From 1a59b711ca19d44ca203830929c2f926db13991d Mon Sep 17 00:00:00 2001
From: Aviram Hassan <aviram@metalbear.co>
Date: Tue, 13 Feb 2024 21:10:12 +0200
Subject: [PATCH] Add missing permissions needed by operator for copy and
 scaledown (#2236)

---
 changelog.d/+operator-role-issue.fixed.md | 1 +
 mirrord/operator/src/setup.rs             | 7 +++++++
 2 files changed, 8 insertions(+)
 create mode 100644 changelog.d/+operator-role-issue.fixed.md

diff --git a/changelog.d/+operator-role-issue.fixed.md b/changelog.d/+operator-role-issue.fixed.md
new file mode 100644
index 00000000000..c03f41a12ec
--- /dev/null
+++ b/changelog.d/+operator-role-issue.fixed.md
@@ -0,0 +1 @@
+Add missing permissions needed by operator for copy and scaledown
\ No newline at end of file
diff --git a/mirrord/operator/src/setup.rs b/mirrord/operator/src/setup.rs
index 2b084a39964..4b024e17cae 100644
--- a/mirrord/operator/src/setup.rs
+++ b/mirrord/operator/src/setup.rs
@@ -404,12 +404,19 @@ impl OperatorRole {
                         "pods/log".to_owned(),
                         "pods/ephemeralcontainers".to_owned(),
                         "deployments".to_owned(),
+                        "deployments/scale".to_owned(),
                         "jobs".to_owned(),
                         "rollouts".to_owned(),
                     ]),
                     verbs: vec!["get".to_owned(), "list".to_owned(), "watch".to_owned()],
                     ..Default::default()
                 },
+                PolicyRule {
+                    api_groups: Some(vec!["apps".to_owned()]),
+                    resources: Some(vec!["deployments/scale".to_owned()]),
+                    verbs: vec!["patch".to_owned()],
+                    ..Default::default()
+                },
                 PolicyRule {
                     api_groups: Some(vec!["batch".to_owned()]),
                     resources: Some(vec!["jobs".to_owned()]),