#359 Add watch events for Jenkins(required by Kubernetes plugin)

2020-05-03 14:14:21 +02:00 · 2020-05-03 14:14:21 +02:00 · 2a0e2f90ba
parent 7445915c8f
commit 2a0e2f90ba
1 changed files with 11 additions and 9 deletions
--- a/pkg/controller/jenkins/configuration/base/resources/rbac.go
+++ b/pkg/controller/jenkins/configuration/base/resources/rbac.go
@ -59,20 +59,22 @@ func NewRoleBinding(name, namespace, serviceAccountName string, roleRef v1.RoleR
 // NewDefaultPolicyRules sets the default policy rules
 func NewDefaultPolicyRules() []v1.PolicyRule {
 	var rules []v1.PolicyRule
-	ReadOnly := []string{getVerb, listVerb, watchVerb}
+	readOnly := []string{getVerb, listVerb, watchVerb}
 	Default := []string{createVerb, deleteVerb, getVerb, listVerb, patchVerb, updateVerb, watchVerb}
-	Create := []string{createVerb}
+	create := []string{createVerb}
+	watch := []string{watchVerb}

-	rules = append(rules, NewPolicyRule(EmptyAPIGroup, "pods/portforward", Create))
+	rules = append(rules, NewPolicyRule(EmptyAPIGroup, "pods/portforward", create))
 	rules = append(rules, NewPolicyRule(EmptyAPIGroup, "pods", Default))
 	rules = append(rules, NewPolicyRule(EmptyAPIGroup, "pods/exec", Default))
-	rules = append(rules, NewPolicyRule(EmptyAPIGroup, "configmaps", ReadOnly))
-	rules = append(rules, NewPolicyRule(EmptyAPIGroup, "pods/log", ReadOnly))
-	rules = append(rules, NewPolicyRule(EmptyAPIGroup, "secrets", ReadOnly))
+	rules = append(rules, NewPolicyRule(EmptyAPIGroup, "configmaps", readOnly))
+	rules = append(rules, NewPolicyRule(EmptyAPIGroup, "pods/log", readOnly))
+	rules = append(rules, NewPolicyRule(EmptyAPIGroup, "secrets", readOnly))
+	rules = append(rules, NewPolicyRule(EmptyAPIGroup, "events", watch))

-	rules = append(rules, NewOpenShiftPolicyRule(OpenshiftAPIGroup, "imagestreams", ReadOnly))
-	rules = append(rules, NewOpenShiftPolicyRule(BuildAPIGroup, "buildconfigs", ReadOnly))
-	rules = append(rules, NewOpenShiftPolicyRule(BuildAPIGroup, "builds", ReadOnly))
+	rules = append(rules, NewOpenShiftPolicyRule(OpenshiftAPIGroup, "imagestreams", readOnly))
+	rules = append(rules, NewOpenShiftPolicyRule(BuildAPIGroup, "buildconfigs", readOnly))
+	rules = append(rules, NewOpenShiftPolicyRule(BuildAPIGroup, "builds", readOnly))

 	return rules
 }