apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  labels:
    rbac.authorization.k8s.io/aggregate-to-admin: "true"
    rbac.authorization.k8s.io/aggregate-to-edit: "true"
    rbac.authorization.k8s.io/aggregate-to-view: "true"
  name: flux-view
rules:
- apiGroups:
  - source.toolkit.fluxcd.io
  resources:
  - buckets
  - gitrepositories
  - helmcharts
  - helmrepositories
  verbs:
  - get
  - list
  - watch
- apiGroups:
  - notification.toolkit.fluxcd.io
  resources:
  - alerts
  - providers
  - receivers
  verbs:
  - get
  - list
  - watch
- apiGroups:
  - kustomize.toolkit.fluxcd.io
  resources:
  - kustomizations
  verbs:
  - get
  - list
  - watch
- apiGroups:
  - helm.toolkit.fluxcd.io
  resources:
  - helmreleases
  verbs:
  - get
  - list
  - watch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  labels:
    rbac.authorization.k8s.io/aggregate-to-admin: "true"
    rbac.authorization.k8s.io/aggregate-to-edit: "true"
  name: flux-edit
rules:
- apiGroups:
  - source.toolkit.fluxcd.io
  resources:
  - buckets
  - gitrepositories
  - helmcharts
  - helmrepositories
  verbs:
  - create
  - delete
  - deletecollection
  - patch
  - update
- apiGroups:
  - notification.toolkit.fluxcd.io
  resources:
  - alerts
  - providers
  - receivers
  verbs:
  - create
  - delete
  - deletecollection
  - patch
  - update
- apiGroups:
  - kustomize.toolkit.fluxcd.io
  resources:
  - kustomizations
  verbs:
  - create
  - delete
  - deletecollection
  - patch
  - update
- apiGroups:
  - helm.toolkit.fluxcd.io
  resources:
  - helmreleases
  verbs:
  - create
  - delete
  - deletecollection
  - patch
  - update