github.com/verrazzano/verrazzano@v1.7.0/platform-operator/thirdparty/charts/mysql-operator/templates/cluster_role_sidecar.yaml (about)

     1  # role for the server sidecar
     2  apiVersion: rbac.authorization.k8s.io/v1
     3  kind: ClusterRole
     4  metadata:
     5    name: mysql-sidecar
     6  rules:
     7    - apiGroups: [""]
     8      resources: ["pods"]
     9      verbs: ["get", "list", "watch", "patch"]
    10    - apiGroups: [""]
    11      resources: ["pods/status"]
    12      verbs: ["get", "patch", "update", "watch"]
    13    # Kopf needs patch on secrets or the sidecar will throw
    14    - apiGroups: [""]
    15      resources: ["secrets"]
    16      verbs: ["get", "create", "list", "watch", "patch"]
    17    - apiGroups: [""]
    18      resources: ["configmaps"]
    19      verbs: ["get", "create", "list", "watch", "patch"]
    20    - apiGroups: [""]
    21      resources: ["services"]
    22      verbs: ["get", "create"]
    23    - apiGroups: [""]
    24      resources: ["serviceaccounts"]
    25      verbs: ["get", "create"]
    26    - apiGroups: [""]
    27      resources: ["events"]
    28      verbs: ["create", "patch", "update"]
    29    - apiGroups: ["apps"]
    30      resources: ["deployments"]
    31      verbs: ["get", "patch"]
    32    - apiGroups: ["mysql.oracle.com"]
    33      resources: ["innodbclusters"]
    34      verbs: ["get", "watch", "list"]
    35    - apiGroups: ["mysql.oracle.com"]
    36      resources: ["mysqlbackups"]
    37      verbs: ["create", "get", "list", "patch", "update", "watch", "delete"]
    38    - apiGroups: ["mysql.oracle.com"]
    39      resources: ["mysqlbackups/status"]
    40      verbs: ["get", "patch", "update", "watch"]