From c302b805e7cb47ec4bcf8ad8e5fab37a57c8f344 Mon Sep 17 00:00:00 2001
From: ben-dov <ben.d@claroty.com>
Date: Tue, 25 Nov 2025 17:54:57 +0200
Subject: [PATCH 1/5] .

Signed-off-by: ben-dov <ben.d@claroty.com>
---
 .../fluent-operator/templates/fluent-operator-clusterRole.yaml | 3 +++
 charts/fluent-operator/values.yaml                             | 3 +++
 2 files changed, 6 insertions(+)

diff --git a/charts/fluent-operator/templates/fluent-operator-clusterRole.yaml b/charts/fluent-operator/templates/fluent-operator-clusterRole.yaml
index d9f62c8d2..a4feb5f99 100644
--- a/charts/fluent-operator/templates/fluent-operator-clusterRole.yaml
+++ b/charts/fluent-operator/templates/fluent-operator-clusterRole.yaml
@@ -145,4 +145,7 @@ rules:
       - get
       - watch
       - patch
+  {{- if .Values.extraRbacRules }}
+    {{- toYaml .Values.extraRbacRules | nindent 2 }}
+  {{- end }}
 {{- end }}
diff --git a/charts/fluent-operator/values.yaml b/charts/fluent-operator/values.yaml
index 3c332d637..0508c038e 100644
--- a/charts/fluent-operator/values.yaml
+++ b/charts/fluent-operator/values.yaml
@@ -34,6 +34,9 @@ operator:
       name: fluent-operator
     clusterRoleBinding:
       name: fluent-operator
+    # Adds additional permissions to Fluent Operator, since operator cannot give permissions it does not have.
+    # Use case includes adding permission to a custom fluent-bit deployment to access kubelet.
+    AdditionalRbacRules: {}
   # Container security context for Fluent Operator container. Ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
   securityContext: {}
   # Fluent Operator resources. Usually user needn't to adjust these.

From 930b320c86e596fb6431a9441f14c1aadad62c86 Mon Sep 17 00:00:00 2001
From: ben-dov <ben.d@claroty.com>
Date: Tue, 25 Nov 2025 18:09:10 +0200
Subject: [PATCH 2/5] .

Signed-off-by: ben-dov <ben.d@claroty.com>
---
 .../templates/fluent-operator-clusterRole.yaml                | 4 ++--
 charts/fluent-operator/values.yaml                            | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/charts/fluent-operator/templates/fluent-operator-clusterRole.yaml b/charts/fluent-operator/templates/fluent-operator-clusterRole.yaml
index a4feb5f99..55e552511 100644
--- a/charts/fluent-operator/templates/fluent-operator-clusterRole.yaml
+++ b/charts/fluent-operator/templates/fluent-operator-clusterRole.yaml
@@ -145,7 +145,7 @@ rules:
       - get
       - watch
       - patch
-  {{- if .Values.extraRbacRules }}
-    {{- toYaml .Values.extraRbacRules | nindent 2 }}
+  {{- with .Values.rbac.AdditionalRules }}
+    {{- toYaml . | nindent 2 }}
   {{- end }}
 {{- end }}
diff --git a/charts/fluent-operator/values.yaml b/charts/fluent-operator/values.yaml
index 0508c038e..deaa96c80 100644
--- a/charts/fluent-operator/values.yaml
+++ b/charts/fluent-operator/values.yaml
@@ -36,7 +36,7 @@ operator:
       name: fluent-operator
     # Adds additional permissions to Fluent Operator, since operator cannot give permissions it does not have.
     # Use case includes adding permission to a custom fluent-bit deployment to access kubelet.
-    AdditionalRbacRules: {}
+    AdditionalRules: {}
   # Container security context for Fluent Operator container. Ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
   securityContext: {}
   # Fluent Operator resources. Usually user needn't to adjust these.

