Possibility to run service-index without RBAC

[maximilian-mueller67]

Hi,
we deployed report portal within Kubernetes and since we cannot enable RBAC due to security reasons we disabled it (see below). It works - except that the two things:

1. Auto analysis not working - also the buttons Project Settings -> Auto Analysis -> remove/generate index are grayed out. It says that the analyzer service is not running, but it certainly is. See logs:
   2023/04/03 07:14:04 "GET http://OUR_RP_INSTANCE/composite/info HTTP/1.1" from IP - 200 3B in 6.891609ms time="2023-04-03T07:14:04Z" level=error msg="Unable to aggregate node information: unable to aggregate nodes info: services is forbidden: User \"system:serviceaccount:USER: default\" cannot list resource \"services\" in API group \"\" in the namespace \"NAMESPACE\""

2. On the login page where you normally see the versions of all services, nothing is shown.

This very much limits the functionality of rp if we cannot use the auto analyser.

Now the question is can we disable rbac without compromising functionality? I also thought maybe we could clone this repo and just hard code it so every service shows as healthy.

values.yaml that we have right now (removed also the service account):

## RBAC is required for service-index in order to collect status/info over all services
rbac:
  create: false

Help would be very much appreciated!
@HardNorth @avarabyeu

[bond-]

looks like reportportal needs to create a role and rolebinding for the service account in the helm chart

[avarabyeu]

As per my understanding RBAC is enabled in your cluster, but you are not allowed to create service account.
This particular service is responsible to aggregation of health check and version information that you see on your login page. Plus couple of basic redirects which could be important.
In your case i would consider contributing some NopAggregator implementation that does nothing (e.g. doesn't go to k8s api in order to get services statuses).
main.go:53