From 469926423e2c56648080f51495c77d008c83183a Mon Sep 17 00:00:00 2001
From: Mulham Raee <mraee@redhat.com>
Date: Tue, 28 Nov 2023 16:27:46 +0100
Subject: [PATCH] Fixed rosacontrolplane_controller permissions

---
 Makefile                                      |  3 ++-
 config/rbac/role.yaml                         | 19 +++++++++++++++++++
 .../rosacontrolplane_controller.go            |  2 ++
 3 files changed, 23 insertions(+), 1 deletion(-)

diff --git a/Makefile b/Makefile
index 6189ee0436..e828fc8d82 100644
--- a/Makefile
+++ b/Makefile
@@ -30,7 +30,7 @@ TOOLS_DIR_DEPS := $(TOOLS_DIR)/go.sum $(TOOLS_DIR)/go.mod $(TOOLS_DIR)/Makefile
 TOOLS_BIN_DIR := $(TOOLS_DIR)/bin
 
 
-API_DIRS := cmd/clusterawsadm/api api exp/api controlplane/eks/api bootstrap/eks/api iam/api
+API_DIRS := cmd/clusterawsadm/api api exp/api controlplane/eks/api bootstrap/eks/api iam/api controlplane/rosa/api
 API_FILES := $(foreach dir, $(API_DIRS), $(call rwildcard,../../$(dir),*.go))
 
 BIN_DIR := bin
@@ -229,6 +229,7 @@ generate-go-apis: ## Alias for .build/generate-go-apis
 		paths=./$(EXP_DIR)/controllers/... \
 		paths=./bootstrap/eks/controllers/... \
 		paths=./controlplane/eks/controllers/... \
+		paths=./controlplane/rosa/controllers/... \
 		output:crd:dir=config/crd/bases \
 		object:headerFile=./hack/boilerplate/boilerplate.generatego.txt \
 		crd:crdVersions=v1 \
diff --git a/config/rbac/role.yaml b/config/rbac/role.yaml
index 7cab425197..c7faf0f437 100644
--- a/config/rbac/role.yaml
+++ b/config/rbac/role.yaml
@@ -135,6 +135,17 @@ rules:
   - get
   - patch
   - update
+- apiGroups:
+  - controlplane.cluster.x-k8s.io
+  resources:
+  - rosacontrolplanes
+  verbs:
+  - delete
+  - get
+  - list
+  - patch
+  - update
+  - watch
 - apiGroups:
   - controlplane.cluster.x-k8s.io
   resources:
@@ -144,6 +155,14 @@ rules:
   - get
   - list
   - watch
+- apiGroups:
+  - controlplane.cluster.x-k8s.io
+  resources:
+  - rosacontrolplanes/status
+  verbs:
+  - get
+  - patch
+  - update
 - apiGroups:
   - ""
   resources:
diff --git a/controlplane/rosa/controllers/rosacontrolplane_controller.go b/controlplane/rosa/controllers/rosacontrolplane_controller.go
index d18c5baf93..5431db9be1 100644
--- a/controlplane/rosa/controllers/rosacontrolplane_controller.go
+++ b/controlplane/rosa/controllers/rosacontrolplane_controller.go
@@ -99,6 +99,8 @@ func (r *ROSAControlPlaneReconciler) SetupWithManager(ctx context.Context, mgr c
 // +kubebuilder:rbac:groups=cluster.x-k8s.io,resources=clusters;clusters/status,verbs=get;list;watch
 // +kubebuilder:rbac:groups=cluster.x-k8s.io,resources=machinedeployments,verbs=get;list;watch
 // +kubebuilder:rbac:groups=cluster.x-k8s.io,resources=machinepools,verbs=get;list;watch
+// +kubebuilder:rbac:groups=controlplane.cluster.x-k8s.io,resources=rosacontrolplanes,verbs=get;list;watch;update;patch;delete
+// +kubebuilder:rbac:groups=controlplane.cluster.x-k8s.io,resources=rosacontrolplanes/status,verbs=get;update;patch
 
 // Reconcile will reconcile RosaControlPlane Resources.
 func (r *ROSAControlPlaneReconciler) Reconcile(ctx context.Context, req ctrl.Request) (res ctrl.Result, reterr error) {