DevFW-CICD/argocd-helm
6
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
argocd-helm/charts/argo/templates/workflow-aggregate-roles.yaml
Alex Sears 97e896126c
chore(argo-cd): create roles instead of rolebindings when singleNamespace is true (#530) 
Co-authored-by: Vlad Losev <vladlosev@users.noreply.github.com>
Co-authored-by: Sean Johnson <seanson@users.noreply.github.com>
2021-02-17 00:06:11 +01:00

101 lines
2 KiB
YAML
Raw Blame History

{{- if .Values.createAggregateRoles }}
apiVersion: rbac.authorization.k8s.io/v1
{{- if .Values.singleNamespace }}
kind: Role
{{ else }}
kind: ClusterRole
{{- end }}
metadata:
annotations:
helm.sh/hook: pre-install
helm.sh/hook-delete-policy: before-hook-creation
name: argo-aggregate-to-view
labels:
rbac.authorization.k8s.io/aggregate-to-view: "true"
rules:
- apiGroups:
- argoproj.io
resources:
- workflows
- workflows/finalizers
- workflowtemplates
- workflowtemplates/finalizers
- cronworkflows
- cronworkflows/finalizers
- clusterworkflowtemplates
- clusterworkflowtemplates/finalizers
verbs:
- get
- list
- watch
---
apiVersion: rbac.authorization.k8s.io/v1
{{- if .Values.singleNamespace }}
kind: Role
{{ else }}
kind: ClusterRole
{{- end }}
metadata:
annotations:
helm.sh/hook: pre-install
helm.sh/hook-delete-policy: before-hook-creation
name: argo-aggregate-to-edit
labels:
rbac.authorization.k8s.io/aggregate-to-edit: "true"
rules:
- apiGroups:
- argoproj.io
resources:
- workflows
- workflows/finalizers
- workflowtemplates
- workflowtemplates/finalizers
- cronworkflows
- cronworkflows/finalizers
- clusterworkflowtemplates
- clusterworkflowtemplates/finalizers
verbs:
- create
- delete
- deletecollection
- get
- list
- patch
- update
- watch
---
apiVersion: rbac.authorization.k8s.io/v1
{{- if .Values.singleNamespace }}
kind: Role
{{ else }}
kind: ClusterRole
{{- end }}
metadata:
annotations:
helm.sh/hook: pre-install
helm.sh/hook-delete-policy: before-hook-creation
name: argo-aggregate-to-admin
labels:
rbac.authorization.k8s.io/aggregate-to-admin: "true"
rules:
- apiGroups:
- argoproj.io
resources:
- workflows
- workflows/finalizers
- workflowtemplates
- workflowtemplates/finalizers
- cronworkflows
- cronworkflows/finalizers
- clusterworkflowtemplates
- clusterworkflowtemplates/finalizers
verbs:
- create
- delete
- deletecollection
- get
- list
- patch
- update
- watch
{{- end }}
Reference in a new issue View git blame Copy permalink