Skip to content

Migrate IAM to unified PlatformAccess CRD#685

Open
JoseSzycho wants to merge 7 commits into
mainfrom
migrate-userdeactivation-to-platformaccess
Open

Migrate IAM to unified PlatformAccess CRD#685
JoseSzycho wants to merge 7 commits into
mainfrom
migrate-userdeactivation-to-platformaccess

Conversation

@JoseSzycho

Copy link
Copy Markdown
Contributor

Description

This PR simplifies the IAM access model by consolidating the legacy access-control CRDs (PlatformAccessApproval, PlatformAccessRejection, and UserDeactivation) into a single, unified PlatformAccess resource.

Key Changes

  • User Status Update: Replaced the legacy State and RegistrationApproval fields in UserStatus with a single PlatformAccess field (of type PlatformAccessState).
  • UserController Refactor: Updated the controller to reconcile User resources based strictly on their corresponding PlatformAccess object, dropping the old mappings.
  • Removed Auto-Approval: Stripped out the grantAccessApproval and createPlatformAccessApproval logic from both UserInvitationController and PlatformInvitationController. Invited users now run the fraud service in a separate repository, so automatic approvals are no longer needed here.
  • Cleanup: Removed all obsolete indexers, RBAC permissions, and unit tests associated with the deprecated CRDs in the controllers.

…consolidated PlatformAccess resource tracking in UserController
…er invitation controller

Now, all invited users needs to run the fraud evaluation to get approval
…a files

The migration is alrady complete. New controller logics breaks this test.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant