From 77f6a152f289a5f1a076713e5d4cdf27e68381c3 Mon Sep 17 00:00:00 2001
From: Brandon Dunne <brandondunne@hotmail.com>
Date: Tue, 10 Oct 2023 09:29:59 -0400
Subject: [PATCH] Add permissions for pods/logs to the manageiq-automation role

Fixes:
cannot get resource "pods/log" in API group "" in the namespace...
---
 .../api/v1alpha1/helpers/miq-components/rbac.go              | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/manageiq-operator/api/v1alpha1/helpers/miq-components/rbac.go b/manageiq-operator/api/v1alpha1/helpers/miq-components/rbac.go
index 8f1916f2..901ffc14 100644
--- a/manageiq-operator/api/v1alpha1/helpers/miq-components/rbac.go
+++ b/manageiq-operator/api/v1alpha1/helpers/miq-components/rbac.go
@@ -73,6 +73,11 @@ func AutomationRole(cr *miqv1alpha1.ManageIQ, scheme *runtime.Scheme) (*rbacv1.R
 				Resources: []string{"pods", "secrets"},
 				Verbs:     []string{"create", "delete", "get", "list", "patch", "update", "watch"},
 			},
+			rbacv1.PolicyRule{
+				APIGroups: []string{""},
+				Resources: []string{"pods/logs"},
+				Verbs:     []string{"get"},
+			},
 		}
 
 		return nil