From bc15ff9e75c10e01753fbaf70c6efcb628d86a38 Mon Sep 17 00:00:00 2001
From: ZhiweiYin <zhiweiyin@hotmail.com>
Date: Wed, 17 Jun 2020 23:09:57 +0800
Subject: [PATCH] add lease role for hub

---
 .../cluster-manager-registration-clusterrole.yaml             | 4 ++++
 pkg/operators/clustermanager/bindata/bindata.go               | 4 ++++
 2 files changed, 8 insertions(+)

diff --git a/manifests/cluster-manager/cluster-manager-registration-clusterrole.yaml b/manifests/cluster-manager/cluster-manager-registration-clusterrole.yaml
index 0043b34da..e4fecb0ef 100644
--- a/manifests/cluster-manager/cluster-manager-registration-clusterrole.yaml
+++ b/manifests/cluster-manager/cluster-manager-registration-clusterrole.yaml
@@ -27,6 +27,10 @@ rules:
 - apiGroups: ["rbac.authorization.k8s.io"]
   resources: ["clusterroles", "roles"]
   verbs: ["get", "list", "watch", "create", "update", "patch", "delete", "escalate", "bind"]
+# Allow hub to manage coordination.k8s.io/lease
+- apiGroups: ["coordination.k8s.io"]
+  resources: ["leases"]
+  verbs: ["get", "list", "watch", "create", "delete", "update"]
 # Allow hub to manage managedclusters
 - apiGroups: ["cluster.open-cluster-management.io"]
   resources: ["managedclusters"]
diff --git a/pkg/operators/clustermanager/bindata/bindata.go b/pkg/operators/clustermanager/bindata/bindata.go
index 2fdffc870..318e9bcdf 100644
--- a/pkg/operators/clustermanager/bindata/bindata.go
+++ b/pkg/operators/clustermanager/bindata/bindata.go
@@ -549,6 +549,10 @@ rules:
 - apiGroups: ["rbac.authorization.k8s.io"]
   resources: ["clusterroles", "roles"]
   verbs: ["get", "list", "watch", "create", "update", "patch", "delete", "escalate", "bind"]
+# Allow hub to manage coordination.k8s.io/lease
+- apiGroups: ["coordination.k8s.io"]
+  resources: ["leases"]
+  verbs: ["get", "list", "watch", "create", "delete", "update"]
 # Allow hub to manage managedclusters
 - apiGroups: ["cluster.open-cluster-management.io"]
   resources: ["managedclusters"]