From 8619686625fe6b46defa104d89644377f55ad91f Mon Sep 17 00:00:00 2001
From: Andy Feller <afeller@bandwidth.com>
Date: Wed, 1 Jul 2020 07:55:54 -0400
Subject: [PATCH] Align bot role with argocd-notifications project

In the recent #389 review, the role used by the bot added a policy allowing it
to broadly read secrets and configmaps, however this should align with the
changes in https://github.com/argoproj-labs/argocd-notifications/pull/95 where
limited access to the specific secret it needs should be granted.
---
 charts/argocd-notifications/templates/bots/slack/role.yaml | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/charts/argocd-notifications/templates/bots/slack/role.yaml b/charts/argocd-notifications/templates/bots/slack/role.yaml
index b509f6d4..9055b003 100644
--- a/charts/argocd-notifications/templates/bots/slack/role.yaml
+++ b/charts/argocd-notifications/templates/bots/slack/role.yaml
@@ -17,9 +17,10 @@ rules:
   - patch
 - apiGroups:
   - ""
+  resourceNames:
+  - argocd-notifications-secret
   resources:
   - secrets
-  - configmaps
   verbs:
   - get
   - list