Solution RBC #34
Solution RBC #34
Conversation
There was a problem hiding this comment.
Thank you for your hard work on this pull request! 😊 While your implementation is mostly correct and meets many of the task requirements, there is a critical issue that needs to be addressed before we can approve it. The Role in your RBAC configuration currently only grants access to 'pods'. If the intention is to allow the service account to read secrets, you should include 'secrets' in the resources list. This is essential for the functionality of your solution. Please make this adjustment, and feel free to reach out if you need any assistance. Keep up the great work! 🚀
✨ Please rate this review in the Platform's notification center. I will be grateful for your feedback! ✨
🔄 Fix the issues, commit the changes, and then re-request my review using the Re-request review button in the Reviewers tab.
.infrastructure/security/rbac.yml
Outdated
| namespace: todoapp | ||
| rules: | ||
| - apiGroups: [""] | ||
| resources: ["pods"] |
There was a problem hiding this comment.
The current role only grants access to 'pods'. If the intention is to allow the service account to read secrets, you should include 'secrets' in the resources list. For example: resources: ["pods", "secrets"].
There was a problem hiding this comment.
Great job on configuring the deployment for the todoapp! 🎉 Your setup is mostly correct, with appropriate use of volumes, environment variables, and probes. However, ensure that the serviceAccountName (secrets-reader) has the necessary permissions to access the secrets and config maps, which is crucial for the application's functionality.
Your RBAC configuration is spot on, including both 'pods' and 'secrets' in the resources list for the secrets-reader role, and the RoleBinding is correctly set up. The bootstrap script is well-structured, but double-check that all referenced files exist and are correctly configured to avoid deployment issues.
Overall, your code meets the task requirements and constraints, and all necessary files are present and correctly configured. No further changes are needed. Keep up the good work and continue to refine your skills! 🚀
Remember, addressing any issues mentioned will help you improve and avoid similar problems in the future. Keep learning and growing! 🌟
✨ Please rate this review in the Platform's notification center. I will be grateful for your feedback! ✨
No description provided.