Git-Mirrors/constellation
1
0
Fork 0
mirror of https://github.com/edgelesssys/constellation.git synced 2025-03-04 12:49:34 -05:00
Code Issues Packages Projects Releases Wiki Activity
constellation/internal/helm/charts/cilium/templates/clustermesh-apiserver/tls-cronjob/role.yaml
Moritz Sanft 968cdc1a38
cli: move cli/internal libraries (#2623) 
* cli: move internal packages

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>

* cli: fix buildfiles

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>

* bazel: fix exclude dir

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>

* cli: move back libraries that will not be used by TF provider

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>

---------

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
2023-11-22 14:52:56 +01:00

41 lines
1.0 KiB
YAML
Raw Blame History

{{- if and (or .Values.externalWorkloads.enabled .Values.clustermesh.useAPIServer) .Values.clustermesh.apiserver.tls.auto.enabled (eq .Values.clustermesh.apiserver.tls.auto.method "cronJob") .Values.serviceAccounts.clustermeshcertgen.create }}
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: clustermesh-apiserver-generate-certs
namespace: {{ .Release.Namespace }}
{{- with .Values.clustermesh.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
labels:
app.kubernetes.io/part-of: cilium
rules:
- apiGroups:
- ""
resources:
- secrets
verbs:
- create
- apiGroups:
- ""
resources:
- secrets
resourceNames:
- cilium-ca
verbs:
- get
- update
- apiGroups:
- ""
resources:
- secrets
resourceNames:
- clustermesh-apiserver-server-cert
- clustermesh-apiserver-admin-cert
- clustermesh-apiserver-remote-cert
- clustermesh-apiserver-client-cert
verbs:
- update
{{- end }}
Reference in New Issue View Git Blame Copy Permalink