feat: add cluster-role for pod-monitoring

Signed-off-by: Lenin Mehedy <[email protected]>

charts/hedera-network/templates/rbac/pod-monitor-role.yaml

@@ -1,7 +1,8 @@
 apiVersion: rbac.authorization.k8s.io/v1
-kind: Role
+kind: ClusterRole
 metadata:
   name: pod-monitoring-role
+  namespace: {{ .Values.namespace }}
 rules:
   - apiGroups: [ "" ]
     resources:
@@ -16,15 +17,26 @@ rules:
       - pods/exec
     verbs:
       - create
+  - apiGroups: [ "gateway.networking.k8s.io" ]
+    resources:
+      - gatewayclasses
+      - gateways
+      - httproutes
+      - tcproutes
+    verbs:
+      - get
+      - list
 ---
 apiVersion: rbac.authorization.k8s.io/v1
-kind: RoleBinding
+kind: ClusterRoleBinding
 metadata:
   name: pod-monitoring-role-binding
+  namespace: {{ .Values.namespace }}
 subjects:
   - kind: ServiceAccount
     name: pod-monitor
+    namespace: {{ .Values.namespace }}
 roleRef:
-  kind: Role
+  kind: ClusterRole
   name: pod-monitoring-role
   apiGroup: rbac.authorization.k8s.io

charts/hedera-network/templates/rbac/service-accounts.yaml

@@ -1,4 +1,5 @@
 apiVersion: v1
 kind: ServiceAccount
 metadata:
-  name: pod-monitor
+  name: pod-monitor
+  namespace: {{ .Values.namespace }}

charts/hedera-network/values.yaml

@@ -62,6 +62,8 @@ gatewayApi:
   route:
     hostname: "{{ .node.name }}.fst.local"
 
+namespace: default
+
 # default settings for a single node
 # This default configurations can be overridden for each node in the hedera.nodes section.
 defaults: