Add back pod get permissions

J12934 · J12934 · commit bc3fe87c1421 · 2020-03-29T18:42:58.000+02:00
Required to service account with that permission for the lurcher
diff --git a/operator/config/rbac/role.yaml b/operator/config/rbac/role.yaml
@@ -18,6 +18,12 @@ rules:
   - patch
   - update
   - watch
+- apiGroups:
+  - ""
+  resources:
+  - pods
+  verbs:
+  - get
 - apiGroups:
   - ""
   resources:
diff --git a/operator/controllers/execution/scan_controller.go b/operator/controllers/execution/scan_controller.go
@@ -63,6 +63,7 @@ var (
 // Permissions needed to create service accounts for lurcher, parser and persistence providers
 
 // Pod permission are required to grant these permission to service accounts
+// +kubebuilder:rbac:groups=core,resources=pods,verbs=get
 // +kubebuilder:rbac:groups=core,resources=serviceaccounts,verbs=get;watch;list;create
 // +kubebuilder:rbac:groups=rbac.authorization.k8s.io,resources=roles,verbs=get;watch;list;create
 // +kubebuilder:rbac:groups=rbac.authorization.k8s.io,resources=rolebindings,verbs=get;watch;list;create
diff --git a/operator/templates/rbac/role.yaml b/operator/templates/rbac/role.yaml
@@ -18,6 +18,12 @@ rules:
   - patch
   - update
   - watch
+- apiGroups:
+  - ""
+  resources:
+  - pods
+  verbs:
+  - get
 - apiGroups:
   - ""
   resources:
