[COMMON] Add roles for hazelcast apps

CDS and CPS use hazelcast, which requires additional resource read permissions (endpoint, service, node) Added it to roles-wrapper and ServiceAccount templates Issue-ID: OOM-3250 Change-Id: I8360ba657054b2468df55dc529beedd9fc79bada Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
author: Andreas Geissler <andreas-geissler@telekom.de> 2023-12-08 08:48:20 +0100
committer: Andreas Geissler <andreas-geissler@telekom.de> 2023-12-08 08:50:50 +0100
commit: 822bcb4bb6fb2c9e14892da2cfd37e4b4e8125df (patch)
tree: 3794778af58650f7453358a55641e585277d401f
parent: c5cdaf46f0c414ad2be7efcc4b792e9d3d9c51eb (diff)
2 files changed, 6 insertions, 0 deletions
diff --git a/kubernetes/common/roles-wrapper/templates/role.yaml b/kubernetes/common/roles-wrapper/templates/role.yaml
index 0be6c7bbd6..3438b6e36e 100644
--- a/kubernetes/common/roles-wrapper/templates/role.yaml
+++ b/kubernetes/common/roles-wrapper/templates/role.yaml
@@ -30,6 +30,9 @@ rules:
   - batch
   - extensions
   resources:
+  - endpoints
+  - services
+  - nodes
   - pods
   - deployments
   - deployments/status
diff --git a/kubernetes/common/serviceAccount/templates/role.yaml b/kubernetes/common/serviceAccount/templates/role.yaml
index 1b686f521c..83cb945ba9 100644
--- a/kubernetes/common/serviceAccount/templates/role.yaml
+++ b/kubernetes/common/serviceAccount/templates/role.yaml
@@ -53,6 +53,9 @@ rules:
   - batch
   - extensions
   resources:
+  - endpoints
+  - services
+  - nodes
   - pods
   - deployments
   - deployments/status
author	Andreas Geissler <andreas-geissler@telekom.de>	2023-12-08 08:48:20 +0100
committer	Andreas Geissler <andreas-geissler@telekom.de>	2023-12-08 08:50:50 +0100
commit	822bcb4bb6fb2c9e14892da2cfd37e4b4e8125df (patch)
tree	3794778af58650f7453358a55641e585277d401f
parent	c5cdaf46f0c414ad2be7efcc4b792e9d3d9c51eb (diff)