feat: add OpenTelemetry RBAC configuration with ServiceAccount and ClusterRole

Signed-off-by: zhenyus <zhenyus@mathmast.com>

freeleaps/helm-pkg/authentication/templates/authentication/opentelemetry-rbac.yaml

@@ -0,0 +1,46 @@
+{{- if .Values.logIngest.enabled }}
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ .Release.Name }}-otel-collector
+  namespace: {{ .Release.Namespace }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ .Release.Name }}-otel-collector
+rules:
+  - apiGroups: [""]
+    resources:
+      - pods
+      - namespaces
+      - nodes
+    verbs:
+      - get
+      - watch
+      - list
+  - apiGroups: ["apps"]
+    resources:
+      - replicasets
+      - deployments
+      - statefulsets
+      - daemonsets
+    verbs:
+      - get
+      - watch
+      - list
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ .Release.Name }}-otel-collector
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ .Release.Name }}-otel-collector
+subjects:
+  - kind: ServiceAccount
+    name: {{ .Release.Name }}-otel-collector
+    namespace: {{ .Release.Namespace }}
+{{- end }}

freeleaps/helm-pkg/authentication/templates/authentication/opentelemetry.yaml

@@ -7,6 +7,7 @@ metadata:
 spec:
   mode: sidecar
   image: ghcr.io/open-telemetry/opentelemetry-collector-releases/opentelemetry-collector-contrib:latest
+  serviceAccount: {{ .Release.Name }}-otel-collector
   config:
     receivers:
       filelog: