From 947d027db7394204040d60ad5ebf032999352061 Mon Sep 17 00:00:00 2001
From: OZGCloud <ozgcloud@mgm-tp.com>
Date: Wed, 20 Dec 2023 15:14:07 +0100
Subject: [PATCH] OZG-4453 fix serviceaccount permissions
---
...loud_elasticsearch_operator_edit_role.yaml | 13 ++----------
...loud_elasticsearch_operator_view_role.yaml | 8 ++-----
...elasticsearch_operator_edit_role_test.yaml | 21 ++++---------------
...elasticsearch_operator_view_role_test.yaml | 14 ++-----------
4 files changed, 10 insertions(+), 46 deletions(-)
diff --git a/ozgcloud-elasticsearch-operator/src/main/helm/templates/rbac/ozgcloud_elasticsearch_operator_edit_role.yaml b/ozgcloud-elasticsearch-operator/src/main/helm/templates/rbac/ozgcloud_elasticsearch_operator_edit_role.yaml
index 41230693..6d1374db 100644
--- a/ozgcloud-elasticsearch-operator/src/main/helm/templates/rbac/ozgcloud_elasticsearch_operator_edit_role.yaml
+++ b/ozgcloud-elasticsearch-operator/src/main/helm/templates/rbac/ozgcloud_elasticsearch_operator_edit_role.yaml
@@ -11,17 +11,8 @@ rules:
- operator.ozgcloud.de
resources:
- ozgcloudelasticsearchs
+ - ozgcloudelasticsearchs/status
+ - ozgcloudelasticsearchs/finalizers
verbs:
- - create
- - delete
- - get
- - list
- patch
- update
- - watch
-- apiGroups:
- - operator.ozgcloud.de
- resources:
- - ozgcloudelasticsearchs/status
- verbs:
- - get
\ No newline at end of file
diff --git a/ozgcloud-elasticsearch-operator/src/main/helm/templates/rbac/ozgcloud_elasticsearch_operator_view_role.yaml b/ozgcloud-elasticsearch-operator/src/main/helm/templates/rbac/ozgcloud_elasticsearch_operator_view_role.yaml
index 727f5311..7ef9bb0e 100644
--- a/ozgcloud-elasticsearch-operator/src/main/helm/templates/rbac/ozgcloud_elasticsearch_operator_view_role.yaml
+++ b/ozgcloud-elasticsearch-operator/src/main/helm/templates/rbac/ozgcloud_elasticsearch_operator_view_role.yaml
@@ -11,13 +11,9 @@ rules:
- operator.ozgcloud.de
resources:
- ozgcloudelasticsearchs
+ - ozgcloudelasticsearchs/status
+ - ozgcloudelasticsearchs/finalizers
verbs:
- get
- list
- watch
-- apiGroups:
- - operator.ozgcloud.de
- resources:
- - ozgcloudelasticsearchs/status
- verbs:
- - get
\ No newline at end of file
diff --git a/ozgcloud-elasticsearch-operator/src/test/helm/rbac/ozgcloud_elasticsearch_operator_edit_role_test.yaml b/ozgcloud-elasticsearch-operator/src/test/helm/rbac/ozgcloud_elasticsearch_operator_edit_role_test.yaml
index e112b67d..078cf0a0 100644
--- a/ozgcloud-elasticsearch-operator/src/test/helm/rbac/ozgcloud_elasticsearch_operator_edit_role_test.yaml
+++ b/ozgcloud-elasticsearch-operator/src/test/helm/rbac/ozgcloud_elasticsearch_operator_edit_role_test.yaml
@@ -44,23 +44,10 @@ tests:
- operator.ozgcloud.de
resources:
- ozgcloudelasticsearchs
+ - ozgcloudelasticsearchs/status
+ - ozgcloudelasticsearchs/finalizers
verbs:
- - create
- - delete
- - get
- - list
- patch
- update
- - watch
-
- - it: should have rules for ozgcloudelasticsearchs/status resource
- asserts:
- - contains:
- path: rules
- content:
- apiGroups:
- - operator.ozgcloud.de
- resources:
- - ozgcloudelasticsearchs/status
- verbs:
- - get
\ No newline at end of file
+
+
\ No newline at end of file
diff --git a/ozgcloud-elasticsearch-operator/src/test/helm/rbac/ozgcloud_elasticsearch_operator_view_role_test.yaml b/ozgcloud-elasticsearch-operator/src/test/helm/rbac/ozgcloud_elasticsearch_operator_view_role_test.yaml
index 6d5db16f..587ac1c2 100644
--- a/ozgcloud-elasticsearch-operator/src/test/helm/rbac/ozgcloud_elasticsearch_operator_view_role_test.yaml
+++ b/ozgcloud-elasticsearch-operator/src/test/helm/rbac/ozgcloud_elasticsearch_operator_view_role_test.yaml
@@ -44,19 +44,9 @@ tests:
- operator.ozgcloud.de
resources:
- ozgcloudelasticsearchs
+ - ozgcloudelasticsearchs/status
+ - ozgcloudelasticsearchs/finalizers
verbs:
- get
- list
- watch
-
- - it: should have rules for ozgcloudelasticsearchs/status resource
- asserts:
- - contains:
- path: rules
- content:
- apiGroups:
- - operator.ozgcloud.de
- resources:
- - ozgcloudelasticsearchs/status
- verbs:
- - get
\ No newline at end of file
--
GitLab