Skip to content

fix: Update api group naming to retina.sh #1961

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
kamilprz wants to merge 2 commits into
base: main
Choose a base branch
from
Open

fix: Update api group naming to retina.sh #1961

kamilprz wants to merge 2 commits into from
+8 −8

Conversation

@kamilprz
Copy link
Contributor

@kamilprz kamilprz commented Dec 4, 2025
edited
Loading

Description

There was still mentions of retina.io within the cluster role files for agent and operator. This PR updates those to retina.sh.

Related Issue

#1936

Checklist

  • I have read the contributing documentation.
  • I signed and signed-off the commits (git commit -S -s ...). See this documentation on signing commits.
  • I have correctly attributed the author(s) of the code.
  • I have tested the changes locally.
  • I have followed the project's style guidelines.
  • I have updated the documentation, if necessary.
  • I have added tests, if applicable.

Screenshots (if applicable) or Testing Completed

Applying changes to helm chart shows that cluster role is now retina.sh

>make helm-install-hubble
helm upgrade --install retina ./deploy/hubble/manifests/controller/helm/retina/ \
        --namespace kube-system \
        --set os.windows=true \
        --set operator.enabled=true \
        --set operator.repository=ghcr.io/kamilprz/retina/retina-operator \
        --set operator.tag=v0.0.33-dev-rc1 \
        --set agent.enabled=true \
        --set agent.repository=ghcr.io/kamilprz/retina/retina-agent \
        --set agent.tag=v0.0.33-dev-rc1 \
        --set agent.init.enabled=true \
        --set agent.init.repository=ghcr.io/kamilprz/retina/retina-init \
        --set agent.init.tag=v0.0.33-dev-rc1 \
        --set logLevel=info \
        --set hubble.tls.enabled=true \
        --set hubble.relay.tls.server.enabled=true \
        --set hubble.tls.auto.enabled=true \
        --set hubble.tls.auto.method=cronJob \
        --set hubble.tls.auto.certValidityDuration=1 \
        --set hubble.tls.auto.schedule="*/10 * * * *"
WARNING: Kubernetes configuration file is group-readable. This is insecure. Location: /mnt/c/Users/kamilp/.kube/config
WARNING: Kubernetes configuration file is world-readable. This is insecure. Location: /mnt/c/Users/kamilp/.kube/config
Release "retina" has been upgraded. Happy Helming!
NAME: retina
LAST DEPLOYED: Mon Dec  8 13:35:46 2025
NAMESPACE: kube-system
STATUS: deployed
REVISION: 2
TEST SUITE: None
>
>
>
>kubectl get clusterrole retina-cluster-reader -o yaml | grep "retina."
  name: retina-cluster-reader
  - retina.sh
  - retinaendpoints
  - retina.sh
  - retinaendpoints
  - retina.sh
  - retina.sh
  - retinaendpoints/finalizers
  - retina.sh
  - retinaendpoints/status
>
>
>
>kubectl get clusterrole retina-operator-role -o yaml | grep "retina."
  name: retina-operator-role
  - retina.sh
  - retina.sh
  - retina.sh
~/src/retina kamilp/helm-roles
>

Listing captures

>kubectl get captures.retina.sh -A
NAMESPACE   NAME            AGE
default     test-capture    122m
default     test-capture2   117m

With retina.io apigroup

>kubectl auth can-i list captures.retina.sh --as=system:serviceaccount:kube-system:retina-operator -A
no

With retina.sh apigroup

>kubectl auth can-i list captures.retina.sh --as=system:serviceaccount:kube-system:retina-operator -A
yes

The retina agent will still return no, as it doesn't have the captures resources defined in its clusterrole.

@kamilprz kamilprz requested a review from a team as a code owner December 4, 2025 14:05
@kamilprz kamilprz linked an issue Dec 5, 2025 that may be closed by this pull request
Helm-deployed agent crashing on launch: Helm-deployed ClusterRoles for operator, agent etc still use retina.io instead of retina.sh #1936
Open
@kamilprz kamilprz changed the title fix: Update cluster roles fix: Update api group naming to retina.sh Dec 8, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@anubhabMajumdar anubhabMajumdar Awaiting requested review from anubhabMajumdar anubhabMajumdar is a code owner automatically assigned from microsoft/retina

@snguyen64 snguyen64 Awaiting requested review from snguyen64 snguyen64 is a code owner automatically assigned from microsoft/retina

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Helm-deployed agent crashing on launch: Helm-deployed ClusterRoles for operator, agent etc still use retina.io instead of retina.sh

1 participant

@kamilprz