DevFW-CICD/argocd-helm
14
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
argocd-helm/charts/argo/templates/workflow-controller-crb.yaml
Alex Sears 97e896126c
chore(argo-cd): create roles instead of rolebindings when singleNamespace is true (#530) 
Co-authored-by: Vlad Losev <vladlosev@users.noreply.github.com>
Co-authored-by: Sean Johnson <seanson@users.noreply.github.com>
2021-02-17 00:06:11 +01:00

52 lines
1.4 KiB
YAML
Raw Blame History

apiVersion: rbac.authorization.k8s.io/v1
{{- if .Values.singleNamespace }}
kind: RoleBinding
{{ else }}
kind: ClusterRoleBinding
{{- end }}
metadata:
name: {{ .Release.Name }}-{{ .Values.controller.name }}
roleRef:
apiGroup: rbac.authorization.k8s.io
{{- if .Values.singleNamespace }}
kind: Role
{{ else }}
kind: ClusterRole
{{- end }}
name: {{ .Release.Name }}-{{ .Values.controller.name }}
subjects:
- kind: ServiceAccount
name: {{ .Values.controller.serviceAccount }}
namespace: {{ .Release.Namespace }}
{{- if .Values.controller.workflowNamespaces }}
{{- $uiServiceAccount := .Values.controller.serviceAccount }}
{{- $namespace := .Release.Namespace }}
{{- range $key := .Values.controller.workflowNamespaces }}
{{- if not (eq $key $namespace) }}
- kind: ServiceAccount
name: {{ $uiServiceAccount }}
namespace: {{ $key }}
{{- end }}
{{- end }}
{{- end }}
---
apiVersion: rbac.authorization.k8s.io/v1
{{- if .Values.singleNamespace }}
kind: RoleBinding
{{ else }}
kind: ClusterRoleBinding
{{- end }}
metadata:
name: {{ .Release.Name }}-{{ .Values.controller.name }}-cluster-template
roleRef:
apiGroup: rbac.authorization.k8s.io
{{- if .Values.singleNamespace }}
kind: Role
{{ else }}
kind: ClusterRole
{{- end }}
name: {{ .Release.Name }}-{{ .Values.controller.name }}-cluster-template
subjects:
- kind: ServiceAccount
name: {{ .Values.controller.serviceAccount }}
namespace: {{ .Release.Namespace }}
Reference in a new issue View git blame Copy permalink