From a18f84c27b35169d8c6a28fd4dd39a051d1153c1 Mon Sep 17 00:00:00 2001
From: Brian Atkinson <brian@atkinson.mn>
Date: Mon, 25 Jan 2021 10:12:57 -0800
Subject: [PATCH] Add permissions for controller leader election.

The v0.8.0 version of the controller-runtime uses both config maps and
leases to perform leader election. These permissions seem to be in the
individual controller repos, but not here. For example
https://github.com/fluxcd/kustomize-controller/blob/2d38de8779b68bde3366489a0b7657488c747fdb/config/rbac/leader_election_role.yaml#L33-L44

Signed-off-by: Brian Atkinson <brian@atkinson.mn>
---
 manifests/rbac/role.yaml | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/manifests/rbac/role.yaml b/manifests/rbac/role.yaml
index 1c642f13..2b074552 100644
--- a/manifests/rbac/role.yaml
+++ b/manifests/rbac/role.yaml
@@ -28,6 +28,18 @@ rules:
   verbs:
   - create
   - patch
+- apiGroups:
+  - "coordination.k8s.io"
+  resources:
+  - leases
+  verbs:
+  - get
+  - list
+  - watch
+  - create
+  - update
+  - patch
+  - delete
 ---
 apiVersion: rbac.authorization.k8s.io/v1
 kind: RoleBinding
-- 
GitLab