From 6ff735c891e40328bba0524f4b8b240d3e85a6c9 Mon Sep 17 00:00:00 2001
From: Tyler Gillson <tyler.gillson@gmail.com>
Date: Mon, 28 Aug 2023 13:56:44 -0600
Subject: [PATCH] fix: update RBAC in helm templates

---
 chart/valid8or/templates/manager-rbac.yaml | 48 +++++++++++++++-------
 chart/valid8or/values.yaml                 |  2 +-
 config/manager/manager.yaml                |  2 +-
 3 files changed, 35 insertions(+), 17 deletions(-)

diff --git a/chart/valid8or/templates/manager-rbac.yaml b/chart/valid8or/templates/manager-rbac.yaml
index 913cc99f..8ce7c6ac 100644
--- a/chart/valid8or/templates/manager-rbac.yaml
+++ b/chart/valid8or/templates/manager-rbac.yaml
@@ -8,7 +8,7 @@ rules:
 - apiGroups:
   - validation.spectrocloud.labs
   resources:
-  - valid8orconfigs
+  - '*'
   verbs:
   - create
   - delete
@@ -18,23 +18,24 @@ rules:
   - update
   - watch
 - apiGroups:
-  - validation.spectrocloud.labs
+  - ""
   resources:
-  - valid8orconfigs/finalizers
-  verbs:
-  - update
-- apiGroups:
-  - validation.spectrocloud.labs
-  resources:
-  - valid8orconfigs/status
+  - namespaces
+  - secrets
+  - serviceaccounts
+  - services
   verbs:
+  - create
+  - delete
   - get
+  - list
   - patch
   - update
+  - watch
 - apiGroups:
-  - validation.spectrocloud.labs
+  - apiextensions.k8s.io
   resources:
-  - validationresults
+  - customresourcedefinitions
   verbs:
   - create
   - delete
@@ -44,19 +45,36 @@ rules:
   - update
   - watch
 - apiGroups:
-  - validation.spectrocloud.labs
+  - rbac.authorization.k8s.io
   resources:
-  - validationresults/finalizers
+  - clusterroles
+  - clusterrolebindings
+  - roles
+  - rolebindings
   verbs:
+  - create
+  - delete
+  - get
+  - list
+  - patch
   - update
+  - watch
 - apiGroups:
-  - validation.spectrocloud.labs
+  - apps
   resources:
-  - validationresults/status
+  - deployments
   verbs:
+  - create
+  - delete
   - get
+  - list
   - patch
   - update
+  - watch
+- nonResourceURLs:
+  - /metrics
+  verbs:
+  - get
 ---
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRoleBinding
diff --git a/chart/valid8or/values.yaml b/chart/valid8or/values.yaml
index 363260d7..4ee39386 100644
--- a/chart/valid8or/values.yaml
+++ b/chart/valid8or/values.yaml
@@ -95,7 +95,7 @@ plugins:
         resources:
           limits:
             cpu: 500m
-            memory: 128Mi
+            memory: 512Mi
           requests:
             cpu: 10m
             memory: 64Mi
diff --git a/config/manager/manager.yaml b/config/manager/manager.yaml
index cf6c4778..f1e14b32 100644
--- a/config/manager/manager.yaml
+++ b/config/manager/manager.yaml
@@ -94,7 +94,7 @@ spec:
         resources:
           limits:
             cpu: 500m
-            memory: 128Mi
+            memory: 512Mi
           requests:
             cpu: 10m
             memory: 64Mi