bwce-role.yaml over eager #104
Description
The role defined here https://github.com/TIBCOSoftware/tp-helm-charts/blob/main/charts/dp-configure-namespace/templates/bwce-role.yaml is a bit over eager mapping all options of ingress controllers.
- apiGroups: ["networking.k8s.io"]
resources: ["ingresses"]
verbs: ["list", "get", "create", "update", "delete"]
- apiGroups: ["configuration.konghq.com"]
resources: ["kongplugins"]
verbs: ["list", "get", "create", "update", "delete"]
- apiGroups: ["traefik.io"]
resources: ["middlewares"]
verbs: ["list", "get", "create", "update", "delete", "patch"
I would advice to put if statements around this and requite the values to specify the ingress controller of choice to be used. because their might be customers out that that run multiple ingress controllers in the same cluster but want tibco to only have privileges to one.