Juju trust not working for K8s charm
Bug #1957619 reported by
Kenneth Koski
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| Canonical Juju |
Fix Released
|
Critical
|
Harry Pidcock | ||
Bug Description
When deployed with --trust, a charm isn't getting elevated permissions with Juju 2.9.22.
$ juju config istio-pilot | grep -A 5 trust:
trust:
default: false
description: Does this application have access to trusted credentials
source: user
type: bool
value: true
$ microk8s kubectl get roles/istio-
...
rules:
- apiGroups:
- ""
resources:
- pods
- services
verbs:
- get
- list
- patch
- apiGroups:
- ""
resources:
- pods/exec
verbs:
- create
Running `juju config istio-pilot trust=false; juju trust --scope=cluster istio-pilot` doesn't seem to have any effect.
| Changed in juju: | |
| milestone: | none → 2.9.24 |
| status: | New → Triaged |
| importance: | Undecided → Critical |
| Changed in juju: | |
| assignee: | nobody → Harry Pidcock (hpidcock) |
| Changed in juju: | |
| milestone: | 2.9.24 → 2.9.25 |
Revision history for this message
| Harry Pidcock (hpidcock) wrote | #1 |
| Changed in juju: | |
| status: | Triaged → Fix Committed |
| Changed in juju: | |
| status: | Fix Committed → Fix Released |
To post a comment you must log in.
I think this fixes a range of issues around PodSpec charms and trust because a few things were failing to apply.
https:/