Skip to content

Commit bb31a2a

Browse files
lukas-reininglukas-reining
committed
feat: fix pdb permissions
Signed-off-by: Lukas Reining <[email protected]>
1 parent 7249b7e commit bb31a2a

File tree

3 files changed

+14
-1
lines changed

3 files changed

+14
-1
lines changed

config/rbac/role.yaml

Lines changed: 12 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -98,6 +98,18 @@ rules:
9898
- patch
9999
- update
100100
- watch
101+
- apiGroups:
102+
- policy
103+
resources:
104+
- PodDisruptionBudget
105+
verbs:
106+
- create
107+
- delete
108+
- get
109+
- list
110+
- patch
111+
- update
112+
- watch
101113
- apiGroups:
102114
- rbac.authorization.k8s.io
103115
resourceNames:

controllers/core/flagd/controller.go

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -59,6 +59,7 @@ type IFlagdResourceReconciler interface {
5959
//+kubebuilder:rbac:groups=networking.k8s.io,resources=ingresses,verbs=get;list;watch;create;update;patch;delete
6060
//+kubebuilder:rbac:groups=gateway.networking.k8s.io,resources=httproutes,verbs=get;list;watch;create;update;patch;delete
6161
//+kubebuilder:rbac:groups=core,resources=services;services/finalizers,verbs=get;list;watch;create;update;patch;delete
62+
//+kubebuilder:rbac:groups=policy,resources=PodDisruptionBudget,verbs=get;list;watch;create;update;patch;delete
6263
//+kubebuilder:rbac:groups=apps,resources=deployments,verbs=get;list;watch;create;update;patch;delete
6364
//+kubebuilder:rbac:groups=core.openfeature.dev,resources=featureflagsources/finalizers,verbs=get
6465

docs/permissions.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -31,7 +31,7 @@ The `ConfigMap` permissions are needed to allow the mounting of `FeatureFlag` re
3131
| - | `Pod` | create, delete, get, list, patch, update, watch |
3232
| - | `ServiceAccount` | get, list, watch |
3333
| - | `Service` *(\*)* | create, delete, get, list, patch, update, watch |
34-
| `policy` | `PodDisruptionBudget` | create, list, update, watch |
34+
| `policy` | `PodDisruptionBudget` | create, delete, get, list, patch, update, watch |
3535
| `networking.k8s.io` | `Ingress` *(\*)* | create, delete, get, list, patch, update, watch |
3636
| `gateway.networking.k8s.io` | `HttpRoute` | create, delete, get, list, patch, update, watch |
3737
| `core.openfeature.dev` | `FeatureFlag` | create, delete, get, list, patch, update, watch |

0 commit comments

Comments
 (0)