jonny/charts
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
8d6d86e71f
charts/stackgres-operator/templates/extensions-cache-service-account.yaml
Jonny Ervine db34ed82a3 Add stackgres chart
2024-05-30 20:42:52 +08:00

103 lines
2.6 KiB
YAML
Raw Blame History

{{- if .Values.extensions.cache.enabled }}
apiVersion: v1
kind: ServiceAccount
metadata:
name: {{ .Release.Name }}-extensions-cache
namespace: {{ .Release.Namespace }}
annotations:
meta.helm.sh/release-name: {{ .Release.Name }}
meta.helm.sh/release-namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/managed-by: Helm
{{- if .Values.serviceAccount.repoCredentials }}
imagePullSecrets:
{{- range .Values.serviceAccount.repoCredentials }}
- name: {{ . }}
{{- end }}
{{- end }}
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: {{ .Release.Name }}-extensions-cache
annotations:
meta.helm.sh/release-name: {{ .Release.Name }}
meta.helm.sh/release-namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/managed-by: Helm
rules:
- apiGroups: ["stackgres.io"]
resources:
- sgclusters
- sgdistributedlogs
verbs:
- list
- get
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: {{ .Release.Name }}-extensions-cache
annotations:
meta.helm.sh/release-name: {{ .Release.Name }}
meta.helm.sh/release-namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/managed-by: Helm
subjects:
- kind: ServiceAccount
name: {{ .Release.Name }}-extensions-cache
namespace: {{ .Release.Namespace }}
roleRef:
kind: ClusterRole
name: {{ .Release.Name }}-extensions-cache
apiGroup: rbac.authorization.k8s.io
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
namespace: {{ .Release.Namespace }}
name: {{ .Release.Name }}-extensions-cache
annotations:
meta.helm.sh/release-name: {{ .Release.Name }}
meta.helm.sh/release-namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/managed-by: Helm
rules:
- apiGroups: ["", "apps"]
resources:
- serviceaccounts
- statefulsets
verbs:
- get
- patch
- update
resourceNames:
- {{ .Release.Name }}-extensions-cache
- apiGroups: [""]
resources:
- pods
verbs:
- delete
resourceNames:
- {{ .Release.Name }}-extensions-cache-0
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
namespace: {{ .Release.Namespace }}
name: {{ .Release.Name }}-extensions-cache
annotations:
meta.helm.sh/release-name: {{ .Release.Name }}
meta.helm.sh/release-namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/managed-by: Helm
subjects:
- kind: ServiceAccount
name: {{ .Release.Name }}-extensions-cache
namespace: {{ .Release.Namespace }}
roleRef:
kind: Role
name: {{ .Release.Name }}-extensions-cache
apiGroup: rbac.authorization.k8s.io
{{- end }}
Reference in New Issue View Git Blame Copy Permalink