From 8bb0149e1fba13e763ac79c954f8a40b54a7b1e3 Mon Sep 17 00:00:00 2001
From: shreddedbacon <b@benjackson.email>
Date: Thu, 16 Jan 2025 18:01:09 +1100
Subject: [PATCH] fix: role for secrets/configmaps

---
 config/rbac/role.yaml    | 10 ++++++----
 internal/storage/main.go |  2 ++
 test/e2e/e2e_suite.go    | 33 ++++++++++++++++++++++++++++++++-
 3 files changed, 40 insertions(+), 5 deletions(-)

diff --git a/config/rbac/role.yaml b/config/rbac/role.yaml
index 8b0247e..40e0d8a 100644
--- a/config/rbac/role.yaml
+++ b/config/rbac/role.yaml
@@ -7,20 +7,22 @@ rules:
 - apiGroups:
   - ""
   resources:
-  - namespaces
+  - configmaps
+  - persistentvolumeclaims
+  - secrets
   verbs:
   - get
   - list
-  - patch
-  - update
   - watch
 - apiGroups:
   - ""
   resources:
-  - persistentvolumeclaims
+  - namespaces
   verbs:
   - get
   - list
+  - patch
+  - update
   - watch
 - apiGroups:
   - ""
diff --git a/internal/storage/main.go b/internal/storage/main.go
index 69bf103..d892eb1 100644
--- a/internal/storage/main.go
+++ b/internal/storage/main.go
@@ -23,6 +23,8 @@ import (
 // +kubebuilder:rbac:groups="",resources=pods/exec,verbs=create
 // +kubebuilder:rbac:groups="",resources=pods/log,verbs=list;get
 // +kubebuilder:rbac:groups="",resources=persistentvolumeclaims,verbs=list;get;watch
+// +kubebuilder:rbac:groups="",resources=secrets,verbs=list;get;watch
+// +kubebuilder:rbac:groups="",resources=configmaps,verbs=list;get;watch
 
 // Calculator handles collecting storage calculator information
 type Calculator struct {
diff --git a/test/e2e/e2e_suite.go b/test/e2e/e2e_suite.go
index 2b20c20..7a02e5a 100644
--- a/test/e2e/e2e_suite.go
+++ b/test/e2e/e2e_suite.go
@@ -65,11 +65,42 @@ var _ = Describe("controller", Ordered, func() {
 
 	// comment to prevent cleaning up controller namespace and local services
 	AfterAll(func() {
+		By("dump controller logs")
+		cmd := exec.Command("kubectl", "get",
+			"pods", "-l", "control-plane=controller-manager",
+			"-o", "go-template={{ range .items }}"+
+				"{{ if not .metadata.deletionTimestamp }}"+
+				"{{ .metadata.name }}"+
+				"{{ \"\\n\" }}{{ end }}{{ end }}",
+			"-n", namespace,
+		)
+		podOutput, err := utils.Run(cmd)
+		if err == nil {
+			podNames := utils.GetNonEmptyLines(string(podOutput))
+			controllerPodName := podNames[0]
+			cmd = exec.Command("kubectl", "logs",
+				controllerPodName, "-c", "manager",
+				"-n", namespace,
+			)
+			podlogs, err := utils.Run(cmd)
+			if err == nil {
+				fmt.Fprintf(GinkgoWriter, "info: %s\n", podlogs)
+			}
+			// cmd = exec.Command(utils.Kubectl(), "logs",
+			// 	controllerPodName, "-c", "manager",
+			// 	"-n", namespace, "--previous",
+			// )
+			// podlogs, err = utils.Run(cmd)
+			// if err == nil {
+			// 	fmt.Fprintf(GinkgoWriter, "info: previous %s\n", podlogs)
+			// }
+		}
+
 		By("stop metrics consumer")
 		utils.StopMetricsConsumer()
 
 		// remove the example namespace
-		cmd := exec.Command("kubectl", "delete", "ns", "example-project-main")
+		cmd = exec.Command("kubectl", "delete", "ns", "example-project-main")
 		_, _ = utils.Run(cmd)
 
 		// remove the example namespace