helm-charts/external-dns/templates/psp-clusterrole.yaml

22 lines
938 B
YAML
Raw Normal View History

{{- $pspAvailable := (semverCompare "<1.25-0" (include "common.capabilities.kubeVersion" .)) -}}
{{- if and $pspAvailable .Values.rbac.pspEnabled }}
kind: ClusterRole
apiVersion: {{ include "common.capabilities.rbac.apiVersion" . }}
metadata:
name: {{ printf "%s-%s" (include "common.names.fullname.namespace" .) "psp" }}
namespace: {{ .Release.Namespace | quote }}
labels: {{ include "external-dns.labels" . | nindent 4 }}
{{- if .Values.commonLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
{{- end }}
{{- if .Values.commonAnnotations }}
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
{{- end }}
rules:
- apiGroups: ['extensions']
resources: ['podsecuritypolicies']
verbs: ['use']
resourceNames:
- {{ template "common.names.fullname.namespace" . }}
{{- end }}