Skip to content

Commit

Permalink
chore: move rbac to separated files
Browse files Browse the repository at this point in the history
  • Loading branch information
@giautm
giautm committed Aug 22, 2023
1 parent cc163ca commit 7a440d1
Show file tree
Hide file tree
Showing 2 changed files with 55 additions and 54 deletions.
54 changes: 54 additions & 0 deletions charts/atlas-operator/templates/leader-election-rbac.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,54 @@
{{- if .Values.rbac.create -}}
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: {{ include "atlas-operator.leaderElectionRole" . }}
labels:
{{- include "atlas-operator.labels" . | nindent 4 }}
rules:
- apiGroups:
- ""
resources:
- configmaps
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- coordination.k8s.io
resources:
- leases
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- ""
resources:
- events
verbs:
- create
- patch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: {{ include "atlas-operator.leaderElectionRole" . }}-binding
labels:
{{- include "atlas-operator.labels" . | nindent 4 }}
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: {{ include "atlas-operator.leaderElectionRole" . }}
subjects:
- kind: ServiceAccount
name: {{ include "atlas-operator.serviceAccountName" . }}
{{- end }}
55 changes: 1 addition & 54 deletions charts/atlas-operator/templates/rbac.yaml → ...tlas-operator/templates/manager-rbac.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,44 +1,5 @@
{{- if .Values.rbac.create -}}
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: {{ include "atlas-operator.leaderElectionRole" . }}
labels:
{{- include "atlas-operator.labels" . | nindent 4 }}
rules:
- apiGroups:
- ""
resources:
- configmaps
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- coordination.k8s.io
resources:
- leases
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- ""
resources:
- events
verbs:
- create
- patch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: {{ include "atlas-operator.managerRoleName" . }}
Expand Down Expand Up @@ -121,20 +82,6 @@ rules:
- update
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: {{ include "atlas-operator.leaderElectionRole" . }}-binding
labels:
{{- include "atlas-operator.labels" . | nindent 4 }}
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: {{ include "atlas-operator.leaderElectionRole" . }}
subjects:
- kind: ServiceAccount
name: {{ include "atlas-operator.serviceAccountName" . }}
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: {{ include "atlas-operator.managerRoleName" . }}-binding
Expand All @@ -148,4 +95,4 @@ subjects:
- kind: ServiceAccount
name: {{ include "atlas-operator.serviceAccountName" . }}
namespace: {{ .Release.Namespace }}
{{- end }}
{{- end }}

0 comments on commit 7a440d1

Please sign in to comment.