From 580c02ce76c85d30481fbbe92f23b581bc3a8d31 Mon Sep 17 00:00:00 2001
From: shuting <shuting@nirmata.com>
Date: Tue, 24 Oct 2023 17:14:34 +0800
Subject: [PATCH] add secrets name in background-controller's role (#8721)

Signed-off-by: ShutingZhao <shuting@nirmata.com>
---
 charts/kyverno/templates/background-controller/role.yaml | 3 +++
 config/install-latest-testing.yaml                       | 3 +++
 2 files changed, 6 insertions(+)

diff --git a/charts/kyverno/templates/background-controller/role.yaml b/charts/kyverno/templates/background-controller/role.yaml
index c18d1186df..7b8c7cbc0e 100644
--- a/charts/kyverno/templates/background-controller/role.yaml
+++ b/charts/kyverno/templates/background-controller/role.yaml
@@ -44,5 +44,8 @@ rules:
       - get
       - list
       - watch
+    resourceNames:
+      - {{ template "kyverno.admission-controller.serviceName" . }}.{{ template "kyverno.namespace" . }}.svc.kyverno-tls-ca
+      - {{ template "kyverno.admission-controller.serviceName" . }}.{{ template "kyverno.namespace" . }}.svc.kyverno-tls-pair
 {{- end -}}
 {{- end -}}
diff --git a/config/install-latest-testing.yaml b/config/install-latest-testing.yaml
index 0c0a5ae7ab..0de523239b 100644
--- a/config/install-latest-testing.yaml
+++ b/config/install-latest-testing.yaml
@@ -44422,6 +44422,9 @@ rules:
       - get
       - list
       - watch
+    resourceNames:
+      - kyverno-svc.kyverno.svc.kyverno-tls-ca
+      - kyverno-svc.kyverno.svc.kyverno-tls-pair
 ---
 apiVersion: rbac.authorization.k8s.io/v1
 kind: Role