From 2f7128a51c53f9641bffa48c0a95c407f2033957 Mon Sep 17 00:00:00 2001
From: zhenyus <zhenyus@mathmast.com>
Date: Fri, 9 May 2025 13:10:13 +0800
Subject: [PATCH] feat: update namespaces and add RBAC roles for freeleaps data
 platform and monitoring systems

Signed-off-by: zhenyus <zhenyus@mathmast.com>
---
 .../freeleaps-controls-system/rbac/rbac.yaml  |  9 +++++++++
 .../freeleaps-data-platform/namespace.yaml    |  4 ++--
 .../freeleaps-data-platform/rbac/rbac.yaml    |  9 +++++++++
 .../rbac/rbac.yaml                            | 19 +++++++++++++++++++
 4 files changed, 39 insertions(+), 2 deletions(-)
 create mode 100644 cluster/manifests/freeleaps-controls-system/rbac/rbac.yaml
 create mode 100644 cluster/manifests/freeleaps-data-platform/rbac/rbac.yaml
 create mode 100644 cluster/manifests/freeleaps-monitoring-system/rbac/rbac.yaml

diff --git a/cluster/manifests/freeleaps-controls-system/rbac/rbac.yaml b/cluster/manifests/freeleaps-controls-system/rbac/rbac.yaml
new file mode 100644
index 00000000..90e42dd1
--- /dev/null
+++ b/cluster/manifests/freeleaps-controls-system/rbac/rbac.yaml
@@ -0,0 +1,9 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+  name: certificate-contributor
+  namespace: freeleaps-controls-system
+rules:
+  - apiGroups: ["cert-manager.io"]
+    resources: ["certificates"]
+    verbs: ["*"]
\ No newline at end of file
diff --git a/cluster/manifests/freeleaps-data-platform/namespace.yaml b/cluster/manifests/freeleaps-data-platform/namespace.yaml
index 4329c2fe..e7df1b51 100644
--- a/cluster/manifests/freeleaps-data-platform/namespace.yaml
+++ b/cluster/manifests/freeleaps-data-platform/namespace.yaml
@@ -1,6 +1,6 @@
 apiVersion: v1
 kind: Namespace
 metadata:
-  name: freeleaps-devops-system
+  name: freeleaps-data-platform
   labels:
-    name: freeleaps-devops-system
+    name: freeleaps-data-platform
diff --git a/cluster/manifests/freeleaps-data-platform/rbac/rbac.yaml b/cluster/manifests/freeleaps-data-platform/rbac/rbac.yaml
new file mode 100644
index 00000000..eb98fe38
--- /dev/null
+++ b/cluster/manifests/freeleaps-data-platform/rbac/rbac.yaml
@@ -0,0 +1,9 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+  name: data-platform-contributor
+  namespace: freeleaps-data-platform
+rules:
+  - apiGroups: ["*"]
+    resources: ["*"]
+    verbs: ["*"]
\ No newline at end of file
diff --git a/cluster/manifests/freeleaps-monitoring-system/rbac/rbac.yaml b/cluster/manifests/freeleaps-monitoring-system/rbac/rbac.yaml
new file mode 100644
index 00000000..24039d4d
--- /dev/null
+++ b/cluster/manifests/freeleaps-monitoring-system/rbac/rbac.yaml
@@ -0,0 +1,19 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+  name: prometheus-rules-contributor
+  namespace: freeleaps-monitoring-system
+rules:
+  - apiGroups: ["monitoring.coreos.com"]
+    resources: ["prometheusrules"]
+    verbs: ["*"]
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+  name: service-monitor-contributor
+  namespace: freeleaps-monitoring-system
+rules:
+  - apiGroups: ["monitoring.coreos.com"]
+    resources: ["servicemonitors"]
+    verbs: ["*"]
\ No newline at end of file