How do I add roles to a k8s operator?

Hi
I want to get the IP of the load balancer from the charm operator, and to do that I need a role that alows that controller that action.
I can see that a Role is being created to list, get and create pods.
There is a way to define more roles within the charm?
thanks in advance

In your YAML file, you can configure the service account created for the operator pod.

eg

serviceAccount:
  automountServiceAccountToken: true
  roles:
    - global: false
      rules:
        - apiGroups: [""]
          resources: ["pods"]
          verbs: ["get", "watch", "list"]

I suppose that the YAML you are talking about is the one that it is pass to the set_spec like in this example
https://github.com/DomFleischmann/kubernetes-dashboard-operator/blob/main/charms/dashboard-metrics-scraper/src/charm.py
I tried that without setting the version, and I get an error that says that serviceAccount should be a string and not a map. And setting it with version: 3 reports that the version is no compatible.
I’m using juju 2.7, maybe that feature was introduced in juju 2.8?

Yes, you need to be running Juju 2.8 to use this feature.

1 Like