The original check in ScanSA assumed the service account on the pod spec
was not blank. It can be blank and when it is kubernetes will default
to using the 'default' service account. This change extends the check
logic to also include that.
When checking permissions to (un)suspend cronjobs, a user will always be
considered as unauthorized, because of the wrong arguments order when
calling the `CanI` function.
For `CanI` definition, see:
2f72441bac/internal/client/client.go (L138)
```
func (a *APIClient) CanI(ns, gvr string, verbs []string) (auth bool, err error)
```
* Update CronJob version to v1 (from v1beta1, unavaliable from 1.25 onwards).
* Try both batch/v1beta1 (for legacy) and batch/v1
* Revert previous commit. Use c.GVR() to find the correct version. Make
cronjob (un)suspend version aware.
* Simply changes by dropping support for deprecated batch/v1beta1 version
add toggleSuspend action and remove separate suspend/unsuspend
Allow to toggleSuspend on one resource only and update text
fix showSuspendDialog
Co-authored-by: Ludovico Russo <ludovico.russo@redcarbon.ai>
Dan Ramich
Samuel Demirdjian
Fernand Galiana
SammyA
Aleksei Romanenko
Ludovico Russo
Steffen Krause