mirror of
https://github.com/edgelesssys/constellation.git
synced 2024-10-01 01:36:09 -04:00
helm: add gcp ccm permissions for internal LBs (#2474)
* helm: add gcp ccm permissions
This commit is contained in:
parent
0bfb4f7e11
commit
498b5d68f6
@ -411,6 +411,7 @@ go_library(
|
|||||||
"charts/edgeless/csi/charts/aws-csi-driver/templates/storageclass_integrity.yaml",
|
"charts/edgeless/csi/charts/aws-csi-driver/templates/storageclass_integrity.yaml",
|
||||||
"charts/edgeless/csi/charts/aws-csi-driver/templates/volumesnapshotclass.yaml",
|
"charts/edgeless/csi/charts/aws-csi-driver/templates/volumesnapshotclass.yaml",
|
||||||
"charts/edgeless/csi/charts/aws-csi-driver/values.yaml",
|
"charts/edgeless/csi/charts/aws-csi-driver/values.yaml",
|
||||||
|
"charts/edgeless/constellation-services/charts/ccm/templates/gcp-clusterrolebinding.yaml",
|
||||||
],
|
],
|
||||||
importpath = "github.com/edgelesssys/constellation/v2/cli/internal/helm",
|
importpath = "github.com/edgelesssys/constellation/v2/cli/internal/helm",
|
||||||
visibility = ["//cli:__subpackages__"],
|
visibility = ["//cli:__subpackages__"],
|
||||||
|
@ -0,0 +1,14 @@
|
|||||||
|
{{- if eq .Values.csp "GCP" -}}
|
||||||
|
apiVersion: rbac.authorization.k8s.io/v1
|
||||||
|
kind: ClusterRoleBinding
|
||||||
|
metadata:
|
||||||
|
name: system:cloud-provider
|
||||||
|
roleRef:
|
||||||
|
apiGroup: rbac.authorization.k8s.io
|
||||||
|
kind: ClusterRole
|
||||||
|
name: cluster-admin
|
||||||
|
subjects:
|
||||||
|
- kind: ServiceAccount
|
||||||
|
name: cloud-provider
|
||||||
|
namespace: {{ .Release.Namespace }}
|
||||||
|
{{- end -}}
|
@ -0,0 +1,12 @@
|
|||||||
|
apiVersion: rbac.authorization.k8s.io/v1
|
||||||
|
kind: ClusterRoleBinding
|
||||||
|
metadata:
|
||||||
|
name: system:cloud-provider
|
||||||
|
roleRef:
|
||||||
|
apiGroup: rbac.authorization.k8s.io
|
||||||
|
kind: ClusterRole
|
||||||
|
name: cluster-admin
|
||||||
|
subjects:
|
||||||
|
- kind: ServiceAccount
|
||||||
|
name: cloud-provider
|
||||||
|
namespace: testNamespace
|
Loading…
Reference in New Issue
Block a user