From a8b610a87779b1021754d098e3e82fb8f71c1d07 Mon Sep 17 00:00:00 2001 From: Arun Kumar Mohan Date: Wed, 13 Dec 2023 17:43:32 +0530 Subject: [PATCH] Add 'persistentvolumeclaims' access permission for exporter Following error messages are logged in ocs-metrics-exporter pod, ``` Failed to watch *v1.PersistentVolume: unable to sync list result: failed to get node name for pod: failed to get PVC openshift-storage/db-noobaa-db-pg-0: persistentvolumeclaims "db-noobaa-db-pg-0" is forbidden: User "system:serviceaccount:openshift-storage:ocs-metrics-exporter" cannot get resource "persistentvolumeclaims" in API group "" in the namespace "openshift-storage" ``` Adding 'persistentvolumeclaims' resource to the existing roles. Signed-off-by: Arun Kumar Mohan --- controllers/storagecluster/exporter.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/controllers/storagecluster/exporter.go b/controllers/storagecluster/exporter.go index 5850c6b8a2..9c3d181912 100644 --- a/controllers/storagecluster/exporter.go +++ b/controllers/storagecluster/exporter.go @@ -597,7 +597,7 @@ const expectedMetricExporterRoleJSON = ` "rules":[ { "apiGroups":[""], - "resources":["secrets","configmaps"], + "resources":["secrets","configmaps","persistentvolumeclaims"], "verbs":["get","list","watch"] }, {