Employ RBAC when run on minikube

README.md

@@ -47,17 +47,17 @@ kubectl create -f manifests/postgres-operator.yaml # create  postgres-operator d
 kubectl create -f manifests/minimal-postgres-manifest.yaml # submit a PG cluster
 ```
 
+Tear down cleanly:
+```bash
+minikube delete
+```
+
 We have automated these steps for you:
 ```bash
 cd postgres-operator
 ./run_operator_locally.sh
 ```
 
-Tear down cleanly:
-```bash
-minikube delete
-```
-
 ## Scope
 
 The scope of the postgres operator is on provisioning, modifying configuration and cleaning up Postgres clusters that use Patroni, basically to make it easy and convenient to run Patroni based clusters on Kubernetes.

manifests/operator-rbac.yaml

@@ -112,6 +112,13 @@ rules:
   - create
   - delete
   - get
+- apiGroups:
+  - ""
+  resources:
+  - serviceaccounts
+  verbs:
+  - get
+  - create
 
 ---
 apiVersion: rbac.authorization.k8s.io/v1

manifests/serviceaccount.yaml

@@ -1,4 +0,0 @@
-apiVersion: v1
-kind: ServiceAccount
-metadata:
-  name: operator

run_operator_locally.sh

@@ -134,7 +134,7 @@ function start_operator(){
 
     # the order of resource initialization is significant
     local file
-    for file  in "configmap.yaml" "serviceaccount.yaml"
+    for file  in "configmap.yaml" "operator-rbac.yaml"
     do
         retry "kubectl  create -f manifests/\"$file\"" "attempt to create $file resource"
     done