argocd-helm/charts/argo-events/templates/argo-events-controller/rbac.yaml

{{- if .Values.controller.rbac.enabled }}
apiVersion: rbac.authorization.k8s.io/v1
kind: {{ .Values.controller.rbac.namespaced | ternary "Role" "ClusterRole" }}
metadata:
  name: {{ include "argo-events.controller.fullname" . }}
  {{- if .Values.controller.rbac.namespaced }}
  namespace: {{ include "argo-events.namespace" . | quote }}
  {{- end }}
  labels:
    {{- include "argo-events.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }}
rules:
{{- if .Values.openshift }}
- apiGroups:
  - apps
  resources:
  - deployments/finalizers
  verbs:
  - update
  {{- if not .Values.controller.rbac.namespaced }}
- apiGroups:
  - rbac.authorization.k8s.io
  resources:
  - clusterroles/finalizers
  verbs:
  - update
  {{- end }}
{{- end }}
{{- with .Values.controller.rbac.rules }}
  {{- toYaml . | nindent 0 }}
{{- end }}
- apiGroups:
  - ""
  resources:
  - events
  verbs:
  - create
  - patch
- apiGroups:
  - coordination.k8s.io
  resources:
  - leases
  verbs:
  - get
  - list
  - watch
  - create
  - update
  - patch
  - delete
- apiGroups:
  - argoproj.io
  resources:
  - sensors
  - sensors/finalizers
  - sensors/status
  - eventsources
  - eventsources/finalizers
  - eventsources/status
  - eventbus
  - eventbus/finalizers
  - eventbus/status
  verbs:
  - create
  - delete
  - deletecollection
  - get
  - list
  - patch
  - update
  - watch
- apiGroups:
  - ""
  resources:
  - pods
  - pods/exec
  - configmaps
  - services
  - persistentvolumeclaims
  verbs:
  - create
  - get
  - list
  - watch
  - update
  - patch
  - delete
- apiGroups:
  - ""
  resources:
  - secrets
  verbs:
  - create
  - get
  - list
  - update
  - patch
  - delete
- apiGroups:
  - apps
  resources:
  - deployments
  - statefulsets
  verbs:
  - create
  - get
  - list
  - watch
  - update
  - patch
  - delete
---
apiVersion: rbac.authorization.k8s.io/v1
kind: {{ .Values.controller.rbac.namespaced | ternary "RoleBinding" "ClusterRoleBinding" }}
metadata:
  name: {{ include "argo-events.controller.fullname" . }}
  labels:
    {{- include "argo-events.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }}
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: {{ .Values.controller.rbac.namespaced | ternary "Role" "ClusterRole" }}
  name: {{ include "argo-events.controller.fullname" . }}
subjects:
- kind: ServiceAccount
  name: {{ include "argo-events.controller.serviceAccountName" . }}
  namespace: {{ include "argo-events.namespace" . | quote }}
{{- end }}
feat(argo-events): Upgrade argo-events to v1.7.0 (#1269) * feat(argo-events) : Upgrade argo-events to v1.7.0 Signed-off-by: Petr Drastil <petr.drastil@gmail.com> * Fix typos Signed-off-by: Petr Drastil <petr.drastil@gmail.com> * Add missing braces Signed-off-by: Petr Drastil <petr.drastil@gmail.com> * Use templates for service account names Signed-off-by: Petr Drastil <petr.drastil@gmail.com> * Drop application labels Signed-off-by: Petr Drastil <petr.drastil@gmail.com> * Update documentation Signed-off-by: Petr Drastil <petr.drastil@gmail.com> * Move CRDs to template folder Signed-off-by: Petr Drastil <petr.drastil@gmail.com> * Disable webhook by default Signed-off-by: Petr Drastil <petr.drastil@gmail.com> * Fix indentation Signed-off-by: Petr Drastil <petr.drastil@gmail.com> * Update README Signed-off-by: Petr Drastil <petr.drastil@gmail.com> * Drop prefix from aggregate-roles Signed-off-by: Petr Drastil <petr.drastil@gmail.com> * Fix typo aggragate-roles.yaml -> aggregate-roles.yaml Signed-off-by: Marco Kilchhofer <mkilchhofer@users.noreply.github.com> * Use helm-docs.sh Signed-off-by: Marco Kilchhofer <mkilchhofer@users.noreply.github.com> * Fix typo REALEASE -> RELEASE Signed-off-by: Marco Kilchhofer <mkilchhofer@users.noreply.github.com> * Use consistent wording/style Signed-off-by: Marco Kilchhofer <mkilchhofer@users.noreply.github.com> Co-authored-by: Marco Kilchhofer <mkilchhofer@users.noreply.github.com> 2022-06-14 15:37:47 +00:00			`{{- if .Values.controller.rbac.enabled }}`
			`apiVersion: rbac.authorization.k8s.io/v1`
			`kind: {{ .Values.controller.rbac.namespaced \| ternary "Role" "ClusterRole" }}`
			`metadata:`
			`name: {{ include "argo-events.controller.fullname" . }}`
fix(argo-events): add namespace field for namespace scoped resources (#1959) * fix(argo-events): add namespace field for namespace scoped resources Signed-off-by: yu-croco <yu.croco@gmail.com> * Apply suggestion from code review Signed-off-by: Marco Kilchhofer <mkilchhofer@users.noreply.github.com> --------- Signed-off-by: Marco Kilchhofer <mkilchhofer@users.noreply.github.com> Co-authored-by: Marco Kilchhofer <mkilchhofer@users.noreply.github.com> 2023-04-13 18:38:04 +00:00			`{{- if .Values.controller.rbac.namespaced }}`
feat(argo-events): Support ability to set .Values.namespaceOverride (#2594) * feat(argo-events): Support ability to set .Values.namespaceOverride Signed-off-by: yu-croco <yu.croco@gmail.com> * fix(argo-events): update README Signed-off-by: yu-croco <yu.croco@gmail.com> --------- Signed-off-by: yu-croco <yu.croco@gmail.com> 2024-03-23 11:06:54 +00:00			`namespace: {{ include "argo-events.namespace" . \| quote }}`
fix(argo-events): add namespace field for namespace scoped resources (#1959) * fix(argo-events): add namespace field for namespace scoped resources Signed-off-by: yu-croco <yu.croco@gmail.com> * Apply suggestion from code review Signed-off-by: Marco Kilchhofer <mkilchhofer@users.noreply.github.com> --------- Signed-off-by: Marco Kilchhofer <mkilchhofer@users.noreply.github.com> Co-authored-by: Marco Kilchhofer <mkilchhofer@users.noreply.github.com> 2023-04-13 18:38:04 +00:00			`{{- end }}`
feat(argo-events): Upgrade argo-events to v1.7.0 (#1269) * feat(argo-events) : Upgrade argo-events to v1.7.0 Signed-off-by: Petr Drastil <petr.drastil@gmail.com> * Fix typos Signed-off-by: Petr Drastil <petr.drastil@gmail.com> * Add missing braces Signed-off-by: Petr Drastil <petr.drastil@gmail.com> * Use templates for service account names Signed-off-by: Petr Drastil <petr.drastil@gmail.com> * Drop application labels Signed-off-by: Petr Drastil <petr.drastil@gmail.com> * Update documentation Signed-off-by: Petr Drastil <petr.drastil@gmail.com> * Move CRDs to template folder Signed-off-by: Petr Drastil <petr.drastil@gmail.com> * Disable webhook by default Signed-off-by: Petr Drastil <petr.drastil@gmail.com> * Fix indentation Signed-off-by: Petr Drastil <petr.drastil@gmail.com> * Update README Signed-off-by: Petr Drastil <petr.drastil@gmail.com> * Drop prefix from aggregate-roles Signed-off-by: Petr Drastil <petr.drastil@gmail.com> * Fix typo aggragate-roles.yaml -> aggregate-roles.yaml Signed-off-by: Marco Kilchhofer <mkilchhofer@users.noreply.github.com> * Use helm-docs.sh Signed-off-by: Marco Kilchhofer <mkilchhofer@users.noreply.github.com> * Fix typo REALEASE -> RELEASE Signed-off-by: Marco Kilchhofer <mkilchhofer@users.noreply.github.com> * Use consistent wording/style Signed-off-by: Marco Kilchhofer <mkilchhofer@users.noreply.github.com> Co-authored-by: Marco Kilchhofer <mkilchhofer@users.noreply.github.com> 2022-06-14 15:37:47 +00:00			`labels:`
			`{{- include "argo-events.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) \| nindent 4 }}`
			`rules:`
			`{{- if .Values.openshift }}`
			`- apiGroups:`
			`- apps`
			`resources:`
			`- deployments/finalizers`
			`verbs:`
			`- update`
			`{{- if not .Values.controller.rbac.namespaced }}`
			`- apiGroups:`
			`- rbac.authorization.k8s.io`
			`resources:`
			`- clusterroles/finalizers`
			`verbs:`
			`- update`
			`{{- end }}`
			`{{- end }}`
			`{{- with .Values.controller.rbac.rules }}`
			`{{- toYaml . \| nindent 0 }}`
			`{{- end }}`
			`- apiGroups:`
			`- ""`
			`resources:`
			`- events`
			`verbs:`
			`- create`
			`- patch`
			`- apiGroups:`
			`- coordination.k8s.io`
			`resources:`
			`- leases`
			`verbs:`
			`- get`
			`- list`
			`- watch`
			`- create`
			`- update`
			`- patch`
			`- delete`
			`- apiGroups:`
			`- argoproj.io`
			`resources:`
			`- sensors`
			`- sensors/finalizers`
			`- sensors/status`
			`- eventsources`
			`- eventsources/finalizers`
			`- eventsources/status`
			`- eventbus`
			`- eventbus/finalizers`
			`- eventbus/status`
			`verbs:`
			`- create`
			`- delete`
			`- deletecollection`
			`- get`
			`- list`
			`- patch`
			`- update`
			`- watch`
			`- apiGroups:`
			`- ""`
			`resources:`
			`- pods`
			`- pods/exec`
			`- configmaps`
			`- services`
			`- persistentvolumeclaims`
			`verbs:`
			`- create`
			`- get`
			`- list`
			`- watch`
			`- update`
			`- patch`
			`- delete`
chore(argo-events): Upgrade Argo Events to v1.7.5 (#1809) 2023-01-29 12:16:13 +00:00			`- apiGroups:`
			`- ""`
			`resources:`
			`- secrets`
			`verbs:`
			`- create`
			`- get`
			`- list`
			`- update`
			`- patch`
			`- delete`
feat(argo-events): Upgrade argo-events to v1.7.0 (#1269) * feat(argo-events) : Upgrade argo-events to v1.7.0 Signed-off-by: Petr Drastil <petr.drastil@gmail.com> * Fix typos Signed-off-by: Petr Drastil <petr.drastil@gmail.com> * Add missing braces Signed-off-by: Petr Drastil <petr.drastil@gmail.com> * Use templates for service account names Signed-off-by: Petr Drastil <petr.drastil@gmail.com> * Drop application labels Signed-off-by: Petr Drastil <petr.drastil@gmail.com> * Update documentation Signed-off-by: Petr Drastil <petr.drastil@gmail.com> * Move CRDs to template folder Signed-off-by: Petr Drastil <petr.drastil@gmail.com> * Disable webhook by default Signed-off-by: Petr Drastil <petr.drastil@gmail.com> * Fix indentation Signed-off-by: Petr Drastil <petr.drastil@gmail.com> * Update README Signed-off-by: Petr Drastil <petr.drastil@gmail.com> * Drop prefix from aggregate-roles Signed-off-by: Petr Drastil <petr.drastil@gmail.com> * Fix