Skip to content

Commit

Permalink
updated rbac template
Browse files Browse the repository at this point in the history
  • Loading branch information
facchettos committed Sep 4, 2024
1 parent cb75463 commit b1f0752
Show file tree
Hide file tree
Showing 3 changed files with 7 additions and 1 deletion.
1 change: 1 addition & 0 deletions chart/templates/_rbac.tpl
Original file line number Diff line number Diff line change
Expand Up @@ -37,6 +37,7 @@
.Values.sync.toHost.customResourceDefinitions
.Values.sync.fromHost.customResourceDefinitions
.Values.integrations.kubeVirt.enabled
.Values.integrations.externalSecrets.enabled
(and .Values.integrations.metricsServer.enabled .Values.integrations.metricsServer.nodes)
.Values.experimental.multiNamespaceMode.enabled -}}
{{- true -}}
Expand Down
2 changes: 1 addition & 1 deletion chart/templates/clusterrole.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -117,7 +117,7 @@ rules:
resources: ["validatingwebhookconfigurations", "mutatingwebhookconfigurations"]
verbs: ["get", "list", "watch"]
{{- end }}
{{- if or .Values.integrations.kubeVirt.enabled .Values.sync.toHost.customResourceDefinitions .Values.sync.fromHost.customResourceDefinitions }}
{{- if or .Values.integrations.kubeVirt.enabled .Values.integrations.externalSecrets.enabled .Values.sync.toHost.customResourceDefinitions .Values.sync.fromHost.customResourceDefinitions }}
- apiGroups: ["apiextensions.k8s.io"]
resources: ["customresourcedefinitions"]
verbs: ["get", "list", "watch"]
Expand Down
5 changes: 5 additions & 0 deletions chart/templates/role.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -94,6 +94,11 @@ rules:
resources: ["virtualmachines", "virtualmachines/status", "virtualmachineinstances", "virtualmachineinstances/status", "virtualmachineinstancemigrations", "virtualmachineinstancemigrations/status"]
verbs: ["create", "delete", "patch", "update", "get", "list", "watch"]
{{- end }}
{{- if .Values.integrations.externalSecrets.sync.externalSecrets.enabled }}
- apiGroups: ["external-secrets.io"]
resources: ["externalsecrets"]
verbs: ["create", "delete", "patch", "update", "get", "list", "watch"]
{{- end }}
{{- include "vcluster.customResourceDefinitions.roleExtraRules" . | indent 2 }}
{{- include "vcluster.plugin.roleExtraRules" . | indent 2 }}
{{- include "vcluster.generic.roleExtraRules" . | indent 2 }}
Expand Down

0 comments on commit b1f0752

Please sign in to comment.