From afec5d6fadbc4472a463212cd5805ec26496111c Mon Sep 17 00:00:00 2001
From: Celene <celene@datadoghq.com>
Date: Fri, 3 May 2024 09:34:56 -0400
Subject: [PATCH] add limitranges and storageclasses rbacs to orch explorer
 feature

---
 .../feature/orchestratorexplorer/rbac.go      | 22 +++++++------------
 1 file changed, 8 insertions(+), 14 deletions(-)

diff --git a/controllers/datadogagent/feature/orchestratorexplorer/rbac.go b/controllers/datadogagent/feature/orchestratorexplorer/rbac.go
index f61cd8b20..de3117eb0 100644
--- a/controllers/datadogagent/feature/orchestratorexplorer/rbac.go
+++ b/controllers/datadogagent/feature/orchestratorexplorer/rbac.go
@@ -44,6 +44,10 @@ func getRBACPolicyRules(logger logr.Logger, crs []string) []rbacv1.PolicyRule {
 				rbac.PodsResource,
 				rbac.ServicesResource,
 				rbac.NodesResource,
+				rbac.PersistentVolumesResource,
+				rbac.PersistentVolumeClaimsResource,
+				rbac.ServiceAccountResource,
+				rbac.LimitRangesResource,
 			},
 		},
 		{
@@ -62,20 +66,6 @@ func getRBACPolicyRules(logger logr.Logger, crs []string) []rbacv1.PolicyRule {
 				rbac.CronjobsResource,
 			},
 		},
-
-		{
-			APIGroups: []string{rbac.CoreAPIGroup},
-			Resources: []string{
-				rbac.PersistentVolumesResource,
-				rbac.PersistentVolumeClaimsResource,
-			},
-		},
-		{
-			APIGroups: []string{rbac.CoreAPIGroup},
-			Resources: []string{
-				rbac.ServiceAccountResource,
-			},
-		},
 		{
 			APIGroups: []string{rbac.RbacAPIGroup},
 			Resources: []string{
@@ -101,6 +91,10 @@ func getRBACPolicyRules(logger logr.Logger, crs []string) []rbacv1.PolicyRule {
 			APIGroups: []string{rbac.AutoscalingAPIGroup},
 			Resources: []string{rbac.HorizontalPodAutoscalersRecource},
 		},
+		{
+			APIGroups: []string{rbac.StorageAPIGroup},
+			Resources: []string{rbac.StorageClassesResource},
+		},
 	}
 
 	groupResources := mapAPIGroupsResources(logger, crs)