Skip to content

Commit 463d4c0

Browse files
IlyesbdlalaIlyesbdlala
committed
#150 Added missing rbac permissions create and patch k8s events
Signed-off-by: Ilyes Ben Dlala <ilyes.bendlala@iteratec.com>
1 parent 979a7d2 commit 463d4c0

4 files changed

Lines changed: 20 additions & 0 deletions

File tree

operator/config/rbac/role.yaml

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -5,6 +5,13 @@ metadata:
55
creationTimestamp: null
66
name: manager-role
77
rules:
8+
- apiGroups:
9+
- ""
10+
resources:
11+
- events
12+
verbs:
13+
- create
14+
- patch
815
- apiGroups:
916
- batch
1017
resources:

operator/controllers/execution/scantype_controller.go

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -31,6 +31,9 @@ type ScanTypeReconciler struct {
3131
// +kubebuilder:rbac:groups="execution.securecodebox.io",resources=scheduledscans,verbs=get;list;watch;create;update;patch
3232
// +kubebuilder:rbac:groups="execution.securecodebox.io/status",resources=scheduledscans,verbs=get;update;patch
3333

34+
// Allows the ScanType Controller to create and patch Events
35+
// +kubebuilder:rbac:groups="",resources=events,verbs=create;patch
36+
3437
// Reconcile compares the Service object against the state of the cluster and updates both if needed
3538
func (r *ScanTypeReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error) {
3639
log := r.Log

operator/controllers/execution/scheduledscan_controller.go

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -42,6 +42,9 @@ type ScheduledScanReconciler struct {
4242
// +kubebuilder:rbac:groups=execution.securecodebox.io,resources=scans,verbs=get;list;create
4343
// +kubebuilder:rbac:groups=execution.securecodebox.io,resources=scans/status,verbs=get
4444

45+
// Allows the ScheduledScan Controller to create and patch Events
46+
// +kubebuilder:rbac:groups="",resources=events,verbs=create;patch
47+
4548
// Reconcile comapares the ScheduledScan Resource with the State of the Cluster and updates both accordingly
4649
func (r *ScheduledScanReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error) {
4750
log := r.Log.WithValues("scheduledscan", req.NamespacedName)

operator/templates/rbac/role.yaml

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -9,6 +9,13 @@ metadata:
99
creationTimestamp: null
1010
name: manager-role
1111
rules:
12+
- apiGroups:
13+
- ""
14+
resources:
15+
- events
16+
verbs:
17+
- create
18+
- patch
1219
- apiGroups:
1320
- batch
1421
resources:

0 commit comments

Comments
 (0)