From 11cd2f12506109a006fbca2becf6cc8c6c4f9f60 Mon Sep 17 00:00:00 2001
From: ben-dov <ben.d@claroty.com>
Date: Tue, 25 Nov 2025 18:09:54 +0200
Subject: [PATCH 3/5] .

Signed-off-by: ben-dov <ben.d@claroty.com>
---
 .../fluent-operator/templates/fluent-operator-clusterRole.yaml  | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/charts/fluent-operator/templates/fluent-operator-clusterRole.yaml b/charts/fluent-operator/templates/fluent-operator-clusterRole.yaml
index 55e552511..0176c2413 100644
--- a/charts/fluent-operator/templates/fluent-operator-clusterRole.yaml
+++ b/charts/fluent-operator/templates/fluent-operator-clusterRole.yaml
@@ -145,7 +145,7 @@ rules:
       - get
       - watch
       - patch
-  {{- with .Values.rbac.AdditionalRules }}
+  {{- with .Values.operator.rbac.AdditionalRules }}
     {{- toYaml . | nindent 2 }}
   {{- end }}
 {{- end }}

From 1f4bf01abba6fddf37f1d101e99ef38ce2624010 Mon Sep 17 00:00:00 2001
From: ben-dov <ben.d@claroty.com>
Date: Tue, 25 Nov 2025 18:11:43 +0200
Subject: [PATCH 4/5] .

Signed-off-by: ben-dov <ben.d@claroty.com>
---
 charts/fluent-operator/values.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/charts/fluent-operator/values.yaml b/charts/fluent-operator/values.yaml
index deaa96c80..a67e9c44b 100644
--- a/charts/fluent-operator/values.yaml
+++ b/charts/fluent-operator/values.yaml
@@ -36,7 +36,7 @@ operator:
       name: fluent-operator
     # Adds additional permissions to Fluent Operator, since operator cannot give permissions it does not have.
     # Use case includes adding permission to a custom fluent-bit deployment to access kubelet.
-    AdditionalRules: {}
+    AdditionalRules: []
   # Container security context for Fluent Operator container. Ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
   securityContext: {}
   # Fluent Operator resources. Usually user needn't to adjust these.

From 3d77b6db8738702957ed37880a96700fa4ac18f7 Mon Sep 17 00:00:00 2001
From: ben-dov <ben.d@claroty.com>
Date: Wed, 26 Nov 2025 08:57:14 +0200
Subject: [PATCH 5/5] fix casing

Signed-off-by: ben-dov <ben.d@claroty.com>
---
 .../fluent-operator/templates/fluent-operator-clusterRole.yaml  | 2 +-
 charts/fluent-operator/values.yaml                              | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/charts/fluent-operator/templates/fluent-operator-clusterRole.yaml b/charts/fluent-operator/templates/fluent-operator-clusterRole.yaml
index 0176c2413..232022c83 100644
--- a/charts/fluent-operator/templates/fluent-operator-clusterRole.yaml
+++ b/charts/fluent-operator/templates/fluent-operator-clusterRole.yaml
@@ -145,7 +145,7 @@ rules:
       - get
       - watch
       - patch
-  {{- with .Values.operator.rbac.AdditionalRules }}
+  {{- with .Values.operator.rbac.additionalRules }}
     {{- toYaml . | nindent 2 }}
   {{- end }}
 {{- end }}
diff --git a/charts/fluent-operator/values.yaml b/charts/fluent-operator/values.yaml
index a67e9c44b..d078620a8 100644
--- a/charts/fluent-operator/values.yaml
+++ b/charts/fluent-operator/values.yaml
@@ -36,7 +36,7 @@ operator:
       name: fluent-operator
     # Adds additional permissions to Fluent Operator, since operator cannot give permissions it does not have.
     # Use case includes adding permission to a custom fluent-bit deployment to access kubelet.
-    AdditionalRules: []
+    additionalRules: []
   # Container security context for Fluent Operator container. Ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
   securityContext: {}
   # Fluent Operator resources. Usually user needn't to adjust these.