Merge pull request #41 from IBM/fix-roles

ashimagarg27 · web-flow · commit ba02637c25ff · 2024-07-04T19:43:54.000+05:30
add required roles
diff --git a/.secrets.baseline b/.secrets.baseline
@@ -3,7 +3,7 @@
     "files": "go.sum|^.secrets.baseline$",
     "lines": null
   },
-  "generated_at": "2024-06-27T06:33:16Z",
+  "generated_at": "2024-07-04T13:24:14Z",
   "plugins_used": [
     {
       "name": "AWSKeyDetector"
diff --git a/controllers/constants/constants.go b/controllers/constants/constants.go
@@ -27,6 +27,7 @@ const (
 	NodesResource                      = "nodes"
 	PersistentVolumesResource          = "persistentvolumes"
 	PersistentVolumeClaimsResource     = "persistentvolumeclaims"
+	ConfigMapResource                  = "configmaps"
 
 	VerbGet    = "get"
 	VerbList   = "list"
diff --git a/controllers/internal/crutils/static_resource_generator.go b/controllers/internal/crutils/static_resource_generator.go
@@ -185,10 +185,13 @@ func (c *IBMObjectCSI) GenerateSCCForNodeClusterRole() *rbacv1.ClusterRole {
 			},
 			{
 				APIGroups: []string{""},
-				Resources: []string{
-					constants.PersistentVolumesResource,
-					constants.SecretsResource},
-				Verbs: []string{constants.VerbGet},
+				Resources: []string{constants.PersistentVolumesResource, constants.SecretsResource},
+				Verbs:     []string{constants.VerbGet},
+			},
+			{
+				APIGroups: []string{""},
+				Resources: []string{constants.ConfigMapResource},
+				Verbs:     []string{constants.VerbGet, constants.VerbList},
 			},
 		},
 	}

Original file line number	Diff line number	Diff line change
`@@ -3,7 +3,7 @@`
`3`	`3`	`"files": "go.sum\|^.secrets.baseline$",`
`4`	`4`	`"lines": null`
`5`	`5`	`},`
`6`		`- "generated_at": "2024-06-27T06:33:16Z",`
	`6`	`+ "generated_at": "2024-07-04T13:24:14Z",`
`7`	`7`	`"plugins_used": [`
`8`	`8`	`{`
`9`	`9`	`"name": "AWSKeyDetector"`