Bug 2155768

Summary: Permissions to run tekton pipelines for non cluster roles or maybe with time bound tokens
Product: Container Native Virtualization (CNV) Reporter: Geetika Kapoor <gkapoor>
Component: InfrastructureAssignee: Karel Šimon <ksimon>
Status: CLOSED MIGRATED QA Contact: Geetika Kapoor <gkapoor>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 4.12.0CC: dholler
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2023-08-30 12:14:00 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Geetika Kapoor 2022-12-22 10:05:58 UTC 
Description of problem:

Currently only admins or sa with users with admin roles only can access pipelines.
We should think about providing this feature available to wider set of people or we should just limit it admin. This bug is to track such use cases and enhance feature to support these.Permissions to run tekton pipelines for non cluster roles  or maybe with time bound tokens

Version-Release number of selected component (if applicable):
4.12

How reproducible:
always

Steps to Reproduce:
1.
2.
3.

Actual results:


Expected results:


Additional info:
Comment 1 Karel Šimon 2023-03-21 11:09:14 UTC 
We are curently working on change where we will change cluster tasks to tasks. Eventhough we will deploy the tasks and pipelines to just a single namespace, tekton has a feature called cluster resolver https://tekton.dev/docs/pipelines/cluster-resolver/ which allows to admin to make tasks / pipelines available in another namespaces. I think we should make some note in our documentation, that if admin would like to make tasks/pipelines available in another namespace, admin has to create cluster resolver