Git-Mirrors/constellation
1
0
Fork 0
mirror of https://github.com/edgelesssys/constellation.git synced 2025-01-26 23:37:08 -05:00
Code Issues Packages Projects Releases Wiki Activity
constellation/internal/helm/charts/cilium/templates/hubble/tls-cronjob/clusterrole.yaml

39 lines
866 B
YAML
Raw Normal View History

deploy cilium via helmchart (#321)
2022-08-12 10:20:19 +02:00
{{- if and .Values.hubble.enabled .Values.hubble.tls.enabled .Values.hubble.tls.auto.enabled (eq .Values.hubble.tls.auto.method "cronJob") .Values.serviceAccounts.hubblecertgen.create }}
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: hubble-generate-certs
deps: update cilium Bumping Cilium to also enable node-to-node encryption and node-to-node strict mode. Since the second is not upstream we use our fork.
2023-10-16 19:14:53 +02:00
{{- with .Values.hubble.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
labels:
app.kubernetes.io/part-of: cilium
deploy cilium via helmchart (#321)
2022-08-12 10:20:19 +02:00
rules:
- apiGroups:
- ""
resources:
- secrets
verbs:
- create
- apiGroups:
- ""
resources:
- secrets
resourceNames:
- hubble-server-certs
- hubble-relay-client-certs
- hubble-relay-server-certs
verbs:
- update
- apiGroups:
- ""
resources:
- secrets
resourceNames:
- cilium-ca
verbs:
- get
- update
{{- end }}
Reference in New Issue Copy Permalink