From 97b0255c47fa7f3f4537948412d9ea49d94abd83 Mon Sep 17 00:00:00 2001 From: Jonathan Christison Date: Tue, 18 Jul 2023 18:42:32 +0100 Subject: [PATCH] Just re-use the OSH service account The pipeline clearup seems to work but taskrun clearup fails for some reason ``` All but 10 PipelineRuns(Completed) deleted in namespace "pct-security-tooling" Error: failed to delete TaskRun "osh-scan-scm-taskrun-test-pjtvw": taskruns.tekton.dev "osh-scan-scm-taskrun-test-pjtvw" is forbidden: User "system:serviceaccount:pct-security-tooling:osh" cannot delete resource "taskruns" in API group "tekton.dev" in the namespace "pct-security-tooling"; failed to delete TaskRun "osh-scan-scm-taskrun-test-9gx7z": taskruns.tekton.dev "osh-scan-scm-taskrun-test-9gx7z" is forbidden: User "system:serviceaccount:pct-security-tooling:osh" cannot delete resource "taskruns" in API group "tekton.dev" in the namespace "pct-security-tooling"; failed to delete TaskRun "osh-scan-scm-taskrun-test-g7vlh": taskruns.tekton.dev "osh-scan-scm-taskrun-test-g7vlh" is forbidden: User "system:serviceaccount:pct-security-tooling:osh" cannot delete resource "taskruns" in API group "tekton.dev" in the namespace "pct-security-tooling"; .... ``` --- k8s/stage/osh-client-tekton/tekton-cleanup-cronjob.yaml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/k8s/stage/osh-client-tekton/tekton-cleanup-cronjob.yaml b/k8s/stage/osh-client-tekton/tekton-cleanup-cronjob.yaml index 0b1833a..88f1c8a 100644 --- a/k8s/stage/osh-client-tekton/tekton-cleanup-cronjob.yaml +++ b/k8s/stage/osh-client-tekton/tekton-cleanup-cronjob.yaml @@ -10,6 +10,7 @@ spec: spec: template: spec: + serviceAccountName: osh containers: - name: tekton-cleanup image: quay.io/openshift-pipeline/openshift-pipelines-cli-tkn:1.11 @@ -17,5 +18,5 @@ spec: command: - /bin/sh - -c - - tkn pipelinerun delete --keep 10 && tkn taskrun delete --keep 20 - restartPolicy: OnFailure + - tkn pipelinerun delete --keep 10 -f && tkn taskrun delete --keep 20 -f + restartPolicy: Never