logic855
/
helm-external-secrets
kopia lustrzana https://github.com/external-secrets/external-secrets


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536
							{{- if and .Values.webhook.metrics.listen.auth.enabled .Values.webhook.create .Values.webhook.serviceAccount.create }}
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  name: {{ include "external-secrets.fullname" . }}-webhook-metrics-auth
  labels:
    {{- include "external-secrets-webhook.labels" . | nindent 4 }}
rules:
  - apiGroups:
    - "authentication.k8s.io"
    resources:
    - "tokenreviews"
    verbs:
    - "create"
  - apiGroups:
    - "authorization.k8s.io"
    resources:
    - "subjectaccessreviews"
    verbs:
    - "create"
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: {{ include "external-secrets.fullname" . }}-webhook-metrics-auth
  labels:
    {{- include "external-secrets-webhook.labels" . | nindent 4 }}
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: {{ include "external-secrets.fullname" . }}-webhook-metrics-auth
subjects:
  - name: {{ include "external-secrets-webhook.serviceAccountName" . }}
    namespace: {{ template "external-secrets.namespace" . }}
    kind: ServiceAccount
{{- end }}