Mixed up Namespaces for service accounts
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
openstack-helm-infra |
New
|
Undecided
|
Unassigned |
Bug Description
In the helm-toolkit
openstack-
&
openstack-
there's a situation where the rolebinding may reference a serviceaccount in the wrong namespace.
The service account is created in the "Release" namespace.
https:/
but the ref is on a computed value based on the `allNamespace` set:
https:/
For instance: if you deploy the keystone chart in a "keystone" namespace,
then the glance chart in a "openstack" namespace, the stackanetes/