mirror of
https://github.com/coder/coder.git
synced 2026-06-04 05:28:20 +00:00
Spike Curtis
21af020386
* Refactor helm to extract common templates to libcoder Signed-off-by: Spike Curtis <spike@coder.com> * Remove comment from libcoder Chart.yaml Signed-off-by: Spike Curtis <spike@coder.com> * Add provisioner helm chart * Fix prettier, linting, docs Signed-off-by: Spike Curtis <spike@coder.com> * Log at INFO when provisionerd connects to coderd Signed-off-by: Spike Curtis <spike@coder.com> * remove unnecessary exports in helm tests Signed-off-by: Spike Curtis <spike@coder.com> --------- Signed-off-by: Spike Curtis <spike@coder.com>
60 lines
1.2 KiB
YAML
60 lines
1.2 KiB
YAML
{{- define "libcoder.rbac.tpl" -}}
|
|
{{- if .Values.coder.serviceAccount.workspacePerms }}
|
|
---
|
|
apiVersion: rbac.authorization.k8s.io/v1
|
|
kind: Role
|
|
metadata:
|
|
name: {{ .Values.coder.serviceAccount.name }}-workspace-perms
|
|
rules:
|
|
- apiGroups: [""]
|
|
resources: ["pods"]
|
|
verbs:
|
|
- create
|
|
- delete
|
|
- deletecollection
|
|
- get
|
|
- list
|
|
- patch
|
|
- update
|
|
- watch
|
|
- apiGroups: [""]
|
|
resources: ["persistentvolumeclaims"]
|
|
verbs:
|
|
- create
|
|
- delete
|
|
- deletecollection
|
|
- get
|
|
- list
|
|
- patch
|
|
- update
|
|
- watch
|
|
{{- if .Values.coder.serviceAccount.enableDeployments }}
|
|
- apiGroups:
|
|
- apps
|
|
resources:
|
|
- deployments
|
|
verbs:
|
|
- create
|
|
- delete
|
|
- deletecollection
|
|
- get
|
|
- list
|
|
- patch
|
|
- update
|
|
- watch
|
|
{{- end }}
|
|
---
|
|
apiVersion: rbac.authorization.k8s.io/v1
|
|
kind: RoleBinding
|
|
metadata:
|
|
name: {{ .Values.coder.serviceAccount.name | quote }}
|
|
subjects:
|
|
- kind: ServiceAccount
|
|
name: {{ .Values.coder.serviceAccount.name | quote }}
|
|
roleRef:
|
|
apiGroup: rbac.authorization.k8s.io
|
|
kind: Role
|
|
name: {{ .Values.coder.serviceAccount.name }}-workspace-perms
|
|
{{- end }}
|
|
{{- end -}}
|