✨ feat(k8sgpt-rbac.yaml): add new RBAC configuration for k8sgpt operator

The new RBAC configuration file is added to define the permissions for the k8sgpt operator. This includes a ClusterRole, a ClusterRoleBinding, and a ServiceAccount. The ClusterRole defines the permissions that the operator has, such as creating, listing, getting, watching, and deleting resources. The ClusterRoleBinding binds the ClusterRole to the ServiceAccount, which represents the operator in the Kubernetes cluster. This setup ensures that the operator has the necessary permissions to function correctly, improving the security and functionality of the application.

Signed-off-by: MateSousa <[email protected]>

Author: MateSousa

chart/operator/templates/k8sgpt-rbac.yaml

@@ -0,0 +1,48 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ include "chart.fullname" . }}-operator-role
+  labels:
+  {{- include "chart.labels" . | nindent 4 }}
+rules:
+  - apiGroups:
+    - '*'
+    resources:
+    - '*'
+    verbs:
+    - create
+    - list
+    - get
+    - watch
+    - delete
+  - apiGroups:
+    - apiextensions.k8s.io
+    resources:
+    - '*'
+    verbs:
+    - '*'
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ include "chart.fullname" . }}-operator-rolebinding
+  labels:
+  {{- include "chart.labels" . | nindent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ include "chart.fullname" . }}-operator-role
+subjects:
+  - kind: ServiceAccount
+    name: "k8sgpt
+    namespace: {{ .Release.Namespace }}
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: "k8sgpt"
+  labels:
+    app.kubernetes.io/component: rbac
+    app.kubernetes.io/created-by: k8sgpt-operator
+    app.kubernetes.io/part-of: k8sgpt-operator
+  {{- include "chart.labels" . | nindent 4 }}