2155768 – Permissions to run tekton pipelines for non cluster roles or maybe with time bound tokens

This bug has been migrated to another issue tracking site. It has been closed here and may no longer be being monitored.

If you would like to get updates for this issue, or to participate in it, you may do so at Red Hat Issue Tracker .

Bug 2155768 - Permissions to run tekton pipelines for non cluster roles or maybe with time bound tokens

Summary: Permissions to run tekton pipelines for non cluster roles or maybe with time...

Keywords:
Status:	CLOSED MIGRATED
Alias:	None
Product:	Container Native Virtualization (CNV)
Classification:	Red Hat
Component:	Infrastructure
Sub Component:
Version:	4.12.0
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	unspecified
Target Milestone:	---
Target Release:	---
Assignee:	Karel Šimon
QA Contact:	Geetika Kapoor
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2022-12-22 10:05 UTC by Geetika Kapoor
Modified:	2023-09-24 16:31 UTC (History)
CC List:	1 user (show)
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:	2023-08-30 12:14:00 UTC
Target Upstream Version:
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Issue Tracker	CNV-23541	0	None	None	None	2023-08-30 12:13:59 UTC

Description Geetika Kapoor 2022-12-22 10:05:58 UTC

Description of problem:

Currently only admins or sa with users with admin roles only can access pipelines.
We should think about providing this feature available to wider set of people or we should just limit it admin. This bug is to track such use cases and enhance feature to support these.Permissions to run tekton pipelines for non cluster roles  or maybe with time bound tokens

Version-Release number of selected component (if applicable):
4.12

How reproducible:
always

Steps to Reproduce:
1.
2.
3.

Actual results:


Expected results:


Additional info:

Comment 1 Karel Šimon 2023-03-21 11:09:14 UTC

We are curently working on change where we will change cluster tasks to tasks. Eventhough we will deploy the tasks and pipelines to just a single namespace, tekton has a feature called cluster resolver https://tekton.dev/docs/pipelines/cluster-resolver/ which allows to admin to make tasks / pipelines available in another namespaces. I think we should make some note in our documentation, that if admin would like to make tasks/pipelines available in another namespace, admin has to create cluster resolver

Note You need to log in before you can comment on or make changes to this bug.