From 8c1343b778e39aca946b4014469810cece873a57 Mon Sep 17 00:00:00 2001
From: ewolinetz <ewolinet@redhat.com>
Date: Wed, 5 Jul 2017 14:01:58 -0500
Subject: Addressing servicecatalog doesnt have enough permissions and
 multimaster config for service-catalog

---
 .../files/kubeservicecatalog_roles_bindings.yml          | 16 ++++++++++++++++
 .../templates/controller_manager.j2                      |  1 +
 2 files changed, 17 insertions(+)

(limited to 'roles/openshift_service_catalog')

diff --git a/roles/openshift_service_catalog/files/kubeservicecatalog_roles_bindings.yml b/roles/openshift_service_catalog/files/kubeservicecatalog_roles_bindings.yml
index 880146ca4..ebefaeaba 100644
--- a/roles/openshift_service_catalog/files/kubeservicecatalog_roles_bindings.yml
+++ b/roles/openshift_service_catalog/files/kubeservicecatalog_roles_bindings.yml
@@ -115,6 +115,22 @@ objects:
     - bindings/status
     verbs:
     - update
+  - apiGroups:
+    - servicecatalog.k8s.io
+    resources:
+    - brokers
+    - instances
+    - bindings
+    verbs:
+    - list
+    - watch
+  - apiGroups:
+    - ""
+    resources:
+    - events
+    verbs:
+    - patch
+    - create
 
 - kind: ClusterRoleBinding
   apiVersion: v1
diff --git a/roles/openshift_service_catalog/templates/controller_manager.j2 b/roles/openshift_service_catalog/templates/controller_manager.j2
index 33932eeb7..1bbc0fa2c 100644
--- a/roles/openshift_service_catalog/templates/controller_manager.j2
+++ b/roles/openshift_service_catalog/templates/controller_manager.j2
@@ -17,6 +17,7 @@ spec:
       labels:
         app: controller-manager
     spec:
+      serviceAccountName: service-catalog-controller
       nodeSelector:
 {% for key, value in node_selector.iteritems() %}
         {{key}}: "{{value}}"
-- 
cgit v1.2.3