From c4ce7f8cf1b1bf8727c7473b7f12a94498706af4 Mon Sep 17 00:00:00 2001
From: Edvin Norling <edvin.norling@xenit.se>
Date: Tue, 30 Nov 2021 08:30:40 +0100
Subject: [PATCH] RBAC add possability to patch events

This way --scan-all don't have to add any custom clusterroles.
Solves #630
---
 config/rbac/role.yaml                     | 1 +
 controllers/grafana/grafana_controller.go | 2 +-
 deploy/manifests/latest/rbac.yaml         | 1 +
 3 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/config/rbac/role.yaml b/config/rbac/role.yaml
index dbeffe309..4a171d188 100644
--- a/config/rbac/role.yaml
+++ b/config/rbac/role.yaml
@@ -30,6 +30,7 @@ rules:
   - create
   - get
   - list
+  - patch
   - watch
 - apiGroups:
   - ""
diff --git a/controllers/grafana/grafana_controller.go b/controllers/grafana/grafana_controller.go
index 2b04cdcf2..b9a521fd6 100644
--- a/controllers/grafana/grafana_controller.go
+++ b/controllers/grafana/grafana_controller.go
@@ -37,7 +37,7 @@ var log = logf.Log.WithName(ControllerName)
 // +kubebuilder:rbac:groups=integreatly.org,resources=grafanas;grafanas/finalizers,verbs=get;list;watch;create;update;patch;delete
 // +kubebuilder:rbac:groups=integreatly.org,resources=grafanas/status,verbs=get;update;patch
 // +kubebuilder:rbac:groups=extensions;apps,resources=deployments;deployments/finalizers,verbs=get;list;watch;create;update;patch;delete
-// +kubebuilder:rbac:groups="",resources=events,verbs=get;list;watch;create
+// +kubebuilder:rbac:groups="",resources=events,verbs=get;list;watch;create;patch
 // +kubebuilder:rbac:groups="",resources=pods,verbs=get;list;watch
 // +kubebuilder:rbac:groups="",resources=configmaps;secrets;serviceaccounts;services;persistentvolumeclaims,verbs=get;list;watch;create;update;patch;delete
 // +kubebuilder:rbac:groups=route.openshift.io,resources=routes,verbs=get;list;watch;create;update;patch;delete
diff --git a/deploy/manifests/latest/rbac.yaml b/deploy/manifests/latest/rbac.yaml
index 54f1f9b06..b19e8c96c 100644
--- a/deploy/manifests/latest/rbac.yaml
+++ b/deploy/manifests/latest/rbac.yaml
@@ -71,6 +71,7 @@ rules:
   - create
   - get
   - list
+  - patch
   - watch
 - apiGroups:
   - ""