| 1234567891011121314151617181920212223242526272829303132333435 |
- {{- if .Values.global.createClusterRole }}
- #hack for delete pod master after migration
- ---
- kind: ClusterRole
- apiVersion: rbac.authorization.k8s.io/v1
- metadata:
- name: {{ .Values.global.serviceAccountName }}-rw-cr
- labels:
- app.kubernetes.io/name: {{ template "seaweedfs.name" . }}
- helm.sh/chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- app.kubernetes.io/managed-by: {{ .Release.Service }}
- app.kubernetes.io/instance: {{ .Release.Name }}
- rules:
- - apiGroups: [""]
- resources: ["pods"]
- verbs: ["get", "list", "watch", "create", "update", "patch", "delete"]
- ---
- kind: ClusterRoleBinding
- apiVersion: rbac.authorization.k8s.io/v1
- metadata:
- name: system:serviceaccount:{{ .Values.global.serviceAccountName }}:default
- labels:
- app.kubernetes.io/name: {{ template "seaweedfs.name" . }}
- helm.sh/chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- app.kubernetes.io/managed-by: {{ .Release.Service }}
- app.kubernetes.io/instance: {{ .Release.Name }}
- subjects:
- - kind: ServiceAccount
- name: {{ .Values.global.serviceAccountName }}
- namespace: {{ .Release.Namespace }}
- roleRef:
- apiGroup: rbac.authorization.k8s.io
- kind: ClusterRole
- name: {{ .Values.global.serviceAccountName }}-rw-cr
- {{- end }}
|
