fix(argo-rollouts): Update ClusterRole with new rules (#993)
Signed-off-by: Donovan Muller <donovan.muller@gmail.com>
This commit is contained in:
Donovan Muller
GitHub
parent
80eeb61a05
commit
12e25a37f9
2 changed files with 32 additions and 4 deletions
|
|
@ -2,7 +2,7 @@ apiVersion: v2
|
||||||
appVersion: "v1.1.0"
|
appVersion: "v1.1.0"
|
||||||
description: A Helm chart for Argo Rollouts
|
description: A Helm chart for Argo Rollouts
|
||||||
name: argo-rollouts
|
name: argo-rollouts
|
||||||
version: 2.4.0
|
version: 2.5.0
|
||||||
icon: https://argoproj.github.io/argo-rollouts/assets/logo.png
|
icon: https://argoproj.github.io/argo-rollouts/assets/logo.png
|
||||||
home: https://github.com/argoproj/argo-helm
|
home: https://github.com/argoproj/argo-helm
|
||||||
maintainers:
|
maintainers:
|
||||||
|
|
@ -11,4 +11,4 @@ maintainers:
|
||||||
- name: jessesuen
|
- name: jessesuen
|
||||||
annotations:
|
annotations:
|
||||||
artifacthub.io/changes: |
|
artifacthub.io/changes: |
|
||||||
- "[Added]: Support for extraContainers for controller deployment"
|
- "[Added]: Updated ClusterRole with new rules"
|
||||||
|
|
|
||||||
|
|
@ -56,6 +56,7 @@ rules:
|
||||||
- update
|
- update
|
||||||
- patch
|
- patch
|
||||||
- delete
|
- delete
|
||||||
|
# deployments and podtemplates read access needed for workload reference support
|
||||||
- apiGroups:
|
- apiGroups:
|
||||||
- ""
|
- ""
|
||||||
- apps
|
- apps
|
||||||
|
|
@ -67,6 +68,7 @@ rules:
|
||||||
- list
|
- list
|
||||||
- watch
|
- watch
|
||||||
# services patch needed to update selector of canary/stable/active/preview services
|
# services patch needed to update selector of canary/stable/active/preview services
|
||||||
|
# services create needed to create services for experiments
|
||||||
- apiGroups:
|
- apiGroups:
|
||||||
- ""
|
- ""
|
||||||
resources:
|
resources:
|
||||||
|
|
@ -76,8 +78,17 @@ rules:
|
||||||
- list
|
- list
|
||||||
- watch
|
- watch
|
||||||
- patch
|
- patch
|
||||||
|
- create
|
||||||
|
# leases create/get/update needed for leader election
|
||||||
|
- apiGroups:
|
||||||
|
- coordination.k8s.io
|
||||||
|
resources:
|
||||||
|
- leases
|
||||||
|
verbs:
|
||||||
|
- create
|
||||||
|
- get
|
||||||
|
- update
|
||||||
# secret read access to run analysis templates which reference secrets
|
# secret read access to run analysis templates which reference secrets
|
||||||
# configmap access to read notification-engine configuration
|
|
||||||
- apiGroups:
|
- apiGroups:
|
||||||
- ""
|
- ""
|
||||||
resources:
|
resources:
|
||||||
|
|
@ -136,7 +147,7 @@ rules:
|
||||||
- update
|
- update
|
||||||
- patch
|
- patch
|
||||||
- delete
|
- delete
|
||||||
# virtualservice access needed for using the Istio provider
|
# virtualservice/destinationrule access needed for using the Istio provider
|
||||||
- apiGroups:
|
- apiGroups:
|
||||||
- networking.istio.io
|
- networking.istio.io
|
||||||
resources:
|
resources:
|
||||||
|
|
@ -159,10 +170,13 @@ rules:
|
||||||
- get
|
- get
|
||||||
- update
|
- update
|
||||||
- patch
|
- patch
|
||||||
|
# ambassador access needed for Ambassador provider
|
||||||
- apiGroups:
|
- apiGroups:
|
||||||
- getambassador.io
|
- getambassador.io
|
||||||
|
- x.getambassador.io
|
||||||
resources:
|
resources:
|
||||||
- mappings
|
- mappings
|
||||||
|
- ambassadormappings
|
||||||
verbs:
|
verbs:
|
||||||
- create
|
- create
|
||||||
- watch
|
- watch
|
||||||
|
|
@ -170,4 +184,18 @@ rules:
|
||||||
- update
|
- update
|
||||||
- list
|
- list
|
||||||
- delete
|
- delete
|
||||||
|
# Endpoints and TargetGroupBindings needed for ALB target group verification
|
||||||
|
- apiGroups:
|
||||||
|
- ""
|
||||||
|
resources:
|
||||||
|
- endpoints
|
||||||
|
verbs:
|
||||||
|
- get
|
||||||
|
- apiGroups:
|
||||||
|
- elbv2.k8s.aws
|
||||||
|
resources:
|
||||||
|
- targetgroupbindings
|
||||||
|
verbs:
|
||||||
|
- list
|
||||||
|
- get
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue