From fb87e344db343c13071a54abc317fa2e1a9bac5a Mon Sep 17 00:00:00 2001 From: orenlevi111 <121795464+orenlevi111@users.noreply.github.com> Date: Fri, 26 Jan 2024 01:08:50 +0200 Subject: [PATCH] add RBAC fix to namespaces - get, watch, list to each gateway-*route (#4205) * add RBAC fix to namespaces - get, watch, list to each gateway-*route * fix conflicts * resolve conflicts * Apply suggestions from code review Co-authored-by: Steve Hipwell --------- Co-authored-by: Steve Hipwell --- charts/external-dns/CHANGELOG.md | 2 ++ charts/external-dns/templates/clusterrole.yaml | 8 +++----- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/charts/external-dns/CHANGELOG.md b/charts/external-dns/CHANGELOG.md index d4e3a5fc3..2a92c9d66 100644 --- a/charts/external-dns/CHANGELOG.md +++ b/charts/external-dns/CHANGELOG.md @@ -20,6 +20,8 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 ### Fixed +- Fixed support for gateway-grpcroute, gateway-tlsroute, gateway-tcproute, gateway-udproute + https://github.com/kubernetes-sigs/external-dns/issues/3845 - Fix args for webhook deployment. ([#4202](https://github.com/kubernetes-sigs/external-dns/pull/4202)) ## [v1.14.2] - 2024-01-22 diff --git a/charts/external-dns/templates/clusterrole.yaml b/charts/external-dns/templates/clusterrole.yaml index 7514beef7..44f72bd2a 100644 --- a/charts/external-dns/templates/clusterrole.yaml +++ b/charts/external-dns/templates/clusterrole.yaml @@ -59,17 +59,15 @@ rules: - apiGroups: ["gateway.networking.k8s.io"] resources: ["gateways"] verbs: ["get","watch","list"] + - apiGroups: [""] + resources: ["namespaces"] + verbs: ["get","watch","list"] {{- end }} {{- if has "gateway-httproute" .Values.sources }} - apiGroups: ["gateway.networking.k8s.io"] resources: ["httproutes"] verbs: ["get","watch","list"] {{- end }} -{{- if has "gateway-httproute" .Values.sources }} - - apiGroups: [""] - resources: ["namespaces"] - verbs: ["get","watch","list"] -{{- end }} {{- if has "gateway-grpcroute" .Values.sources }} - apiGroups: ["gateway.networking.k8s.io"] resources: ["grpcroutes"]