feat(argo-cd): Add support for aggregation clusterroles (#865)
* feat(argo-cd): Add support for aggregation clusterroles * feat: Add support for aggregation clusterroles Signed-off-by: Christian Strack <github@abyth.de> * fix(argo-cd): Remove redundant whitespace from README.md Signed-off-by: Christian Strack <github@abyth.de> Co-authored-by: Marko Bevc <marko.bevc@gmail.com> * fix(argo-cd): Remove component labels from aggregation roles Signed-off-by: Christian Strack <github@abyth.de> Co-authored-by: Marco Kilchhofer <mkilchhofer@users.noreply.github.com> * fix(argo-cd): Use value `createAggregateRoles` to control role creation * fix: Use value `createAggregateRoles` to control role creation * bump version to 3.12.0 * update chart README.md accordingly Signed-off-by: Christian Strack <github@abyth.de> Co-authored-by: Marko Bevc <marko.bevc@gmail.com> Co-authored-by: Marco Kilchhofer <mkilchhofer@users.noreply.github.com>
This commit is contained in:
Christian Strack
GitHub
parent
1dad68d4f4
commit
a795074dd1
4 changed files with 74 additions and 2 deletions
67
charts/argo-cd/templates/argocd-aggregate-roles.yaml
Normal file
67
charts/argo-cd/templates/argocd-aggregate-roles.yaml
Normal file
|
|
@ -0,0 +1,67 @@
|
|||
{{- if .Values.createAggregateRoles }}
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRole
|
||||
metadata:
|
||||
name: {{ include "argo-cd.fullname" . }}-aggregate-to-view
|
||||
labels:
|
||||
rbac.authorization.k8s.io/aggregate-to-view: "true"
|
||||
{{- include "argo-cd.labels" (dict "context" .) | nindent 4 }}
|
||||
rules:
|
||||
- apiGroups:
|
||||
- argoproj.io
|
||||
resources:
|
||||
- applications
|
||||
- appprojects
|
||||
verbs:
|
||||
- get
|
||||
- list
|
||||
- watch
|
||||
|
||||
---
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRole
|
||||
metadata:
|
||||
name: {{ include "argo-cd.fullname" . }}-aggregate-to-edit
|
||||
labels:
|
||||
rbac.authorization.k8s.io/aggregate-to-edit: "true"
|
||||
{{- include "argo-cd.labels" (dict "context" .) | nindent 4 }}
|
||||
rules:
|
||||
- apiGroups:
|
||||
- argoproj.io
|
||||
resources:
|
||||
- applications
|
||||
- appprojects
|
||||
verbs:
|
||||
- create
|
||||
- delete
|
||||
- deletecollection
|
||||
- get
|
||||
- list
|
||||
- patch
|
||||
- update
|
||||
- watch
|
||||
|
||||
---
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRole
|
||||
metadata:
|
||||
name: {{ include "argo-cd.fullname" . }}-aggregate-to-admin
|
||||
labels:
|
||||
rbac.authorization.k8s.io/aggregate-to-admin: "true"
|
||||
{{- include "argo-cd.labels" (dict "context" .) | nindent 4 }}
|
||||
rules:
|
||||
- apiGroups:
|
||||
- argoproj.io
|
||||
resources:
|
||||
- applications
|
||||
- appprojects
|
||||
verbs:
|
||||
- create
|
||||
- delete
|
||||
- deletecollection
|
||||
- get
|
||||
- list
|
||||
- patch
|
||||
- update
|
||||
- watch
|
||||
{{- end }}
|
||||
Loading…
Add table
Add a link
Reference in a new issue