From 8c229c1191bdc29f3137033159fc275875a7292c Mon Sep 17 00:00:00 2001
From: roc <roc@imroc.cc>
Date: Wed, 8 Jan 2025 19:07:39 +0800
Subject: [PATCH] add rbac role for tencentcloud provider (#193)

Signed-off-by: roc <roc@imroc.cc>
---
 config/rbac/role.yaml  | 18 ++++++++++++++++++
 pkg/webhook/webhook.go |  3 ++-
 2 files changed, 20 insertions(+), 1 deletion(-)

diff --git a/config/rbac/role.yaml b/config/rbac/role.yaml
index 143cc2f6..37de63ca 100644
--- a/config/rbac/role.yaml
+++ b/config/rbac/role.yaml
@@ -271,6 +271,24 @@ rules:
   - get
   - patch
   - update
+- apiGroups:
+  - networking.cloud.tencent.com
+  resources:
+  - dedicatedclblisteners
+  verbs:
+  - create
+  - delete
+  - get
+  - list
+  - patch
+  - update
+  - watch
+- apiGroups:
+  - networking.cloud.tencent.com
+  resources:
+  - dedicatedclblisteners/status
+  verbs:
+  - get
 - apiGroups:
   - networking.k8s.io
   resources:
diff --git a/pkg/webhook/webhook.go b/pkg/webhook/webhook.go
index d4627024..444ba486 100644
--- a/pkg/webhook/webhook.go
+++ b/pkg/webhook/webhook.go
@@ -85,6 +85,8 @@ func init() {
 // +kubebuilder:rbac:groups=elbv2.k8s.aws,resources=targetgroupbindings,verbs=create;get;list;patch;update;watch
 // +kubebuilder:rbac:groups=elbv2.services.k8s.aws,resources=listeners,verbs=create;get;list;patch;update;watch
 // +kubebuilder:rbac:groups=elbv2.services.k8s.aws,resources=targetgroups,verbs=create;get;list;patch;update;watch
+// +kubebuilder:rbac:groups=networking.cloud.tencent.com,resources=dedicatedclblisteners,verbs=get;list;watch;create;update;patch;delete
+// +kubebuilder:rbac:groups=networking.cloud.tencent.com,resources=dedicatedclblisteners/status,verbs=get
 
 type Webhook struct {
 	mgr manager.Manager
@@ -135,7 +137,6 @@ func (ws *Webhook) Initialize(cfg *rest.Config) error {
 	}
 
 	clientSet, err := clientset.NewForConfig(cfg)
-
 	if err != nil {
 		return err
 	}