Skip to content

Commit

Permalink
Fix RBAC to allow IonosCloudMachine Controller updating secrets
Browse files Browse the repository at this point in the history
  • Loading branch information
@jriedel-ionos
jriedel-ionos committed May 6, 2024
1 parent 1b58f35 commit 28e583f
Show file tree
Hide file tree
Showing 2 changed files with 10 additions and 1 deletion.
7 changes: 7 additions & 0 deletions config/rbac/role.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,7 @@ rules:
verbs:
- get
- list
- update
- watch
- apiGroups:
- authentication.k8s.io
Expand Down Expand Up @@ -105,3 +106,9 @@ rules:
- get
- patch
- update
- apiGroups:
- infrastructure.cluster.x-k8s.io
resources:
- secrets/finalizers
verbs:
- update
4 changes: 3 additions & 1 deletion internal/controller/ionoscloudmachine_controller.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -48,8 +48,10 @@ type IonosCloudMachineReconciler struct {
//+kubebuilder:rbac:groups=infrastructure.cluster.x-k8s.io,resources=ionoscloudmachines/status,verbs=get;update;patch
//+kubebuilder:rbac:groups=infrastructure.cluster.x-k8s.io,resources=ionoscloudmachines/finalizers,verbs=update

//+kubebuilder:rbac:groups=infrastructure.cluster.x-k8s.io,resources=secrets/finalizers,verbs=update

//+kubebuilder:rbac:groups=cluster.x-k8s.io,resources=machines;machines/status,verbs=get;list;watch
//+kubebuilder:rbac:groups="",resources=secrets;,verbs=get;list;watch
//+kubebuilder:rbac:groups="",resources=secrets;,verbs=get;list;watch;update
//+kubebuilder:rbac:groups="",resources=events,verbs=get;list;watch;create;update;patch

func (r *IonosCloudMachineReconciler) Reconcile(
Expand Down

0 comments on commit 28e583f

Please sign in to comment.