From e23a5df03b70f9ea8ed0f9ffa946676ebea6e8c4 Mon Sep 17 00:00:00 2001
From: Abhishek Dubey <abhishekbhardwaj510@gmail.com>
Date: Fri, 5 Nov 2021 19:08:22 +0530
Subject: [PATCH] [BugFix] Fixed redis exporter resource block and rbac
 policies (#168)

* Fixed redis exporter resource block
* Fixed manifest for role and rolebindings
---
 config/rbac/role.yaml         | 46 ++++++++++++++++++++++++++++++++---
 config/rbac/role_binding.yaml |  4 +--
 k8sutils/redis-cluster.go     |  5 +++-
 k8sutils/redis-standalone.go  |  5 +++-
 4 files changed, 52 insertions(+), 8 deletions(-)

diff --git a/config/rbac/role.yaml b/config/rbac/role.yaml
index 924a6e03..cc029bc5 100644
--- a/config/rbac/role.yaml
+++ b/config/rbac/role.yaml
@@ -3,14 +3,13 @@
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRole
 metadata:
-  creationTimestamp: null
-  name: manager-role-redis-operator
+  name: redis-operator
 rules:
 - apiGroups:
   - redis.redis.opstreelabs.in
   resources:
-  - redis
-  - rediscluster
+  - rediss
+  - redisclusters
   verbs:
   - create
   - delete
@@ -35,3 +34,42 @@ rules:
   - get
   - patch
   - update
+- apiGroups:
+  - ""
+  resources:
+  - secrets
+  - pods/exec
+  - services
+  - configmaps
+  verbs:
+  - create
+  - delete
+  - get
+  - list
+  - patch
+  - update
+  - watch
+- apiGroups:
+  - apps
+  resources:
+  - statefulsets
+  verbs:
+  - create
+  - delete
+  - get
+  - list
+  - patch
+  - update
+  - watch
+- apiGroups:
+  - "coordination.k8s.io"
+  resources:
+  - leases
+  verbs:
+  - create
+  - delete
+  - get
+  - list
+  - patch
+  - update
+  - watch
diff --git a/config/rbac/role_binding.yaml b/config/rbac/role_binding.yaml
index 93a0d825..1397f6df 100644
--- a/config/rbac/role_binding.yaml
+++ b/config/rbac/role_binding.yaml
@@ -1,11 +1,11 @@
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRoleBinding
 metadata:
-  name: manager-rolebinding-redis-operator
+  name: redis-operator
 roleRef:
   apiGroup: rbac.authorization.k8s.io
   kind: ClusterRole
-  name: cluster-admin
+  name: redis-operator
 subjects:
 - kind: ServiceAccount
   name: redis-operator
diff --git a/k8sutils/redis-cluster.go b/k8sutils/redis-cluster.go
index 6b14f5b2..87647aa7 100644
--- a/k8sutils/redis-cluster.go
+++ b/k8sutils/redis-cluster.go
@@ -62,7 +62,10 @@ func generateRedisClusterContainerParams(cr *redisv1beta1.RedisCluster) containe
 	if cr.Spec.RedisExporter != nil {
 		containerProp.RedisExporterImage = cr.Spec.RedisExporter.Image
 		containerProp.RedisExporterImagePullPolicy = cr.Spec.RedisExporter.ImagePullPolicy
-		containerProp.RedisExporterResources = cr.Spec.RedisExporter.Resources
+
+		if cr.Spec.RedisExporter.Resources != nil {
+			containerProp.RedisExporterResources = cr.Spec.RedisExporter.Resources
+		}
 
 		if cr.Spec.RedisExporter.EnvVars != nil {
 			containerProp.RedisExporterEnv = cr.Spec.RedisExporter.EnvVars
diff --git a/k8sutils/redis-standalone.go b/k8sutils/redis-standalone.go
index 8bf85b64..b9a4ccd2 100644
--- a/k8sutils/redis-standalone.go
+++ b/k8sutils/redis-standalone.go
@@ -96,7 +96,10 @@ func generateRedisStandaloneContainerParams(cr *redisv1beta1.Redis) containerPar
 	if cr.Spec.RedisExporter != nil {
 		containerProp.RedisExporterImage = cr.Spec.RedisExporter.Image
 		containerProp.RedisExporterImagePullPolicy = cr.Spec.RedisExporter.ImagePullPolicy
-		containerProp.RedisExporterResources = cr.Spec.RedisExporter.Resources
+
+		if cr.Spec.RedisExporter.Resources != nil {
+			containerProp.RedisExporterResources = cr.Spec.RedisExporter.Resources
+		}
 
 		if cr.Spec.RedisExporter.EnvVars != nil {
 			containerProp.RedisExporterEnv = cr.Spec.RedisExporter.EnvVars
-- 
GitLab