Merge pull request #2078 from rajatchopra/gfd_in_sandbox_dp

new privileges for sandbox-device-plugin

Author: cdesiniotis

assets/state-sandbox-device-plugin/0200_role.yaml

@@ -12,3 +12,22 @@ rules:
   - use
   resourceNames:
   - privileged
+- apiGroups:
+  - ""
+  resources:
+  - pods
+  verbs:
+  - create
+  - get
+  - list
+  - watch
+  - delete
+- apiGroups:
+  - nfd.k8s-sigs.io
+  resources:
+  - nodefeatures
+  verbs:
+  - create
+  - get
+  - list
+  - watch

assets/state-sandbox-device-plugin/0500_daemonset.yaml

@@ -61,6 +61,17 @@ spec:
         - image: "FILLED BY THE OPERATOR"
           imagePullPolicy: IfNotPresent
           name: nvidia-sandbox-device-plugin-ctr
+          env:
+          - name: NODE_NAME
+            valueFrom:
+              fieldRef:
+                apiVersion: v1
+                fieldPath: spec.nodeName
+          - name: POD_NAMESPACE
+            valueFrom:
+              fieldRef:
+                apiVersion: v1
+                fieldPath: metadata.namespace
           securityContext:
             privileged: true
           volumeMounts: