Add proper OperatorConfig rbac permission so it can deploy a real external-secrets helm-chart based operator

slopezz · slopezz · commit ee344d8eddf6 · 2021-11-22T15:39:09.000+01:00
diff --git a/config/rbac/role.yaml b/config/rbac/role.yaml
@@ -80,4 +80,36 @@ rules:
   - update
   - watch
 
+##
+## Custom rules needed by real helm chart operator to manage all operator resources)
+##
+- apiGroups:
+  - apiextensions.k8s.io
+  resources:
+  - customresourcedefinitions
+  verbs:
+  - '*'
+- apiGroups:
+  - rbac.authorization.k8s.io
+  resources:
+  - clusterroles
+  - clusterrolebindings
+  - roles
+  - rolebindings
+  verbs:
+  - '*'
+- apiGroups:
+  - ""
+  resources:
+  - serviceaccounts
+  - services
+  verbs:
+  - '*'
+- apiGroups:
+  - apps
+  resources:
+  - deployments
+  verbs:
+  - '*'
+
 #+kubebuilder:scaffold:rules
