From 9e4cc61e30a2ab3515c82b85802056d89fda663a Mon Sep 17 00:00:00 2001
From: Marcin-Ramotowski <marcin00.mr@gmail.com>
Date: Sat, 2 Aug 2025 14:22:45 +0200
Subject: [PATCH] Added permissions for ui user to read workflows in
 argo-events namespace

---
 .../argo-workflow-manager-role.yaml           | 23 +++++++++++++++++++
 1 file changed, 23 insertions(+)
 create mode 100644 argo-workflows/argo-workflow-manager-role.yaml

diff --git a/argo-workflows/argo-workflow-manager-role.yaml b/argo-workflows/argo-workflow-manager-role.yaml
new file mode 100644
index 0000000..887b961
--- /dev/null
+++ b/argo-workflows/argo-workflow-manager-role.yaml
@@ -0,0 +1,23 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+  name: argo-workflow-manager
+  namespace: argo-events
+rules:
+  - apiGroups: ["argoproj.io"]
+    resources: ["workflows", "workflowtemplates", "cronworkflows"]
+    verbs: ["get", "list", "watch"]
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+  name: argo-ui-user-read-access
+  namespace: argo-events
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: Role
+  name: argo-workflow-manager
+subjects:
+  - kind: ServiceAccount
+    name: argo-ui-user
+    namespace: argo