Skip to content

update clusterrole.yaml #2762

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Oct 16, 2024
Merged

update clusterrole.yaml #2762

merged 2 commits into from
Oct 16, 2024

Conversation

@prasadkris
Copy link
Contributor

@prasadkris prasadkris commented Sep 16, 2024
edited by FxKu
Loading

I upgraded our cluster from v1.11.0 to v1.13.0 today (running on self-hosted K8s cluster) and encountered an issue where the upgrade failed to sync the clusters, showing the following error messages. It worked fine after I added the patch permission to the PVCs in the cluster role. I'm submitting a PR to get this merged.

time="2024-09-16T05:42:46Z" level=warning msg="error while syncing cluster state: could not sync persistent volume claims: could not patch annotations of the persistent volume claim for volume \"pgdata-fake-hunting-db-0\": persistentvolumeclaims \"pgdata-fake-hunting-db-0\" is forbidden: User \"system:serviceaccount:postgres-operator:postgres-operator\" cannot patch resource \"persistentvolumeclaims\" in API group \"\" in the namespace \"fake-hunting\"" cluster-name=fake-hunting/fake-hunting-db pkg=cluster
time="2024-09-16T05:42:47Z" level=error msg="could not sync cluster: could not sync persistent volume claims: could not patch annotations of the persistent volume claim for volume \"pgdata-fake-hunting-db-0\": persistentvolumeclaims \"pgdata-fake-hunting-db-0\" is forbidden: User \"system:serviceaccount:postgres-operator:postgres-operator\" cannot patch resource \"persistentvolumeclaims\" in API group \"\" in the namespace \"fake-hunting\"" cluster-name=fake-hunting/fake-hunting-db pkg=controller worker=3
time="2024-09-16T05:42:47Z" level=info msg="received add event for already existing Postgres cluster" cluster-name=fake-hunting/fake-hunting-db pkg=controller worker=3

fixes #2781

@FxKu FxKu added the minor label Sep 18, 2024
@FxKu
Copy link
Member

FxKu commented Sep 18, 2024

oh indeed an oversight by us. Thanks

@FxKu
Copy link
Member

FxKu commented Sep 18, 2024

👍

@FxKu FxKu added this to the 1.14.0 milestone Sep 18, 2024
@fm2022aa
Copy link

fm2022aa commented Oct 9, 2024

image already have

@FxKu FxKu added the bugfix label Oct 16, 2024
idanovinda
idanovinda reviewed Oct 16, 2024
View reviewed changes
FxKu
FxKu reviewed Oct 16, 2024
View reviewed changes
@idanovinda
Copy link
Member

idanovinda commented Oct 16, 2024

👍

1 similar comment
@FxKu
Copy link
Member

FxKu commented Oct 16, 2024

👍

@FxKu FxKu merged commit d21466d into zalando:master Oct 16, 2024
5 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@FxKu FxKu FxKu left review comments

@idanovinda idanovinda idanovinda left review comments

@sdudoladov sdudoladov Awaiting requested review from sdudoladov sdudoladov is a code owner

@Jan-M Jan-M Awaiting requested review from Jan-M Jan-M is a code owner

@jopadi jopadi Awaiting requested review from jopadi jopadi is a code owner

@hughcapet hughcapet Awaiting requested review from hughcapet hughcapet is a code owner

@macedigital macedigital Awaiting requested review from macedigital

Assignees

No one assigned

Labels

bugfix minor

Projects

None yet

Milestone

1.14.0

Development

Successfully merging this pull request may close these issues.

Postgres Operator Cluster Role v1.13 lacks "patch" privilege for PVCs

4 participants

@prasadkris @FxKu @fm2022aa @idanovinda