Task: Make Project Workspace Operator fit for ManagedControlPlaneV2 #290
Description
Understand the Task
Description
The Project Workspace Provider (PWO) has no hard dependency to Managed Control Planes.
However the PWO has hard coded RBAC Rules that are being created for Projects and Workspaces that only contain the ManagedControlPlane V1.
Adding the ManagedControlPlaneV2 resource to the list of resources that users are allowed to create within their workspaces is unfortunately not enough, as users also need to create the service resources (e.g. Landscaper) themselves in v2. This means that the resources for which users need permissions actually depend on the deployed service providers.
In theory, we have a possibility to figure out the available service resources: service providers are expected to expose their service resource types via the status of their ServiceProvider resource.
In practice, this is neither documented, nor implemented at the moment (see #314). As a workaround, we could add the currently available service resources in a hard-coded fashion or via some kind of configuration.
Any further valuable resources.
No response
What is required to accept the Task as done.
Done Criteria
- Add
ManagedControlPlaneV2and service resources (either configured/hard-coded or via discovery) to user permissions. - Make PWO behave like a PlatformService for v2 shippability.
- Ensure PWO still works as before to not break v1 landscapes.
- Demonstrate in review.