andata
/
rancher-charts
mirror of https://git.rancher.io/charts
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

add condition to check for PSP capability in rancher-istio

pull/2266/head
Vaishnav Gaikwad 2022-12-14 16:06:50 +05:30
parent 8a1c24826b
commit 489933f001
6 changed files with 11 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
packages/rancher-istio/1.15/rancher-istio/charts/templates/clusterrole.yaml vendored
View File

@ -122,6 +122,7 @@ rules:
- serviceaccounts - serviceaccounts
verbs: verbs:
- '*' - '*'
{{- if and .Values.global.rbac.pspEnabled (.Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy") }}
- apiGroups: - apiGroups:
- policy - policy
resourceNames: resourceNames:
@ -130,3 +131,4 @@ rules:
- podsecuritypolicies - podsecuritypolicies
verbs: verbs:
- use - use
{{- end }}

2
packages/rancher-istio/1.15/rancher-istio/charts/templates/istio-cni-psp.yaml vendored
View File

@ -1,4 +1,5 @@
{{- if .Values.global.rbac.pspEnabled }} {{- if .Values.global.rbac.pspEnabled }}
{{- if .Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy" }}
apiVersion: policy/v1beta1 apiVersion: policy/v1beta1
kind: PodSecurityPolicy kind: PodSecurityPolicy
metadata: metadata:
@ -49,3 +50,4 @@ rules:
verbs: verbs:
- use - use
{{- end }} {{- end }}
{{- end }}

2
packages/rancher-istio/1.15/rancher-istio/charts/templates/istio-install-psp.yaml vendored
View File

@ -1,4 +1,5 @@
{{- if .Values.global.rbac.pspEnabled }} {{- if .Values.global.rbac.pspEnabled }}
{{- if .Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy" }}
apiVersion: policy/v1beta1 apiVersion: policy/v1beta1
kind: PodSecurityPolicy kind: PodSecurityPolicy
metadata: metadata:
@ -28,3 +29,4 @@ spec:
- 'configMap' - 'configMap'
- 'secret' - 'secret'
{{- end }} {{- end }}
{{- end }}

2
packages/rancher-istio/1.15/rancher-istio/charts/templates/istio-psp.yaml vendored
View File

@ -1,4 +1,5 @@
{{- if .Values.global.rbac.pspEnabled }} {{- if .Values.global.rbac.pspEnabled }}
{{- if .Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy" }}
apiVersion: rbac.authorization.k8s.io/v1 apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding kind: RoleBinding
metadata: metadata:
@ -79,3 +80,4 @@ spec:
- downwardAPI - downwardAPI
- persistentVolumeClaim - persistentVolumeClaim
{{- end }} {{- end }}
{{- end }}

2
packages/rancher-istio/1.15/rancher-istio/package.yaml vendored
View File

@ -1,2 +1,2 @@
url: local url: local
version: 101.1.0+up1.15.3 version: 101.1.1+up1.15.3

1
release.yaml
View File

@ -24,6 +24,7 @@ rancher-eks-operator-crd:
- 101.2.0+up1.2.0-rc2 - 101.2.0+up1.2.0-rc2
rancher-istio: rancher-istio:
- 101.1.0+up1.15.3 - 101.1.0+up1.15.3
- 101.1.1+up1.15.3
rancher-logging-crd: rancher-logging-crd:
- 101.1.0+up3.17.10 - 101.1.0+up3.17.10
rancher-monitoring: rancher-monitoring: