a647fbe123
* optional role Signed-off-by: Carl Raiden Worley <carl.worley@10gen.com> * match existing setting Signed-off-by: Carl Raiden Worley <carl.worley@10gen.com> * fix lint Signed-off-by: Carl Raiden Worley <carl.worley@10gen.com>
42 lines
1.4 KiB
YAML
42 lines
1.4 KiB
YAML
{{- if .Values.controller.rbac.create }}
|
|
apiVersion: rbac.authorization.k8s.io/v1
|
|
{{- if .Values.singleNamespace }}
|
|
kind: RoleBinding
|
|
{{ else }}
|
|
kind: ClusterRoleBinding
|
|
{{- end }}
|
|
metadata:
|
|
name: {{ template "argo-workflows.controller.fullname" . }}
|
|
labels:
|
|
{{- include "argo-workflows.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }}
|
|
roleRef:
|
|
apiGroup: rbac.authorization.k8s.io
|
|
{{- if .Values.singleNamespace }}
|
|
kind: Role
|
|
{{ else }}
|
|
kind: ClusterRole
|
|
{{- end }}
|
|
name: {{ template "argo-workflows.controller.fullname" . }}
|
|
subjects:
|
|
- kind: ServiceAccount
|
|
name: {{ template "argo-workflows.controllerServiceAccountName" . }}
|
|
namespace: {{ .Release.Namespace }}
|
|
|
|
{{- if .Values.controller.clusterWorkflowTemplates.enabled }}
|
|
---
|
|
apiVersion: rbac.authorization.k8s.io/v1
|
|
kind: ClusterRoleBinding
|
|
metadata:
|
|
name: {{ template "argo-workflows.controller.fullname" . }}-cluster-template
|
|
labels:
|
|
{{- include "argo-workflows.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }}
|
|
roleRef:
|
|
apiGroup: rbac.authorization.k8s.io
|
|
kind: ClusterRole
|
|
name: {{ template "argo-workflows.controller.fullname" . }}-cluster-template
|
|
subjects:
|
|
- kind: ServiceAccount
|
|
name: {{ template "argo-workflows.controllerServiceAccountName" . }}
|
|
namespace: {{ .Release.Namespace }}
|
|
{{- end }}
|
|
{{- end }}
|