Commit Graph

11 Commits (f712dadab5e20bfb64b92f0b3a3db8efe3562368)

Author SHA1 Message Date
Aurel Canciu 69dce73e51
Allow namespaces readonly crd-controller rbac
Readonly access to namespaces is needed by the
image-reflector-controller to support the cross-namespace accessFrom
functionality introduced in image-reflector-controller#162.

Signed-off-by: Aurel Canciu <aurelcanciu@gmail.com>
Stefan Prodan 8f8c7cccc6
Add SA namespace to RBAC
Fix flux install when not all controllers have been selected

Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
Stefan Prodan 1b581d6f51
Add dedicated service accounts per controller
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
Brian Atkinson a18f84c27b Add permissions for controller leader election.
The v0.8.0 version of the controller-runtime uses both config maps and
leases to perform leader election. These permissions seem to be in the
individual controller repos, but not here. For example
2d38de8779/config/rbac/leader_election_role.yaml (L33-L44)

Signed-off-by: Brian Atkinson <brian@atkinson.mn>
Hidde Beydals 1ff24d9285 Add PATCH rule to crd-controller role for events
During high custom resource count / low interval tests, I was greated
with a `cannot patch resource "events"` message. This happened due to
event compaction, where it will perform a patch instead of a create.
By giving the role the permission to do so this should no longer pose
a problem.
Hidde Beydals 54b11e7b25 Update components
- source-controller to v0.0.7
- kustomize-controller to v0.0.7
- helm-controller to v0.0.1
- notification-controller to v0.0.6
stefanprodan 02521b6964 Add helm-controller to installer
stefanprodan e594350307 Add notification controller to tk components
stefanprodan 47c249e3be manifests: fix leader election rbac
stefanprodan b9a8100dbb manifests: add cluster reconciler RBAC and SA
stefanprodan 42d2ed51cb Add install manifests