| Matteo Scandolo | 23611c3 | 2021-10-06 10:28:29 -0700 | [diff] [blame^] | 1 | # Copyright 2020-present Open Networking Foundation |
| 2 | # |
| 3 | # Licensed under the Apache License, Version 2.0 (the "License"); |
| 4 | # you may not use this file except in compliance with the License. |
| 5 | # You may obtain a copy of the License at |
| 6 | # |
| 7 | # http://www.apache.org/licenses/LICENSE-2.0 |
| 8 | # |
| 9 | # Unless required by applicable law or agreed to in writing, software |
| 10 | # distributed under the License is distributed on an "AS IS" BASIS, |
| 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 12 | # See the License for the specific language governing permissions and |
| 13 | # limitations under the License. |
| 14 | --- |
| 15 | apiVersion: "v1" |
| 16 | kind: "ServiceAccount" |
| 17 | metadata: |
| 18 | name: "{{ .Values.serviceAccountName }}" |
| 19 | namespace: {{ .Release.Namespace | quote }} |
| 20 | --- |
| 21 | apiVersion: "rbac.authorization.k8s.io/v1" |
| 22 | kind: ClusterRole |
| 23 | metadata: |
| 24 | name: "{{ .Release.Name }}-{{ .Chart.Name }}-pod-svc-reader" |
| 25 | namespace: {{ .Release.Namespace | quote }} |
| 26 | rules: |
| 27 | - apiGroups: [""] |
| 28 | resources: |
| 29 | - pods |
| 30 | - services |
| 31 | verbs: |
| 32 | - get |
| 33 | - list |
| 34 | - watch |
| 35 | --- |
| 36 | apiVersion: "rbac.authorization.k8s.io/v1" |
| 37 | kind: "ClusterRoleBinding" |
| 38 | metadata: |
| 39 | name: "{{ .Release.Name }}-{{ .Chart.Name }}-pod-svc-reader-binding" |
| 40 | namespace: {{ .Release.Namespace | quote }} |
| 41 | subjects: |
| 42 | - kind: "ServiceAccount" |
| 43 | name: "{{ .Values.serviceAccountName }}" |
| 44 | namespace: {{ .Release.Namespace | quote }} |
| 45 | roleRef: |
| 46 | kind: "ClusterRole" |
| 47 | name: "{{ .Release.Name }}-{{ .Chart.Name }}-pod-svc-reader" |
| 48 | apiGroup: "rbac.authorization.k8s.io" |