Labels addition to ClusterRole #1664
Description
Is your feature request related to a problem? Please describe.
As a part of the deployment, clusterRole doesn't currently aggregate to the admin clusterrole we assign to namespaces admins. As a consequence, non-clusteradmin cannot list/deploy api resources that are provided by redis.
Error: Unable to continue with install: could not get information about the resource RedisReplication \"project-info-jb-test-redis-replication\" in namespace \"project-info\": redisreplications.redis.redis.opstreelabs.in \"project-info-jb-test-redis-replicatio\
n\" is forbidden: User \"jb@xyz.com\" cannot get resource \"redisreplications\" in API group \"redis.redis.opstreelabs.in\" in the namespace \"project-info\""
Describe the solution you'd like
What is needed in the redis clusterrole is an additional label: rbac.authorization.k8s.io/aggregate-to-admin: "true". However, I don't see the upstream chart providing a straightforward way for including additional labels in the clusterrole. So I'd like to raise this to your attention and get this fixed.
Describe alternatives you've considered
Argo had a kustomize patch interface which we think could let us apply the patch without editing the chart. Today we don't expose that interface via argocd-projects but it would be straight forward up add. Although to have a permanent fix on the chart itself will help.
What version of redis-operator are you using?
redis-operator version: v0.21.2 but the same issue is on the latest version.