From 6714c16a29b13c812789de2b589e9b5e8f580dfe Mon Sep 17 00:00:00 2001
From: Julien Mailleret <8582351+jmlrt@users.noreply.github.com>
Date: Mon, 7 Mar 2022 12:39:43 +0100
Subject: [PATCH] [filebeat] add missing rolebing and cluster role rules
 (#1602)

This commits add a rolebing and cluster role rules to match
https://github.com/elastic/beats/blob/main/deploy/kubernetes/filebeat-kubernetes.yaml
---
 filebeat/templates/rolebinding.yaml | 19 +++++++++++++++++++
 filebeat/values.yaml                |  8 ++++++++
 2 files changed, 27 insertions(+)
 create mode 100644 filebeat/templates/rolebinding.yaml
 mode change 100755 => 100644 filebeat/values.yaml

diff --git a/filebeat/templates/rolebinding.yaml b/filebeat/templates/rolebinding.yaml
new file mode 100644
index 000000000..ff1216841
--- /dev/null
+++ b/filebeat/templates/rolebinding.yaml
@@ -0,0 +1,19 @@
+{{- if .Values.managedServiceAccount }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+  name: {{ template "filebeat.serviceAccount" . }}-role-binding
+  labels:
+    app: "{{ template "filebeat.fullname" . }}"
+    chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
+    heritage: {{ .Release.Service | quote }}
+    release: {{ .Release.Name | quote }}
+roleRef:
+  kind: Role
+  name: {{ template "filebeat.serviceAccount" . }}-role
+  apiGroup: rbac.authorization.k8s.io
+subjects:
+- kind: ServiceAccount
+  name: {{ template "filebeat.serviceAccount" . }}
+  namespace: {{ .Release.Namespace }}
+{{- end -}}
diff --git a/filebeat/values.yaml b/filebeat/values.yaml
old mode 100755
new mode 100644
index 7e3467748..c9dd42f62
--- a/filebeat/values.yaml
+++ b/filebeat/values.yaml
@@ -211,6 +211,14 @@ clusterRoleRules:
       - get
       - list
       - watch
+  - apiGroups:
+      - "apps"
+    resources:
+      - replicasets
+    verbs:
+      - get
+      - list
+      - watch
 
 podAnnotations: {}
 # iam.amazonaws.com/role: es-cluster