-
Choerodon平台版本:0.15.0
-
运行环境:自主搭建
-
问题描述:
请尽量详细的描述您遇到的问题,以便我们能更快速的提供解决办法。
在使用gitlab打包的时候报错 system:serviceaccount:c7n-system:runner-sa
在此之前共执行了 N次打包操作都没有发现此问题,检查runner-sa 的时候发现有权限内容如下:
[root@k8s-master-01 ~]# kubectl get ClusterRole runner-cr -n c7n-system -o yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
labels:
choerodon.io/infra: gitlab-runner
choerodon.io/release: runner
name: runner-cr
resourceVersion: “58095232”
selfLink: /apis/rbac.authorization.k8s.io/v1/clusterroles/runner-cr
uid: c9a0c9c4-6009-11e9-a927-005056ba4973
rules:
- apiGroups:
- “”
resources: - persistentvolumes
verbs: - get
- list
- watch
- create
- delete
- “”
- apiGroups:
- “”
resources: - persistentvolumeclaims
verbs: - get
- list
- watch
- update
- “”
- apiGroups:
-
storage.k8s.io
resources: - storageclasses
verbs: - get
- list
- watch
-
storage.k8s.io
- apiGroups:
- “”
resources: - events
verbs: - watch
- create
- update
- patch
- “”
- apiGroups:
- “”
resources: - services
- endpoints
verbs: - get
- create
- list
- watch
- update
- “”
- apiGroups:
- extensions
resourceNames: - nfs-provisioner
resources: - podsecuritypolicies
verbs: - use
- extensions
重新创建多次依旧无法解决,请帮忙分析指点