Gitiles
Code Review Sign In
gerrit.opencord.org / aether-helm-charts / 5851c79ce17dbf1b3cc0a53ccfea0d3567a58b78 / . / apps / google-phylo / templates / _helpers.tpl
blob: 9049cf560f63c81e267cd0845cfb6c654852ecc4 [file] [log] [blame]
Jeremy Ronquillo223db002020-06-05 10:28:22 -0700[diff] [blame]1{{- /*
Jeremy Ronquilloec2d3e42020-06-05 11:33:39 -0700[diff] [blame]2
Jeremy Ronquillo223db002020-06-05 10:28:22 -0700[diff] [blame]3# Copyright 2020-present Open Networking Foundation
4#
Jeremy Ronquillo6046ce32020-06-18 11:06:29 -0700[diff] [blame]5# SPDX-License-Identifier: LicenseRef-ONF-Member-Only-1.0
Jeremy Ronquilloec2d3e42020-06-05 11:33:39 -0700[diff] [blame]6
Jeremy Ronquillo223db002020-06-05 10:28:22 -0700[diff] [blame]7*/ -}}
8
9{{/*
10Renders a set of standardised labels
11*/}}
12{{- define "phylo.metadata_labels" -}}
13{{- $application := index . 0 -}}
14{{- $context := index . 1 -}}
15release: {{ $context.Release.Name }}
16app: {{ $application }}
17{{- end -}}
18
19{{/*
20Render the given template.
21*/}}
22{{- define "phylo.template" -}}
23{{- $name := index . 0 -}}
24{{- $context := index . 1 -}}
25{{- $last := base $context.Template.Name }}
26{{- $wtf := $context.Template.Name | replace $last $name -}}
27{{ include $wtf $context }}
28{{- end -}}
29
30{{/*
31Render ServiceAccount, Role, and RoleBinding required for kubernetes-entrypoint.
32*/}}
33{{- define "phylo.service_account" -}}
34{{- $context := index . 1 -}}
35{{- $saName := index . 0 -}}
36{{- $saNamespace := $context.Release.Namespace }}
37---
38apiVersion: v1
39kind: ServiceAccount
40metadata:
41 name: {{ $saName }}
42 namespace: {{ $saNamespace }}
43 labels:
44{{ tuple $saName $context | include "phylo.metadata_labels" | indent 4 }}
45---
Hyunsun Moondea0cb52021-02-19 16:53:22 -0800[diff] [blame]46apiVersion: rbac.authorization.k8s.io/v1
Jeremy Ronquillo223db002020-06-05 10:28:22 -0700[diff] [blame]47kind: RoleBinding
48metadata:
49 name: {{ $saName }}
50 namespace: {{ $saNamespace }}
51 labels:
52{{ tuple $saName $context | include "phylo.metadata_labels" | indent 4 }}
53roleRef:
54 apiGroup: rbac.authorization.k8s.io
55 kind: Role
56 name: {{ $saName }}
57subjects:
58 - kind: ServiceAccount
59 name: {{ $saName }}
60 namespace: {{ $saNamespace }}
61---
Hyunsun Moondea0cb52021-02-19 16:53:22 -0800[diff] [blame]62apiVersion: rbac.authorization.k8s.io/v1
Jeremy Ronquillo223db002020-06-05 10:28:22 -0700[diff] [blame]63kind: Role
64metadata:
65 name: {{ $saName }}
66 namespace: {{ $saNamespace }}
67 labels:
68{{ tuple $saName $context | include "phylo.metadata_labels" | indent 4 }}
69rules:
70 - apiGroups:
71 - ""
72 - extensions
73 - batch
74 - apps
75 verbs:
76 - get
77 - list
78 resources:
79 - statefulsets
80 - daemonsets
81 - jobs
82 - pods
83 - services
84 - endpoints
85 - configmaps
86{{- end -}}