Feature: Support Additional RBAC Rules in Fluent Operator ClusterRole

[snoop123]

Is your feature request related to a problem? Please describe.

Problem

As fluent-bit & fluentd are managed by the fluent-operator, fluent-bit & fluentd can only be granted permissions the operator also has.
We want to be able to add additional RBAC rules to fluent-operator ClusterRole in order to have this flexibility in the dependent services.

Describe the solution you'd like

Add a way to extend the operator's ClusterRole permissions:

values.yaml: example

extraRbacRules:
   - apiGroups: [""]
      resources: ["pods"]
      verbs: ["get", "list"]

fluent-operator-clusterRole.yaml:

rules:
  ...
  {{- if .Values.extraRbacRules }}
    {{- toYaml .Values.extraRbacRules | nindent 2 }}
  {{- end }}

If this change is too complex, I would appreciate if you could just add pod 'list' permissions:

- apiGroups:
    - ""
   resources:
    - pods
   verbs:
     - get
     - list

https://github.com/fluent/fluent-operator/blob/master/charts/fluent-operator/templates/fluent-operator-clusterRole.yaml#L28

Additional context

No response

[cw-Guo]

similar request #1399