics
    • Analytics
    • Value stream
    • CI/CD
    • Code review
    • Insights
    • Issue
    • Repository
  • Wiki
    • Wiki
  • Snippets
    • Snippets
  • Activity
  • Graph
  • Create a new issue
  • Jobs
  • Commits
  • Issue Boards
Collapse sidebar
  • 小 白蛋
  • Kubevela
  • Repository
Switch branch/tag
  • kubevela
  • pkg
  • workflow
  • tasks
  • discover.go
Find file BlameHistoryPermalink
  • Sunghoon Kang's avatar
    Feat: reconcile app with scoped permissions (#3434) · 1300a980
    Sunghoon Kang authored Mar 15, 2022
    
    
    * Refactor: refactor multi cluster round trippers
    
    Before adding more RoundTrippers, it would be better to expose common
    logic in the utility package.
    
    This commit exports `tryCancelRequest` at `utils` package, and make
    `secretMultiClusterRoundTripper` implement `RoundTripperWrapper`
    interface to allow chaining multiple round trippers.
    
    Refs #3432
    Signed-off-by: default avatarSunghoon Kang <hoon@linecorp.com>
    
    * Feat: reconcile app with scoped permissions
    
    Currently, all Application resources are reconciled by the Roles bound
    to the controller service account. This behavior gives us the power to
    manage resources across multiple namespaces. However, this behavior can
    be problematic in the soft-multitenancy environment.
    
    This commit adds `serviceAccountName` to ApplicationSepc to reconcile
    Application with the given service account for reconciling Application
    with scoped permissions.
    
    Refs #3432
    Signed-off-by: default avatarSunghoon Kang <hoon@linecorp.com>
    
    * Refactor: extract context setter as method
    
    https://github.com/oam-dev/kubevela/pull/3434#discussion_r825561603
    
    Signed-off-by: default avatarSunghoon Kang <hoon@linecorp.com>
    
    * Feat: use annotation instead of spec
    
    https://github.com/oam-dev/kubevela/issues/3432#issuecomment-1066460269
    
    Signed-off-by: default avatarSunghoon Kang <hoon@linecorp.com>
    
    * Refactor: unify service account setter caller
    
    https://github.com/oam-dev/kubevela/pull/3434#discussion_r825853612
    
    Signed-off-by: default avatarSunghoon Kang <hoon@linecorp.com>
    
    * Refactor: rename GetServiceAccountName
    
    https://github.com/oam-dev/kubevela/pull/3434#discussion_r826514565
    
    Signed-off-by: default avatarSunghoon Kang <hoon@linecorp.com>
    1300a980

免费DevSecOps平台,让您的项目体验完整的DevSecOps流程,让项目更安全