I, [2018-08-21T13:31:46.507863 #1] INFO -- K8s::Transport: Using config with server=https://master.terom-pharos-dev.kontena.works:6443
I, [2018-08-21T13:31:46.806386 #1] INFO -- K8s::Transport<https://master.terom-pharos-dev.kontena.works:6443>: GET /version => HTTP 200: <K8s::API::Version> in 0.298s
I, [2018-08-21T13:31:46.806602 #1] INFO -- : Kube server version: v1.11.1
I, [2018-08-21T13:31:46.859414 #1] INFO -- K8s::Transport<https://master.terom-pharos-dev.kontena.works:6443>: GET /apis => HTTP 200: <K8s::API::MetaV1::APIGroupList> in 0.048s
I, [2018-08-21T13:31:47.009313 #1] INFO -- K8s::Transport<https://master.terom-pharos-dev.kontena.works:6443>: [GET /api/v1, GET /apis/apiregistration.k8s.io/v1, GET /apis/apiregistration.k8s.io/v1beta1, GET /apis/extensions/v1beta1, GET /apis/apps/v1, GET /apis/apps/v1beta2, GET /apis/apps/v1beta1, GET /apis/events.k8s.io/v1beta1, GET /apis/authentication.k8s.io/v1, GET /apis/authentication.k8s.io/v1beta1, GET /apis/authorization.k8s.io/v1, GET /apis/authorization.k8s.io/v1beta1, GET /apis/autoscaling/v1, GET /apis/autoscaling/v2beta1, GET /apis/batch/v1, GET /apis/batch/v1beta1, GET /apis/certificates.k8s.io/v1beta1, GET /apis/networking.k8s.io/v1, GET /apis/policy/v1beta1, GET /apis/rbac.authorization.k8s.io/v1, GET /apis/rbac.authorization.k8s.io/v1beta1, GET /apis/storage.k8s.io/v1, GET /apis/storage.k8s.io/v1beta1, GET /apis/admissionregistration.k8s.io/v1beta1, GET /apis/apiextensions.k8s.io/v1beta1, GET /apis/scheduling.k8s.io/v1beta1, GET /apis/pharos-test.k8s.io/v0, GET /apis/crd.projectcalico.org/v1, GET /apis/certmanager.k8s.io/v1alpha1, GET /apis/metrics.k8s.io/v1beta1] => HTTP [200, 200, 200, 200, 200, 200, 200, 200, 200, 200, 200, 200, 200, 200, 200, 200, 200, 200, 200, 200, 200, 200, 200, 200, 200, 200, 200, 200, 200, 200] in 0.129s
I, [2018-08-21T13:31:47.009471 #1] INFO -- : Apply stack test...
I, [2018-08-21T13:31:47.149323 #1] INFO -- K8s::Transport<https://master.terom-pharos-dev.kontena.works:6443>: [GET /apis/apiextensions.k8s.io/v1beta1/customresourcedefinitions/tests.pharos-test.k8s.io, GET /apis/pharos-test.k8s.io/v0/namespaces/default/tests/test] => HTTP [200, 200] in 0.138s
I, [2018-08-21T13:31:47.155711 #1] INFO -- K8s::Stack<test>: Keep resource apiextensions.k8s.io/v1beta1:CustomResourceDefinition/tests.pharos-test.k8s.io in namespace with checksum=dc117930cbb575475374f832f73ecb79
I, [2018-08-21T13:31:47.157476 #1] INFO -- K8s::Stack<test>: Keep resource pharos-test.k8s.io/v0:Test/test in namespace default with checksum=dc117930cbb575475374f832f73ecb79
W, [2018-08-21T13:31:47.469508 #1] WARN -- K8s::Transport<https://master.terom-pharos-dev.kontena.works:6443>: [GET /api/v1/componentstatuses, GET /api/v1/configmaps, GET /api/v1/endpoints, GET /api/v1/events, GET /api/v1/limitranges, GET /api/v1/namespaces, GET /api/v1/nodes, GET /api/v1/persistentvolumeclaims, GET /api/v1/persistentvolumes, GET /api/v1/pods, GET /api/v1/podtemplates, GET /api/v1/replicationcontrollers, GET /api/v1/resourcequotas, GET /api/v1/secrets, GET /api/v1/serviceaccounts, GET /api/v1/services, GET /apis/apiregistration.k8s.io/v1/apiservices, GET /apis/apiregistration.k8s.io/v1beta1/apiservices, GET /apis/extensions/v1beta1/daemonsets, GET /apis/extensions/v1beta1/deployments, GET /apis/extensions/v1beta1/ingresses, GET /apis/extensions/v1beta1/networkpolicies, GET /apis/extensions/v1beta1/podsecuritypolicies, GET /apis/extensions/v1beta1/replicasets, GET /apis/apps/v1/controllerrevisions, GET /apis/apps/v1/daemonsets, GET /apis/apps/v1/deployments, GET /apis/apps/v1/replicasets, GET /apis/apps/v1/statefulsets, GET /apis/apps/v1beta2/controllerrevisions, GET /apis/apps/v1beta2/daemonsets, GET /apis/apps/v1beta2/deployments, GET /apis/apps/v1beta2/replicasets, GET /apis/apps/v1beta2/statefulsets, GET /apis/apps/v1beta1/controllerrevisions, GET /apis/apps/v1beta1/deployments, GET /apis/apps/v1beta1/statefulsets, GET /apis/events.k8s.io/v1beta1/events, GET /apis/autoscaling/v1/horizontalpodautoscalers, GET /apis/autoscaling/v2beta1/horizontalpodautoscalers, GET /apis/batch/v1/jobs, GET /apis/batch/v1beta1/cronjobs, GET /apis/certificates.k8s.io/v1beta1/certificatesigningrequests, GET /apis/networking.k8s.io/v1/networkpolicies, GET /apis/policy/v1beta1/poddisruptionbudgets, GET /apis/policy/v1beta1/podsecuritypolicies, GET /apis/rbac.authorization.k8s.io/v1/clusterrolebindings, GET /apis/rbac.authorization.k8s.io/v1/clusterroles, GET /apis/rbac.authorization.k8s.io/v1/rolebindings, GET /apis/rbac.authorization.k8s.io/v1/roles, GET /apis/rbac.authorization.k8s.io/v1beta1/clusterrolebindings, GET /apis/rbac.authorization.k8s.io/v1beta1/clusterroles, GET /apis/rbac.authorization.k8s.io/v1beta1/rolebindings, GET /apis/rbac.authorization.k8s.io/v1beta1/roles, GET /apis/storage.k8s.io/v1/storageclasses, GET /apis/storage.k8s.io/v1beta1/storageclasses, GET /apis/storage.k8s.io/v1beta1/volumeattachments, GET /apis/admissionregistration.k8s.io/v1beta1/mutatingwebhookconfigurations, GET /apis/admissionregistration.k8s.io/v1beta1/validatingwebhookconfigurations, GET /apis/apiextensions.k8s.io/v1beta1/customresourcedefinitions, GET /apis/scheduling.k8s.io/v1beta1/priorityclasses, GET /apis/pharos-test.k8s.io/v0/tests, GET /apis/crd.projectcalico.org/v1/globalnetworksets, GET /apis/crd.projectcalico.org/v1/hostendpoints, GET /apis/crd.projectcalico.org/v1/ippools, GET /apis/crd.projectcalico.org/v1/networkpolicies, GET /apis/crd.projectcalico.org/v1/clusterinformations, GET /apis/crd.projectcalico.org/v1/felixconfigurations, GET /apis/crd.projectcalico.org/v1/globalnetworkpolicies, GET /apis/crd.projectcalico.org/v1/bgpconfigurations, GET /apis/crd.projectcalico.org/v1/bgppeers, GET /apis/certmanager.k8s.io/v1alpha1/clusterissuers, GET /apis/certmanager.k8s.io/v1alpha1/certificates, GET /apis/certmanager.k8s.io/v1alpha1/issuers, GET /apis/metrics.k8s.io/v1beta1/nodes, GET /apis/metrics.k8s.io/v1beta1/pods] => HTTP 403 Forbidden in 0.307s
bundler: failed to load command: bin/k8s-client (bin/k8s-client)
K8s::Error::Forbidden: GET /api/v1/componentstatuses => HTTP 403 Forbidden: componentstatuses is forbidden: User "system:serviceaccount:default:deploy-test" cannot list componentstatuses at the cluster scope
/app/lib/k8s/transport.rb:192:in `parse_response'
/app/lib/k8s/transport.rb:243:in `block in requests'
/app/lib/k8s/transport.rb:239:in `map'
/app/lib/k8s/transport.rb:239:in `requests'
/app/lib/k8s/transport.rb:284:in `gets'
/app/lib/k8s/resource_client.rb:50:in `list'
/app/lib/k8s/client.rb:109:in `list_resources'
/app/lib/k8s/stack.rb:120:in `prune'
/app/lib/k8s/stack.rb:107:in `apply'
bin/k8s-client:324:in `<top (required)>'