01c78a82b5
* Drop old CRDs with hooks containing helm hooks Signed-off-by: Marco Kilchhofer <mkilchhofer@users.noreply.github.com> * Bump chart version Signed-off-by: Marco Kilchhofer <mkilchhofer@users.noreply.github.com> * Drop empty newlines inside manifests Signed-off-by: Marco Kilchhofer <mkilchhofer@users.noreply.github.com> * chore: trigger CI Signed-off-by: Marco Kilchhofer <mkilchhofer@users.noreply.github.com> * chore: Ignore 'ci/' directory in final package Signed-off-by: Marco Kilchhofer <mkilchhofer@users.noreply.github.com> * Apply changes from code review Signed-off-by: Marco Kilchhofer <mkilchhofer@users.noreply.github.com>
102 lines
2 KiB
YAML
102 lines
2 KiB
YAML
{{- if .Values.singleNamespace }}
|
|
apiVersion: rbac.authorization.k8s.io/v1
|
|
kind: RoleBinding
|
|
metadata:
|
|
name: argo-events-binding
|
|
namespace: {{ .Release.Namespace }}
|
|
roleRef:
|
|
apiGroup: rbac.authorization.k8s.io
|
|
kind: Role
|
|
name: argo-events-role
|
|
subjects:
|
|
- kind: ServiceAccount
|
|
name: {{ .Values.serviceAccount }}
|
|
namespace: {{ .Release.Namespace }}
|
|
{{- if .Values.additionalSaNamespaces }}
|
|
{{ $sa := .Values.serviceAccount }}
|
|
{{- range $namespace := .Values.additionalSaNamespaces }}
|
|
- kind: ServiceAccount
|
|
name: {{ $sa }}
|
|
namespace: {{ $namespace }}
|
|
{{- end }}
|
|
{{- end }}
|
|
---
|
|
apiVersion: rbac.authorization.k8s.io/v1
|
|
kind: Role
|
|
metadata:
|
|
name: argo-events-role
|
|
namespace: {{ .Release.Namespace }}
|
|
rules:
|
|
{{- with .Values.additionalServiceAccountRules }}
|
|
{{- toYaml . | nindent 2 }}
|
|
{{- end }}
|
|
- apiGroups:
|
|
- argoproj.io
|
|
verbs:
|
|
- create
|
|
- delete
|
|
- deletecollection
|
|
- get
|
|
- list
|
|
- patch
|
|
- update
|
|
- watch
|
|
resources:
|
|
- workflows
|
|
- workflows/finalizers
|
|
- workflowtemplates
|
|
- workflowtemplates/finalizers
|
|
- sensors
|
|
- sensors/finalizers
|
|
- sensors/status
|
|
- eventsources
|
|
- eventsources/finalizers
|
|
- eventsources/status
|
|
- eventbus
|
|
- eventbus/finalizers
|
|
- eventbus/status
|
|
- apiGroups:
|
|
- ""
|
|
resources:
|
|
- pods
|
|
- pods/exec
|
|
- configmaps
|
|
- secrets
|
|
- services
|
|
- events
|
|
- persistentvolumeclaims
|
|
verbs:
|
|
- create
|
|
- get
|
|
- list
|
|
- watch
|
|
- update
|
|
- patch
|
|
- delete
|
|
- apiGroups:
|
|
- "batch"
|
|
resources:
|
|
- jobs
|
|
verbs:
|
|
- create
|
|
- get
|
|
- list
|
|
- watch
|
|
- update
|
|
- patch
|
|
- delete
|
|
- apiGroups:
|
|
- "apps"
|
|
resources:
|
|
- deployments
|
|
- statefulsets
|
|
verbs:
|
|
- create
|
|
- get
|
|
- list
|
|
- watch
|
|
- update
|
|
- patch
|
|
- delete
|
|
|
|
{{- end }}
|