Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Set up service account with appropriate permissions for new benchmarks #10

Merged
merged 1 commit into from
Aug 29, 2024
Merged

Set up service account with appropriate permissions for new benchmarks #10

merged 1 commit into from
Aug 29, 2024

Conversation

ridwanmsharif
Copy link
Collaborator

This change does the following:

  • Create the gmp-prombecnh service account during the setup because the core manifests expect them
  • Grant the service account approriate permissions for the core and gmp-system namespaces, and connect it to the appropriate k8s service accounts
  • Have the gmp-system namepsace service accounts impersonate the gmp-prombench service account
  • Sort the files in the kubectlExpandApply to make sure the resulting combined yaml is valid (previously was invalid sometimes because some files didn't have the --- delimiter at the start and end)
  • Use the gke.gcr.io/prometheus-engine/prometheus:v2.45.3-gmp.7-gke.0 image instead

@ridwanmsharif
Set up service account with appropriate permissions for new benchmarks
fe6ee21 
This change does the following:
- Create the gmp-prombecnh service account during the setup
  because the core manifests expect them
- Grant the service account approriate permissions for the `core` and
  `gmp-system` namespaces, and connect it to the appropriate k8s service
  accounts
- Have the `gmp-system` namepsace service accounts impersonate the `gmp-prombench` service
  account
- Sort the files in the `kubectlExpandApply` to make sure the resulting
  combined yaml is valid (previously was invalid sometimes because some
  files didn't have the `---` delimiter at the start and end)
- Use the gke.gcr.io/prometheus-engine/prometheus:v2.45.3-gmp.7-gke.0
  image instead
bwplotka
bwplotka approved these changes Aug 29, 2024
View reviewed changes
Copy link
Owner

@bwplotka bwplotka left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks! Somehow I didn't need any of this for my setup 🙈

But maybe something changed? If it helps you, let's go!

manifests/gmp-operator/2_operator.yaml
@@ -41,6 +41,8 @@ kind: ServiceAccount
metadata:
name: operator
namespace: gmp-system
annotations:
Copy link
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Technically I don't think operator requires SVC, does it? 🤔

@bwplotka bwplotka merged commit 7a792a6 into main Aug 29, 2024
1 check failed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@bwplotka bwplotka bwplotka approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@ridwanmsharif @bwplotka