From 96b9c656044551cfba1336880645fad057c1a9e9 Mon Sep 17 00:00:00 2001 From: Angel Misevski Date: Mon, 21 Aug 2023 12:51:42 -0400 Subject: [PATCH] Add 'list' and 'update' configmaps/secrets to workspace SA role Signed-off-by: Angel Misevski --- docs/workspace-capabilities.md | 4 ++++ pkg/provision/workspace/rbac/role.go | 4 ++-- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/docs/workspace-capabilities.md b/docs/workspace-capabilities.md index d5615df55..c62a2cb29 100644 --- a/docs/workspace-capabilities.md +++ b/docs/workspace-capabilities.md @@ -37,8 +37,10 @@ rules: - secrets verbs: - get + - list - create - patch + - update - delete - apiGroups: - "" @@ -46,8 +48,10 @@ rules: - configmaps verbs: - get + - list - create - patch + - update - delete - apiGroups: - workspace.devfile.io diff --git a/pkg/provision/workspace/rbac/role.go b/pkg/provision/workspace/rbac/role.go index 086b7de5c..1dff142a4 100644 --- a/pkg/provision/workspace/rbac/role.go +++ b/pkg/provision/workspace/rbac/role.go @@ -95,12 +95,12 @@ func generateDefaultRole(namespace string) *rbacv1.Role { { Resources: []string{"secrets"}, APIGroups: []string{""}, - Verbs: []string{"get", "create", "patch", "delete"}, + Verbs: []string{"get", "list", "create", "patch", "update", "delete"}, }, { Resources: []string{"configmaps"}, APIGroups: []string{""}, - Verbs: []string{"get", "create", "patch", "delete"}, + Verbs: []string{"get", "list", "create", "patch", "update", "delete"}, }, { Resources: []string{"devworkspaces"},