From df7d1ac10cea6d58aec6ea66e4988f2f99ba5ca2 Mon Sep 17 00:00:00 2001
From: "M. Mert Yildiran" <me@mertyildiran.com>
Date: Thu, 20 Apr 2023 03:01:25 +0300
Subject: [PATCH] :zap: Give the permission of listing or watching the
 `persistentvolumeclaims` to the `ClusterRole`

---
 helm-chart/templates/02-cluster-role.yaml |  1 +
 kubernetes/provider.go                    | 19 ++++++++++++++++---
 manifests/02-cluster-role.yaml            |  1 +
 3 files changed, 18 insertions(+), 3 deletions(-)

diff --git a/helm-chart/templates/02-cluster-role.yaml b/helm-chart/templates/02-cluster-role.yaml
index cd5115890..f2e117904 100644
--- a/helm-chart/templates/02-cluster-role.yaml
+++ b/helm-chart/templates/02-cluster-role.yaml
@@ -19,6 +19,7 @@ rules:
       - pods
       - services
       - endpoints
+      - persistentvolumeclaims
     verbs:
       - list
       - get
diff --git a/kubernetes/provider.go b/kubernetes/provider.go
index 4f7aa8a87..b9b49a5aa 100644
--- a/kubernetes/provider.go
+++ b/kubernetes/provider.go
@@ -575,9 +575,22 @@ func (provider *Provider) BuildClusterRole() *rbac.ClusterRole {
 		},
 		Rules: []rbac.PolicyRule{
 			{
-				APIGroups: []string{"", "extensions", "apps"},
-				Resources: []string{"pods", "services", "endpoints"},
-				Verbs:     []string{"list", "get", "watch"},
+				APIGroups: []string{
+					"",
+					"extensions",
+					"apps",
+				},
+				Resources: []string{
+					"pods",
+					"services",
+					"endpoints",
+					"persistentvolumeclaims",
+				},
+				Verbs: []string{
+					"list",
+					"get",
+					"watch",
+				},
 			},
 		},
 	}
diff --git a/manifests/02-cluster-role.yaml b/manifests/02-cluster-role.yaml
index d2cb28482..e2aa81771 100644
--- a/manifests/02-cluster-role.yaml
+++ b/manifests/02-cluster-role.yaml
@@ -19,6 +19,7 @@ rules:
       - pods
       - services
       - endpoints
+      - persistentvolumeclaims
     verbs:
       - list
       - get