29 lines
902 B
YAML
29 lines
902 B
YAML
{{/*
|
|
Copyright (c) HashiCorp, Inc.
|
|
SPDX-License-Identifier: MPL-2.0
|
|
*/}}
|
|
|
|
{{ template "openbao.serverAuthDelegator" . }}
|
|
{{- if .serverAuthDelegator -}}
|
|
{{- if .Capabilities.APIVersions.Has "rbac.authorization.k8s.io/v1" -}}
|
|
apiVersion: rbac.authorization.k8s.io/v1
|
|
{{- else }}
|
|
apiVersion: rbac.authorization.k8s.io/v1beta1
|
|
{{- end }}
|
|
kind: ClusterRoleBinding
|
|
metadata:
|
|
name: {{ template "openbao.fullname" . }}-server-binding
|
|
labels:
|
|
helm.sh/chart: {{ include "openbao.chart" . }}
|
|
app.kubernetes.io/name: {{ include "openbao.name" . }}
|
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
|
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
|
roleRef:
|
|
apiGroup: rbac.authorization.k8s.io
|
|
kind: ClusterRole
|
|
name: system:auth-delegator
|
|
subjects:
|
|
- kind: ServiceAccount
|
|
name: {{ template "openbao.serviceAccount.name" . }}
|
|
namespace: {{ include "openbao.namespace" . }}
|
|
{{ end }}
|