DevFW-CICD/ingress-nginx-helm
6
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Support existing PSPs in Helm chart

Browse source
This commit is contained in:
Eric Bailey 2021-02-23 18:31:56 -06:00
parent 3e8c8076b4
commit 63e35ac32b
9 changed files with 27 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

4
charts/ingress-nginx/templates/admission-webhooks/job-patch/clusterrole.yaml
View file

@ -22,6 +22,10 @@ rules:
resources: ['podsecuritypolicies']
verbs: ['use']
resourceNames:
{{- with .Values.controller.admissionWebhooks.existingPsp }}
- {{ . }}
{{- else }}
- {{ include "ingress-nginx.fullname" . }}-admission
{{- end }}
{{- end }}
{{- end }}

2
charts/ingress-nginx/templates/admission-webhooks/job-patch/psp.yaml
View file

@ -1,4 +1,4 @@
{{- if and .Values.controller.admissionWebhooks.enabled .Values.controller.admissionWebhooks.patch.enabled .Values.podSecurityPolicy.enabled -}}
{{- if and .Values.controller.admissionWebhooks.enabled .Values.controller.admissionWebhooks.patch.enabled .Values.podSecurityPolicy.enabled (empty .Values.controller.admissionWebhooks.existingPsp) -}}
apiVersion: policy/v1beta1
kind: PodSecurityPolicy
metadata: