andata
/
rancher-partner-charts
mirror of https://git.rancher.io/partner-charts
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
rancher-partner-charts/charts/codefresh/cf-runtime/6.3.54/templates/runtime/rbac.yaml

49 lines
1.1 KiB
YAML
Raw Blame History

{{ $values := .Values.runtime }}
---
{{- if or $values.serviceAccount.create }}
apiVersion: v1
kind: ServiceAccount
metadata:
{{- /* has to be a constant */}}
name: codefresh-engine
labels:
{{- include "runtime.labels" . | nindent 4 }}
{{- with $values.serviceAccount.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
{{- end }}
---
{{- if $values.rbac.create }}
kind: Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: codefresh-engine
labels:
{{- include "runner.labels" . | nindent 4 }}
rules:
- apiGroups: [ "" ]
resources: [ "secrets" ]
verbs: [ "get" ]
{{- with $values.rbac.rules }}
{{ toYaml . | nindent 2 }}
{{- end }}
{{- end }}
---
{{- if and $values.serviceAccount.create $values.rbac.create }}
kind: RoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: codefresh-engine
labels:
{{- include "runner.labels" . | nindent 4 }}
subjects:
- kind: ServiceAccount
name: codefresh-engine
roleRef:
kind: Role
name: codefresh-engine
apiGroup: rbac.authorization.k8s.io
{{- end }}
Reference in New Issue View Git Blame Copy Permalink