typo aggragate-roles.yaml -> aggregate-roles.yaml Signed-off-by: Marco Kilchhofer <mkilchhofer@users.noreply.github.com> * Use helm-docs.sh Signed-off-by: Marco Kilchhofer <mkilchhofer@users.noreply.github.com> * Fix typo REALEASE -> RELEASE Signed-off-by: Marco Kilchhofer <mkilchhofer@users.noreply.github.com> * Use consistent wording/style Signed-off-by: Marco Kilchhofer <mkilchhofer@users.noreply.github.com> Co-authored-by: Marco Kilchhofer <mkilchhofer@users.noreply.github.com> 2022-06-14 15:37:47 +00:00			`- apiGroups:`
			`- apps`
			`resources:`
			`- deployments`
			`- statefulsets`
			`verbs:`
			`- create`
			`- get`
			`- list`
			`- watch`
			`- update`
			`- patch`
			`- delete`
			`---`
			`apiVersion: rbac.authorization.k8s.io/v1`
			`kind: {{ .Values.controller.rbac.namespaced \| ternary "RoleBinding" "ClusterRoleBinding" }}`
			`metadata:`
			`name: {{ include "argo-events.controller.fullname" . }}`
			`labels:`
			`{{- include "argo-events.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) \| nindent 4 }}`
			`roleRef:`
			`apiGroup: rbac.authorization.k8s.io`
			`kind: {{ .Values.controller.rbac.namespaced \| ternary "Role" "ClusterRole" }}`
			`name: {{ include "argo-events.controller.fullname" . }}`
			`subjects:`
			`- kind: ServiceAccount`
			`name: {{ include "argo-events.controller.serviceAccountName" . }}`
feat(argo-events): Support ability to set .Values.namespaceOverride (#2594) * feat(argo-events): Support ability to set .Values.namespaceOverride Signed-off-by: yu-croco <yu.croco@gmail.com> * fix(argo-events): update README Signed-off-by: yu-croco <yu.croco@gmail.com> --------- Signed-off-by: yu-croco <yu.croco@gmail.com> 2024-03-23 11:06:54 +00:00			`namespace: {{ include "argo-events.namespace" . \| quote }}`
feat(argo-events): Upgrade argo-events to v1.7.0 (#1269) * feat(argo-events) : Upgrade argo-events to v1.7.0 Signed-off-by: Petr Drastil <petr.drastil@gmail.com> * Fix typos Signed-off-by: Petr Drastil <petr.drastil@gmail.com> * Add missing braces Signed-off-by: Petr Drastil <petr.drastil@gmail.com> * Use templates for service account names Signed-off-by: Petr Drastil <petr.drastil@gmail.com> * Drop application labels Signed-off-by: Petr Drastil <petr.drastil@gmail.com> * Update documentation Signed-off-by: Petr Drastil <petr.drastil@gmail.com> * Move CRDs to template folder Signed-off-by: Petr Drastil <petr.drastil@gmail.com> * Disable webhook by default Signed-off-by: Petr Drastil <petr.drastil@gmail.com> * Fix indentation Signed-off-by: Petr Drastil <petr.drastil@gmail.com> * Update README Signed-off-by: Petr Drastil <petr.drastil@gmail.com> * Drop prefix from aggregate-roles Signed-off-by: Petr Drastil <petr.drastil@gmail.com> * Fix typo aggragate-roles.yaml -> aggregate-roles.yaml Signed-off-by: Marco Kilchhofer <mkilchhofer@users.noreply.github.com> * Use helm-docs.sh Signed-off-by: Marco Kilchhofer <mkilchhofer@users.noreply.github.com> * Fix typo REALEASE -> RELEASE Signed-off-by: Marco Kilchhofer <mkilchhofer@users.noreply.github.com> * Use consistent wording/style Signed-off-by: Marco Kilchhofer <mkilchhofer@users.noreply.github.com> Co-authored-by: Marco Kilchhofer <mkilchhofer@users.noreply.github.com> 2022-06-14 15:37:47 +00:00			`{{- end }}`