Add configmap target check (#203)

* Implement configmap target check

Only include permissions to configmaps if target includes configmap. This reduces permissions.

* Bump version

* change envVars to empty list

* use coalesce

* use git

---------

Co-authored-by: Christian Hopf <git@ckotzbauer.de>

charts/sbom-operator/Chart.yaml

@@ -1,7 +1,7 @@
 apiVersion: v2
 description: Catalogue all images of a Kubernetes cluster to multiple targets with Syft
 name: sbom-operator
-version: 0.37.0
+version: 0.37.1
 appVersion: 0.36.0
 home: https://github.com/ckotzbauer/sbom-operator
 sources:

charts/sbom-operator/templates/clusterrole.yaml

@@ -18,6 +18,7 @@ rules:
   - secrets
   verbs:
   - get
+{{- if and .Values.args (hasKey .Values.args "targets") .Values.args.targets (contains "configmap" (coalesce .Values.args.targets "git")) }}
 - apiGroups:
   - ""
   resources:
@@ -27,6 +28,7 @@ rules:
   - create
   - list
   - delete
+{{- end }}
 - apiGroups:
   - ""
   resources:

charts/sbom-operator/values.yaml

@@ -10,7 +10,7 @@ image:
 
 args: {}
 
-envVars: {}
+envVars: []
 
 jobImageMode: false