feat(argo-cd): add notification cluster role (#2315)

* Add notification cluster role

Signed-off-by: drfaust92 <ilia.lazebnik@gmail.com>

* Add notification cluster role

Signed-off-by: drfaust92 <ilia.lazebnik@gmail.com>

* Add notification cluster role

Signed-off-by: drfaust92 <ilia.lazebnik@gmail.com>

* Add notification cluster role

Signed-off-by: drfaust92 <ilia.lazebnik@gmail.com>

---------

Signed-off-by: drfaust92 <ilia.lazebnik@gmail.com>

charts/argo-cd/templates/argocd-notifications/clusterrole.yaml

@@ -0,0 +1,22 @@
+{{- if .Values.createClusterRoles }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ include "argo-cd.notifications.fullname" . }}
+  labels:
+    {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.name "name" .Values.notifications.name) | nindent 4 }}
+rules:
+  {{- with .Values.notifications.clusterRoleRules.rules }}
+    {{- toYaml . | nindent 2 }}
+  {{- end }}
+  - apiGroups:
+    - "argoproj.io"
+    resources:
+    - "applications"
+    verbs:
+    - get
+    - list
+    - watch
+    - update
+    - patch
+{{- end }}

charts/argo-cd/templates/argocd-notifications/clusterrolebinding.yaml

@@ -0,0 +1,16 @@
+{{- if .Values.createClusterRoles }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ include "argo-cd.notifications.fullname" . }}
+  labels:
+    {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.name "name" .Values.notifications.name) | nindent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ include "argo-cd.notifications.fullname" . }}
+subjects:
+- kind: ServiceAccount
+  name: {{ include "argo-cd.notificationsServiceAccountName" . }}
+  namespace: {{ .Release.Namespace }}
+{{- end }}