fixing rbac roles.

README.md

@@ -51,3 +51,9 @@ ko resolve -f config \
   | sed "s/default/${NAMESPACE}/" \
   | kubectl apply -n $NAMESPACE --filename -
 ```
+
+
+### TODO:
+
+- [ ] Get Deployments working when broker is the sink.
+- [ ] Work with owner ref graphs.

config/rbac.yaml

@@ -97,9 +97,6 @@ subjects:
   - kind: ServiceAccount
     name: n3wscott-graph
     namespace: default
-  - kind: ServiceAccount
-    name: n3wscott-graph
-    namespace: default
 
 ---
 
@@ -109,11 +106,29 @@ metadata:
   name: n3wscott-graph-resolver
 subjects:
   - kind: ServiceAccount
-    name: controller
-    namespace: n3wscott-graph
+    name: n3wscott-graph
+    namespace: default
 # An aggregated ClusterRole for all Addressable CRDs.
 # Ref: https://github.com/knative/eventing/blob/master/config/200-addressable-resolvers-clusterrole.yaml
 roleRef:
   apiGroup: rbac.authorization.k8s.io
   kind: ClusterRole
   name: addressable-resolver
+
+---
+
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: n3wscott-graph-source-observer
+subjects:
+  - kind: ServiceAccount
+    name: n3wscott-graph
+    namespace: default
+# An aggregated ClusterRole for all Source CRDs.
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: source-observer
+
+---

pkg/knative/extensions.go

@@ -42,6 +42,7 @@ func (c *Client) SourceCRDs() []apiextensions.CustomResourceDefinition {
 
 func crdsToGVR(crds []apiextensions.CustomResourceDefinition) []schema.GroupVersionResource {
 	gvrs := make([]schema.GroupVersionResource, 0)
+	log.Println("Source GVRs ----")
 	for _, crd := range crds {
 		for _, v := range crd.Spec.Versions {
 			if !v.Served {
@@ -54,6 +55,7 @@ func crdsToGVR(crds []apiextensions.CustomResourceDefinition) []schema.GroupVers
 				Resource: crd.Spec.Names.Plural,
 			}
 			gvrs = append(gvrs, gvr)
+			log.Printf(" %v", gvr)
 		}
 	}
 	return gvrs