rancher-partner-charts/charts/dynatrace/dynatrace-operator/0.15.0/templates/Common/csi/clusterrole-csi.yaml

{{- include "dynatrace-operator.platformRequired" . }}
{{ if eq (include "dynatrace-operator.needCSI" .) "true" }}
# Copyright 2021 Dynatrace LLC

# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at

#     http://www.apache.org/licenses/LICENSE-2.0

# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: dynatrace-oneagent-csi-driver
  labels:
    {{- include "dynatrace-operator.csiLabels" . | nindent 4 }}
rules:
  - apiGroups:
      - ""
    resources:
      - namespaces
    verbs:
      - get
      - list
      - watch
  - apiGroups:
      - ""
    resources:
      - events
    verbs:
      - list
      - watch
      - create
      - update
      - patch
  - apiGroups:
      - storage.k8s.io
    resources:
      - csinodes
    verbs:
      - get
      - list
      - watch
  - apiGroups:
      - ""
    resources:
      - nodes
    verbs:
      - get
      - list
      - watch
  - apiGroups:
      - ""
    resources:
      - pods
    verbs:
      - get
      - list
      - watch
  {{- if (eq (include "dynatrace-operator.platform" .) "openshift") }}
  - apiGroups:
      - security.openshift.io
    resourceNames:
      - privileged
    resources:
      - securitycontextconstraints
    verbs:
      - use
  {{ end }}
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: dynatrace-oneagent-csi-driver
  labels:
    {{- include "dynatrace-operator.csiLabels" . | nindent 4 }}
subjects:
  - kind: ServiceAccount
    name: dynatrace-oneagent-csi-driver
    namespace: {{ .Release.Namespace }}
roleRef:
  kind: ClusterRole
  name: dynatrace-oneagent-csi-driver
  apiGroup: rbac.authorization.k8s.io
{{- end -}}
Charts CI ``` Updated: argo/argo-cd: - 5.15.0 asserts/asserts: - 1.15.0 bitnami/airflow: - 14.0.4 bitnami/kafka: - 19.1.4 crate/crate-operator: - 2.19.0 dynatrace/dynatrace-operator: - 0.10.0 f5/nginx-ingress: - 0.15.2 jfrog/artifactory-ha: - 107.46.17 jfrog/artifactory-jcr: - 107.46.17 ``` 2022-11-30 19:11:32 +00:00			`{{- include "dynatrace-operator.platformRequired" . }}`
			`{{ if eq (include "dynatrace-operator.needCSI" .) "true" }}`
			`# Copyright 2021 Dynatrace LLC`

			`# Licensed under the Apache License, Version 2.0 (the "License");`
			`# you may not use this file except in compliance with the License.`
			`# You may obtain a copy of the License at`

			`# http://www.apache.org/licenses/LICENSE-2.0`

			`# Unless required by applicable law or agreed to in writing, software`
			`# distributed under the License is distributed on an "AS IS" BASIS,`
			`# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.`
			`# See the License for the specific language governing permissions and`
			`# limitations under the License.`
			`kind: ClusterRole`
			`apiVersion: rbac.authorization.k8s.io/v1`
			`metadata:`
			`name: dynatrace-oneagent-csi-driver`
			`labels:`
			`{{- include "dynatrace-operator.csiLabels" . \| nindent 4 }}`
			`rules:`
			`- apiGroups:`
			`- ""`
			`resources:`
			`- namespaces`
			`verbs:`
			`- get`
			`- list`
			`- watch`
			`- apiGroups:`
			`- ""`
			`resources:`
			`- events`
			`verbs:`
			`- list`
			`- watch`
			`- create`
			`- update`
			`- patch`
			`- apiGroups:`
			`- storage.k8s.io`
			`resources:`
			`- csinodes`
			`verbs:`
			`- get`
			`- list`
			`- watch`
			`- apiGroups:`
			`- ""`
			`resources:`
			`- nodes`
			`verbs:`
			`- get`
			`- list`
			`- watch`
			`- apiGroups:`
			`- ""`
			`resources:`
			`- pods`
			`verbs:`
			`- get`
			`- list`
			`- watch`
Charts CI ``` Updated: argo/argo-cd: - 5.46.8 asserts/asserts: - 1.59.0 bitnami/airflow: - 16.0.5 bitnami/cassandra: - 10.5.8 bitnami/kafka: - 25.3.5 bitnami/mariadb: - 14.0.2 bitnami/mysql: - 9.12.5 bitnami/postgresql: - 13.1.5 bitnami/redis: - 18.1.5 bitnami/spark: - 8.0.1 bitnami/tomcat: - 10.10.9 bitnami/wordpress: - 18.0.6 bitnami/zookeeper: - 12.1.6 dynatrace/dynatrace-operator: - 0.14.0 external-secrets/external-secrets: - 0.9.6 f5/nginx-ingress: - 1.0.1 gluu/gluu: - 5.0.23 instana/instana-agent: - 1.2.65 jenkins/jenkins: - 4.7.2 kubecost/cost-analyzer: - 1.106.3 kuma/kuma: - 2.4.3 minio/minio-operator: - 5.0.10 nats/nats: - 1.1.1 new-relic/nri-bundle: - 5.0.40 prophetstor/federatorai: - 5.1.5 redpanda/redpanda: - 5.6.17 speedscale/speedscale-operator: - 1.3.39 sysdig/sysdig: - 1.16.15 yugabyte/yugabyte: - 2.16.8 yugabyte/yugaware: - 2.16.8 ``` 2023-10-16 14:41:26 +00:00			`{{- if (eq (include "dynatrace-operator.platform" .) "openshift") }}`
Charts CI ``` Updated: argo/argo-cd: - 5.36.6 bitnami/wordpress: - 16.1.18 bitnami/zookeeper: - 11.4.3 cockroach-labs/cockroachdb: - 11.0.3 codefresh/cf-runtime: - 1.0.8 crowdstrike/falcon-sensor: - 1.20.1 datadog/datadog: - 3.32.4 dh2i/dxemssql: - 1.0.4 dynatrace/dynatrace-operator: - 0.12.0 gopaddle/gopaddle: - 4.2.7 haproxy/haproxy: - 1.30.6 intel/intel-device-plugins-operator: - 0.27.1 intel/intel-device-plugins-qat: - 0.27.1 intel/intel-device-plugins-sgx: - 0.27.1 kuma/kuma: - 2.2.2 new-relic/nri-bundle: - 5.0.20 pixie/pixie-operator-chart: - 0.1.4 redpanda/redpanda: - 4.0.45 speedscale/speedscale-operator: - 1.3.17 weka/csi-wekafsplugin: - 2.1.0 ``` 2023-06-22 17:07:06 +00:00			`- apiGroups:`
			`- security.openshift.io`
			`resourceNames:`
			`- privileged`
			`resources:`
			`- securitycontextconstraints`
			`verbs:`
			`- use`
			`{{ end }}`
			`---`
			`kind: ClusterRoleBinding`
			`apiVersion: rbac.authorization.k8s.io/v1`
			`metadata:`
			`name: dynatrace-oneagent-csi-driver`
			`labels:`
			`{{- include "dynatrace-operator.csiLabels" . \| nindent 4 }}`
			`subjects:`
			`- kind: ServiceAccount`
			`name: dynatrace-oneagent-csi-driver`
			`namespace: {{ .Release.Namespace }}`
			`roleRef:`
			`kind: ClusterRole`
			`name: dynatrace-oneagent-csi-driver`
			`apiGroup: rbac.authorization.k8s.io`
Charts CI ``` Updated: argo/argo-cd: - 5.15.0 asserts/asserts: - 1.15.0 bitnami/airflow: - 14.0.4 bitnami/kafka: - 19.1.4 crate/crate-operator: - 2.19.0 dynatrace/dynatrace-operator: - 0.10.0 f5/nginx-ingress: - 0.15.2 jfrog/artifactory-ha: - 107.46.17 jfrog/artifactory-jcr: - 107.46.17 ``` 2022-11-30 19:11:32 +00:00			`{{- end -}}`