ingress-nginx-helm/charts/ingress-nginx/templates/admission-webhooks/job-patch/clusterrole.yaml

{{- if and .Values.controller.admissionWebhooks.enabled .Values.controller.admissionWebhooks.patch.enabled -}}
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  name: {{ include "ingress-nginx.fullname" . }}-admission
  annotations:
    "helm.sh/hook": pre-install,pre-upgrade,post-install,post-upgrade
    "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded
  labels:
    {{- include "ingress-nginx.labels" . | nindent 4 }}
    app.kubernetes.io/component: admission-webhook
rules:
  - apiGroups:
      - admissionregistration.k8s.io
    resources:
      - validatingwebhookconfigurations
    verbs:
      - get
      - update
{{- if .Values.podSecurityPolicy.enabled }}
  - apiGroups: ['extensions']
    resources: ['podsecuritypolicies']
    verbs:     ['use']
    resourceNames:
    - {{ include "ingress-nginx.fullname" . }}-admission
{{- end }}
{{- end }}
Cleanup chart code 2020-03-02 08:49:26 -06:00			`{{- if and .Values.controller.admissionWebhooks.enabled .Values.controller.admissionWebhooks.patch.enabled -}}`
Start migration of helm chart (#5159) 2020-02-24 16:25:57 -03:00			`apiVersion: rbac.authorization.k8s.io/v1`
			`kind: ClusterRole`
			`metadata:`
Hardcode component names. By removing this, we reduce unecessary config options and moving parts. Signed-off-by: Naseem <naseem@transit.app> 2020-03-03 21:53:23 -05:00			`name: {{ include "ingress-nginx.fullname" . }}-admission`
Start migration of helm chart (#5159) 2020-02-24 16:25:57 -03:00			`annotations:`
			`"helm.sh/hook": pre-install,pre-upgrade,post-install,post-upgrade`
			`"helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded`
			`labels:`
Update helm templates to match new chart name 2020-02-28 08:53:24 -06:00			`{{- include "ingress-nginx.labels" . \| nindent 4 }}`
			`app.kubernetes.io/component: admission-webhook`
Start migration of helm chart (#5159) 2020-02-24 16:25:57 -03:00			`rules:`
			`- apiGroups:`
			`- admissionregistration.k8s.io`
			`resources:`
			`- validatingwebhookconfigurations`
			`verbs:`
			`- get`
			`- update`
			`{{- if .Values.podSecurityPolicy.enabled }}`
			`- apiGroups: ['extensions']`
			`resources: ['podsecuritypolicies']`
			`verbs: ['use']`
			`resourceNames:`
Hardcode component names. By removing this, we reduce unecessary config options and moving parts. Signed-off-by: Naseem <naseem@transit.app> 2020-03-03 21:53:23 -05:00			`- {{ include "ingress-nginx.fullname" . }}-admission`
Start migration of helm chart (#5159) 2020-02-24 16:25:57 -03:00			`{{- end }}`
			`{{- end }}`