diff --git a/test/conformance/chainsaw/reports/background/mutate-existing/chainsaw-test.yaml b/test/conformance/chainsaw/reports/background/mutate-existing/chainsaw-test.yaml index c75550108c..3d0fce8e0f 100755 --- a/test/conformance/chainsaw/reports/background/mutate-existing/chainsaw-test.yaml +++ b/test/conformance/chainsaw/reports/background/mutate-existing/chainsaw-test.yaml @@ -4,6 +4,10 @@ metadata: name: basic-create spec: steps: + - name: add permisssions + try: + - apply: + file: permissions.yaml - name: step-01 try: - apply: diff --git a/test/conformance/chainsaw/reports/background/mutate-existing/permissions.yaml b/test/conformance/chainsaw/reports/background/mutate-existing/permissions.yaml new file mode 100644 index 0000000000..a7c82f448c --- /dev/null +++ b/test/conformance/chainsaw/reports/background/mutate-existing/permissions.yaml @@ -0,0 +1,20 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: kyverno:secrets-kqo1 + labels: + rbac.kyverno.io/aggregate-to-background-controller: "true" + rbac.kyverno.io/aggregate-to-reports-controller: "true" + rbac.kyverno.io/aggregate-to-admission-controller: "true" +rules: +- apiGroups: + - '' + resources: + - secrets + verbs: + - get + - list + - watch + - create + - update + - delete