-
Notifications
You must be signed in to change notification settings - Fork 8
Expand file tree
/
Copy path_role.yaml
More file actions
26 lines (26 loc) · 1.12 KB
/
_role.yaml
File metadata and controls
26 lines (26 loc) · 1.12 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
{{- define "argo-cd.namespaced-rbac.role" }}
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: argocd-namespaced-role
namespace: {{ .Release.Namespace }}
labels:
{{- include "codefresh-gitops-runtime.labels" . | nindent 4 }}
codefresh.io/component: argocd-namespaced-rbac
rules:
- apiGroups: [""]
resources: ["pods", "services", "endpoints", "persistentvolumeclaims", "events", "configmaps", "secrets", "serviceaccounts"]
verbs: ["get", "list", "watch", "create", "update", "patch", "delete"]
- apiGroups: ["apps"]
resources: ["deployments", "replicasets", "statefulsets", "daemonsets"]
verbs: ["get", "list", "watch", "create", "update", "patch", "delete"]
- apiGroups: ["batch"]
resources: ["jobs", "cronjobs"]
verbs: ["get", "list", "watch", "create", "update", "patch", "delete"]
- apiGroups: ["networking.k8s.io"]
resources: ["ingresses", "networkpolicies"]
verbs: ["get", "list", "watch", "create", "update", "patch", "delete"]
- apiGroups: ["rbac.authorization.k8s.io"]
resources: ["roles", "rolebindings"]
verbs: ["get", "list", "watch", "create", "update", "patch", "delete"]
{{- end }}