| Sylvain Desbureaux | 4534881 | 2020-05-19 17:46:54 +0200 | [diff] [blame] | 1 | {{/* |
| 2 | # Copyright © 2020 Orange |
| 3 | # |
| 4 | # Licensed under the Apache License, Version 2.0 (the "License"); |
| 5 | # you may not use this file except in compliance with the License. |
| 6 | # You may obtain a copy of the License at |
| 7 | # |
| 8 | # http://www.apache.org/licenses/LICENSE-2.0 |
| 9 | # |
| 10 | # Unless required by applicable law or agreed to in writing, software |
| 11 | # distributed under the License is distributed on an "AS IS" BASIS, |
| 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 13 | # See the License for the specific language governing permissions and |
| 14 | # limitations under the License. |
| 15 | */}} |
| 16 | |
| 17 | {{- $dot := . -}} |
| 18 | {{- range $role_type := $dot.Values.roles }} |
| 19 | --- |
| 20 | apiVersion: rbac.authorization.k8s.io/v1 |
| 21 | # This cluster role binding allows anyone in the "manager" group to read secrets in any namespace. |
| 22 | kind: RoleBinding |
| 23 | metadata: |
| 24 | name: {{ include "common.fullname" (dict "suffix" $role_type "dot" $dot )}} |
| 25 | namespace: {{ include "common.namespace" $dot }} |
| 26 | subjects: |
| 27 | - kind: ServiceAccount |
| 28 | name: {{ include "common.fullname" (dict "suffix" $role_type "dot" $dot )}} |
| 29 | roleRef: |
| 30 | kind: Role |
| 31 | name: {{ include "common.fullname" (dict "suffix" $role_type "dot" $dot )}} |
| 32 | apiGroup: rbac.authorization.k8s.io |
| 33 | {{- end }} |