search

xco-sk / eck-custom-resources

Kubernetes operator for Indices, Index Templates, Roles, Users and other Elasticsearch and Kibana related resources.
Apache License 2.0
36 stars 8 forks source link

Missing permissions in helm ClusterRole #33

Closed erdody closed 2 years ago

erdody commented 2 years ago

There are a few permissions missing in the helm chart ClusterRole template. These are the ones I found so far:

rules:
- apiGroups:
  - ""
  resources:
  - secrets
  verbs:
  - get
  - list
  - watch
- apiGroups:
  - kibana.eck.github.com
  resources:
  - lens
  verbs:
  - create
  - delete
  - get
  - list
  - patch
  - update
  - watch
- apiGroups:
  - kibana.eck.github.com
  resources:
  - lens/finalizers
  verbs:
  - update
- apiGroups:
  - kibana.eck.github.com
  resources:
  - lens/status
  verbs:
  - get
  - patch
  - update
- apiGroups:
  - kibana.eck.github.com
  resources:
  - spaces
  verbs:
  - create
  - delete
  - get
  - list
  - patch
  - update
  - watch
- apiGroups:
  - kibana.eck.github.com
  resources:
  - spaces/finalizers
  verbs:
  - update
- apiGroups:
  - kibana.eck.github.com
  resources:
  - spaces/status
  verbs:
  - get
  - patch
  - update
- apiGroups:
  - ""
  resources:
  - events
  verbs:
  - create
  - patch

plus all the ones associated with leader election (ConfigMap, etc.)

xco-sk commented 2 years ago

Hi @erdody, thanks for reporting! The roles were indeed missing in the helm chart. I've added them together with the rest of the rules required for a successful leader election. The fixed charts were published with version 0.3.2.