From cb4a008e48b3d9c9ab7feadeb4d7df651c2fb6f1 Mon Sep 17 00:00:00 2001
From: Lukasz Raczylo <lukasz@raczylo.com>
Date: Thu, 16 Mar 2023 15:18:13 +0000
Subject: [PATCH] Add events generation rbac policy.

---
 .../jobs-manager-operator/templates/deployment.yaml  |  2 +-
 charts/jobs-manager-operator/values.yaml             |  2 +-
 config/rbac/role.yaml                                | 12 ++++++++++++
 controllers/managedjob_controller.go                 |  1 +
 4 files changed, 15 insertions(+), 2 deletions(-)

diff --git a/charts/jobs-manager-operator/templates/deployment.yaml b/charts/jobs-manager-operator/templates/deployment.yaml
index cc38f5e..2c02248 100644
--- a/charts/jobs-manager-operator/templates/deployment.yaml
+++ b/charts/jobs-manager-operator/templates/deployment.yaml
@@ -105,4 +105,4 @@ spec:
       securityContext:
         runAsNonRoot: true
       serviceAccountName: {{ include "chart.fullname" . }}-controller-manager
-      terminationGracePeriodSeconds: 10
\ No newline at end of file
+      terminationGracePeriodSeconds: 10
diff --git a/charts/jobs-manager-operator/values.yaml b/charts/jobs-manager-operator/values.yaml
index d41fb37..c36a58c 100644
--- a/charts/jobs-manager-operator/values.yaml
+++ b/charts/jobs-manager-operator/values.yaml
@@ -12,7 +12,7 @@ controllerManager:
         memory: 64Mi
   manager:
     image:
-      repository: controller
+      repository: ghcr.io/lukaszraczylo/jobs-manager-operator
       tag: latest
     resources:
       limits:
diff --git a/config/rbac/role.yaml b/config/rbac/role.yaml
index ff78463..f97ef4d 100644
--- a/config/rbac/role.yaml
+++ b/config/rbac/role.yaml
@@ -5,6 +5,18 @@ metadata:
   creationTimestamp: null
   name: manager-role
 rules:
+- apiGroups:
+  - ""
+  resources:
+  - events
+  verbs:
+  - create
+  - delete
+  - get
+  - list
+  - patch
+  - update
+  - watch
 - apiGroups:
   - batch
   resources:
diff --git a/controllers/managedjob_controller.go b/controllers/managedjob_controller.go
index 3aa9ad1..c1cbb3f 100644
--- a/controllers/managedjob_controller.go
+++ b/controllers/managedjob_controller.go
@@ -41,6 +41,7 @@ type ManagedJobReconciler struct {
 //+kubebuilder:rbac:groups=jobsmanager.raczylo.com,resources=managedjobs/status,verbs=get;update;patch
 //+kubebuilder:rbac:groups=jobsmanager.raczylo.com,resources=managedjobs/finalizers,verbs=update
 //+kubebuilder:rbac:groups=batch,resources=jobs,verbs=get;list;watch;create;update;patch;delete
+//+kubebuilder:rbac:groups="",resources=events,verbs=create;update;patch;delete;get;list;watch
 
 func (r *ManagedJobReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error) {
 	_ = log.FromContext(ctx)