Revert "Revert "Add RBAC for lease objects""

This reverts commit 4bfa0db.

Author: a-hilaly

pkg/generate/ack/controller.go

@@ -37,6 +37,8 @@ var (
 		"config/rbac/role-reader.yaml.tpl",
 		"config/rbac/role-writer.yaml.tpl",
 		"config/rbac/service-account.yaml.tpl",
+		"config/rbac/leader_election_role_binding.yaml.tpl",
+		"config/rbac/leader_election_role.yaml.tpl",
 		"config/rbac/kustomization.yaml.tpl",
 		"config/crd/kustomization.yaml.tpl",
 		"config/overlays/namespaced/kustomization.yaml.tpl",

templates/config/rbac/kustomization.yaml.tpl

@@ -4,4 +4,6 @@ resources:
 - role-reader.yaml
 - role-writer.yaml
 - service-account.yaml
+- leader_election_role.yaml
+- leader_election_role_binding.yaml
 

templates/config/rbac/leader_election_role.yaml.tpl

@@ -0,0 +1,37 @@
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+  name: {{.ServicePackageName}}-leader-election-role
+rules:
+- apiGroups:
+  - ""
+  resources:
+  - configmaps
+  verbs:
+  - get
+  - list
+  - watch
+  - create
+  - update
+  - patch
+  - delete
+- apiGroups:
+  - coordination.k8s.io
+  resources:
+  - leases
+  verbs:
+  - get
+  - list
+  - watch
+  - create
+  - update
+  - patch
+  - delete
+- apiGroups:
+  - ""
+  resources:
+  - events
+  verbs:
+  - create
+  - patch

templates/config/rbac/leader_election_role_binding.yaml.tpl

@@ -0,0 +1,13 @@
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+  name: {{.ServicePackageName}}-leader-election-rolebinding
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: Role
+  name: {{.ServicePackageName}}-leader-election-role
+subjects:
+- kind: ServiceAccount
+  name: {{.ServiceAccountName}}
+  namespace: ack-system