diff --git a/charts/opentelemetry-operator/templates/clusterrole.yaml b/charts/opentelemetry-operator/templates/clusterrole.yaml index 6369ecb5b..837ba01f5 100644 --- a/charts/opentelemetry-operator/templates/clusterrole.yaml +++ b/charts/opentelemetry-operator/templates/clusterrole.yaml @@ -7,241 +7,202 @@ metadata: app.kubernetes.io/component: controller-manager name: {{ template "opentelemetry-operator.fullname" . }}-manager rules: - - apiGroups: - - "" - resources: - - configmaps - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - "" - resources: - - events - verbs: - - create - - patch - - apiGroups: - - "" - resources: - - namespaces - verbs: - - list - - watch - - apiGroups: - - "" - resources: - - serviceaccounts - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - "" - resources: - - services - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - apps - resources: - - daemonsets - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - apps - resources: - - deployments - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - apps - resources: - - replicasets - verbs: - - get - - list - - watch - - apiGroups: - - apps - resources: - - statefulsets - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - autoscaling - resources: - - horizontalpodautoscalers - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - coordination.k8s.io - resources: - - leases - verbs: - - create - - get - - list - - update - - apiGroups: - - monitoring.coreos.com - resources: - - servicemonitors - - podmonitors - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - networking.k8s.io - resources: - - ingresses - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - opentelemetry.io - resources: - - instrumentations - verbs: - - get - - list - - patch - - update - - watch - - apiGroups: - - opentelemetry.io - resources: - - opentelemetrycollectors - verbs: - - get - - list - - patch - - update - - watch - - apiGroups: - - opentelemetry.io - resources: - - opentelemetrycollectors/finalizers - verbs: - - get - - patch - - update - - apiGroups: - - opentelemetry.io - resources: - - opentelemetrycollectors/status - verbs: - - get - - patch - - update - - apiGroups: - - opentelemetry.io - resources: - - opampbridges - verbs: - - get - - list - - patch - - update - - watch - - apiGroups: - - opentelemetry.io - resources: - - opampbridges/finalizers - verbs: - - get - - patch - - update - - apiGroups: - - opentelemetry.io - resources: - - opampbridges/status - verbs: - - get - - patch - - update - - apiGroups: - - route.openshift.io - resources: - - routes - - routes/custom-host - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - discovery.k8s.io - resources: - - endpointslices - verbs: - - get - - list - - watch - - apiGroups: - - policy - resources: - - poddisruptionbudgets - verbs: - - create - - delete - - get - - list - - patch - - update - - watch +rules: +- apiGroups: + - "" + resources: + - configmaps + - persistentvolumeclaims + - persistentvolumes + - pods + - serviceaccounts + - services + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - events + verbs: + - create + - patch +- apiGroups: + - "" + resources: + - namespaces + verbs: + - list + - watch +- apiGroups: + - apps + resources: + - daemonsets + - deployments + - statefulsets + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - apps + resources: + - replicasets + verbs: + - get + - list + - watch +- apiGroups: + - autoscaling + resources: + - horizontalpodautoscalers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - config.openshift.io + resources: + - infrastructures + - infrastructures/status + verbs: + - get + - list + - watch +- apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - create + - get + - list + - update +- apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - networking.k8s.io + resources: + - ingresses + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - opentelemetry.io + resources: + - instrumentations + verbs: + - get + - list + - patch + - update + - watch +- apiGroups: + - opentelemetry.io + resources: + - opampbridges + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - opentelemetry.io + resources: + - opampbridges/finalizers + verbs: + - update +- apiGroups: + - opentelemetry.io + resources: + - opampbridges/status + verbs: + - get + - patch + - update +- apiGroups: + - opentelemetry.io + resources: + - opentelemetrycollectors + verbs: + - get + - list + - patch + - update + - watch +- apiGroups: + - opentelemetry.io + resources: + - opentelemetrycollectors/finalizers + verbs: + - get + - patch + - update +- apiGroups: + - opentelemetry.io + resources: + - opentelemetrycollectors/status + verbs: + - get + - patch + - update +- apiGroups: + - policy + resources: + - poddisruptionbudgets + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - route.openshift.io + resources: + - routes + - routes/custom-host + verbs: + - create + - delete + - get + - list + - patch + - update + - watch {{ if .Values.kubeRBACProxy.enabled }} ---