softplayer-helmfile/charts/tekton-pipelines/templates/rbac.yaml

42 lines
1.0 KiB
YAML

---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
namespace: {{ .Values.pipelineRunNamespace }}
name: secret-manager
labels:
{{- include "tekton-pipelines.labels" . | nindent 4 }}
rules:
- apiGroups: [""]
resources: ["secrets", "configmaps"]
verbs: ["*"]
- apiGroups:
- helm.toolkit.fluxcd.io
- source.toolkit.fluxcd.io
resources: ["*"]
verbs: ["*"]
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: secret-manager
namespace: {{ .Values.pipelineRunNamespace }}
labels:
{{- include "tekton-pipelines.labels" . | nindent 4 }}
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: secret-manager
namespace: {{ .Values.pipelineRunNamespace }}
labels:
{{- include "tekton-pipelines.labels" . | nindent 4 }}
subjects:
- kind: ServiceAccount
name: secret-manager
namespace: {{ .Values.pipelineRunNamespace }}
roleRef:
kind: ClusterRole
name: secret-manager
apiGroup: rbac.authorization.k8s.io