From 34e60849d42a2a0800d5188b9d137e2207459fa0 Mon Sep 17 00:00:00 2001
From: Zachary Seguin <zachary@zacharyseguin.ca>
Date: Mon, 20 Dec 2021 22:12:17 -0500
Subject: [PATCH] fix: Fix access to PDNS API key secrets in other namespaces

---
 deploy/cert-manager-webhook-pdns/Chart.yaml          | 2 +-
 deploy/cert-manager-webhook-pdns/templates/rbac.yaml | 6 +++---
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/deploy/cert-manager-webhook-pdns/Chart.yaml b/deploy/cert-manager-webhook-pdns/Chart.yaml
index 1c5e1f3..e55ac4f 100644
--- a/deploy/cert-manager-webhook-pdns/Chart.yaml
+++ b/deploy/cert-manager-webhook-pdns/Chart.yaml
@@ -1,6 +1,6 @@
 apiVersion: v2
 name: cert-manager-webhook-pdns
-version: 1.0.0
+version: 1.1.0
 description: Cert Manager Webhook for PowerDNS.
 type: application
 home: https://github.com/zachomedia/cert-manager-webhook-pdns
diff --git a/deploy/cert-manager-webhook-pdns/templates/rbac.yaml b/deploy/cert-manager-webhook-pdns/templates/rbac.yaml
index 5b575f7..8fe3857 100644
--- a/deploy/cert-manager-webhook-pdns/templates/rbac.yaml
+++ b/deploy/cert-manager-webhook-pdns/templates/rbac.yaml
@@ -12,7 +12,7 @@ metadata:
 # apiserver's requestheader-ca-certificate.
 # This ConfigMap is automatically created by the Kubernetes apiserver.
 apiVersion: rbac.authorization.k8s.io/v1
-kind: RoleBinding
+kind: ClusterRoleBinding
 metadata:
   name: {{ include "cert-manager-webhook-pdns.fullname" . }}
   labels:
@@ -22,7 +22,7 @@ metadata:
     heritage: {{ .Release.Service }}
 roleRef:
   apiGroup: rbac.authorization.k8s.io
-  kind: Role
+  kind: ClusterRole
   name: {{ include "cert-manager-webhook-pdns.fullname" . }}
 subjects:
   - apiGroup: ""
@@ -32,7 +32,7 @@ subjects:
 ---
 # Grant cert-manager permission to validate using our apiserver
 apiVersion: rbac.authorization.k8s.io/v1
-kind: Role
+kind: ClusterRole
 metadata:
   name: {{ include "cert-manager-webhook-pdns.fullname" . }}
   labels: