From 5b00731c48f95abfe4a5ae6e6f4f84a2505f9e8d Mon Sep 17 00:00:00 2001
From: razo7 <oraz@redhat.com>
Date: Thu, 1 Jun 2023 11:39:07 +0300
Subject: [PATCH] Add verbs for nodes resources

We need to add three new rbac, get, list and watch, for listing the cluster nodes
---
 .../fence-agents-remediation.clusterserviceversion.yaml   | 8 ++++++++
 config/rbac/role.yaml                                     | 8 ++++++++
 controllers/fenceagentsremediation_controller.go          | 1 +
 3 files changed, 17 insertions(+)

diff --git a/bundle/manifests/fence-agents-remediation.clusterserviceversion.yaml b/bundle/manifests/fence-agents-remediation.clusterserviceversion.yaml
index 0d44a857..4d7f66a6 100644
--- a/bundle/manifests/fence-agents-remediation.clusterserviceversion.yaml
+++ b/bundle/manifests/fence-agents-remediation.clusterserviceversion.yaml
@@ -120,6 +120,14 @@ spec:
     spec:
       clusterPermissions:
       - rules:
+        - apiGroups:
+          - ""
+          resources:
+          - nodes
+          verbs:
+          - get
+          - list
+          - watch
         - apiGroups:
           - ""
           resources:
diff --git a/config/rbac/role.yaml b/config/rbac/role.yaml
index b4f49382..98ed0799 100644
--- a/config/rbac/role.yaml
+++ b/config/rbac/role.yaml
@@ -5,6 +5,14 @@ metadata:
   creationTimestamp: null
   name: manager-role
 rules:
+- apiGroups:
+  - ""
+  resources:
+  - nodes
+  verbs:
+  - get
+  - list
+  - watch
 - apiGroups:
   - ""
   resources:
diff --git a/controllers/fenceagentsremediation_controller.go b/controllers/fenceagentsremediation_controller.go
index 67dc2125..44c4692f 100644
--- a/controllers/fenceagentsremediation_controller.go
+++ b/controllers/fenceagentsremediation_controller.go
@@ -50,6 +50,7 @@ func (r *FenceAgentsRemediationReconciler) SetupWithManager(mgr ctrl.Manager) er
 
 //+kubebuilder:rbac:groups=core,resources=pods/exec,verbs=create
 //+kubebuilder:rbac:groups=core,resources=pods,verbs=get;list;watch;update;delete;deletecollection
+//+kubebuilder:rbac:groups="",resources=nodes,verbs=get;list;watch
 //+kubebuilder:rbac:groups=fence-agents-remediation.medik8s.io,resources=fenceagentsremediations,verbs=get;list;watch;create;update;patch;delete
 //+kubebuilder:rbac:groups=fence-agents-remediation.medik8s.io,resources=fenceagentsremediations/status,verbs=get;update;patch
 //+kubebuilder:rbac:groups=fence-agents-remediation.medik8s.io,resources=fenceagentsremediations/finalizers,verbs=update