@creeram I have/had the same issue - the main.tf Terraform template in Coder is not using the given namespace. Anyway, if you're looking for a workaround you could add an additional extended ClusterRole plus a ClusterRoleBinding. I used the role "coder-workspace-perms" as input. apiVersion: rbac.authorization.k8s.io/v1kind: ClusterRolemetadata: annotations: field.cattle.io/description: Uwe's mod for Devcontainers (Kubernetes) Coder template error creationTimestamp: '2025-02-01T16:25:29Z' managedFields: - apiVersion: rbac.authorization.k8s.io/v1 fieldsType: FieldsV1 fieldsV1: f:metadata: f:annotations: .: {} f:field.cattle.io/description: {} f:rules: {} manager: agent operation: Update time: '2025-02-01T16:30:44Z' name: coder-persistentVolumeClaims resourceVersion: '1518326' uid: 170ceb5a-b0ac-4e1f-8b7c-7e95595e34b4rules: - apiGroups: - '' resources: - pods verbs: - create - delete - deletecollection - get - list - patch - update - watch - apiGroups: - '' resources: - persistentvolumeclaims verbs: - create - delete - deletecollection - get - list - patch - update - watch - apiGroups: - apps resources: - deployments verbs: - create - delete - deletecollection - get - list - patch - update - watch
apiVersion: rbac.authorization.k8s.io/v1kind: ClusterRoleBindingmetadata: creationTimestamp: '2025-02-01T16:28:33Z' managedFields: - apiVersion: rbac.authorization.k8s.io/v1 fieldsType: FieldsV1 fieldsV1: f:roleRef: {} f:subjects: {} manager: agent operation: Update time: '2025-02-01T16:28:33Z' name: coder-persistentVolumeClaims resourceVersion: '1517844' uid: 17279a4f-6fc2-406f-a6e7-6bbce5009e7aroleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: coder-persistentVolumeClaimssubjects: - kind: ServiceAccount name: coder namespace: coder
|