feat(argo-rollouts): Allow customizing additional RBAC rules for other providers

charts/argo-rollouts/Chart.yaml

@@ -2,7 +2,7 @@ apiVersion: v2
 appVersion: v1.6.6
 description: A Helm chart for Argo Rollouts
 name: argo-rollouts
-version: 2.34.3
+version: 2.34.4
 home: https://github.com/argoproj/argo-helm
 icon: https://argoproj.github.io/argo-rollouts/assets/logo.png
 keywords:
@@ -18,5 +18,5 @@ annotations:
     fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252
     url: https://argoproj.github.io/argo-helm/pgp_keys.asc
   artifacthub.io/changes: |
-    - kind: changed
-      description: Bump argo-rollouts to v1.6.6
+    - kind: added
+      description: Allow customizing additional RBAC rules for other providers

charts/argo-rollouts/README.md

@@ -60,6 +60,7 @@ For full list of changes please check ArtifactHub [changelog].
 | notifications.secret.items | object | `{}` | Generic key:value pairs to be inserted into the notifications secret |
 | notifications.templates | object | `{}` | Notification templates |
 | notifications.triggers | object | `{}` | The trigger defines the condition when the notification should be sent |
+| providerRBAC.additionalRules | list | `[]` | Additional RBAC rules for others providers |
 | providerRBAC.enabled | bool | `true` | Toggles addition of provider-specific RBAC rules to the controller Role and ClusterRole |
 | providerRBAC.providers.ambassador | bool | `true` | Adds RBAC rules for the Ambassador provider |
 | providerRBAC.providers.apisix | bool | `true` | Adds RBAC rules for the Apisix provider |

charts/argo-rollouts/templates/controller/clusterrole.yaml

@@ -258,23 +258,26 @@ rules:
 {{- if .Values.providerRBAC.providers.contour }}
   # Access needed when using the Contour provider
 - apiGroups:
-    - projectcontour.io
+  - projectcontour.io
   resources:
-    - httpproxies
+  - httpproxies
   verbs:
-    - get
-    - list
-    - watch
-    - update
+  - get
+  - list
+  - watch
+  - update
 {{- end }}
 {{- if .Values.providerRBAC.providers.glooPlatform }}
   # Access needed when using the Gloo Platform provider
 - apiGroups:
-    - networking.gloo.solo.io
+  - networking.gloo.solo.io
   resources:
-    - routetables
+  - routetables
   verbs:
-    - '*'
+  - '*'
+{{- end }}
+{{- with .Values.providerRBAC.additionalRules }}
+{{ toYaml .  }}
 {{- end }}
 {{- end }}
 {{- end }}

charts/argo-rollouts/values.yaml

@@ -273,6 +273,8 @@ providerRBAC:
     contour: true
     # -- Adds RBAC rules for the Gloo Platform provider, see `https://github.com/argoproj-labs/rollouts-plugin-trafficrouter-glooplatform/blob/main/README.md`
     glooPlatform: true
+  # -- Additional RBAC rules for others providers
+  additionalRules: []
 
 dashboard:
   # -- Deploy dashboard server