add rbac to operator to create networkpolicies

This is needed since the operator pod needs to create the networkpolicy for the metrics endpoint.

Signed-off-by: Ronny Baturov <[email protected]>

Author: rbaturov

config/rbac/role.yaml

@@ -151,3 +151,13 @@ rules:
   - services
   verbs:
   - '*'
+- apiGroups:
+  - networking.k8s.io
+  resources:
+  - networkpolicies
+  verbs:
+  - create
+  - delete
+  - get
+  - list
+  - update

internal/controller/numaresourcesoperator_controller.go

@@ -97,6 +97,7 @@ type NUMAResourcesOperatorReconciler struct {
 
 // Namespace Scoped
 //+kubebuilder:rbac:groups="",resources=services,verbs=*,namespace="numaresources"
+//+kubebuilder:rbac:groups=networking.k8s.io,resources=networkpolicies,verbs=get;list;create;update;delete,namespace="numaresources"
 
 // Cluster Scoped
 //+kubebuilder:rbac:groups=topology.node.k8s.io,resources=noderesourcetopologies,verbs=get;list;create;update