pub/gitlab-ci
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

init

Browse Source
This commit is contained in:
Vassiliy Yegorov
2022-09-06 10:22:06 +07:00
parent a3ace3a444
commit 8b460261db
27 changed files with 2646 additions and 41 deletions
Download Patch File Download Diff File Expand all files Collapse all files

32
k8s/gitlab-runner/templates/role.yaml Normal file
View File

@@ -0,0 +1,32 @@
{{- if .Values.rbac.create -}}
apiVersion: rbac.authorization.k8s.io/v1
kind: {{ if .Values.rbac.clusterWideAccess }}"ClusterRole"{{ else }}"Role"{{ end }}
metadata:
name: {{ include "gitlab-runner.fullname" . }}
labels:
app: {{ include "gitlab-runner.fullname" . }}
chart: {{ include "gitlab-runner.chart" . }}
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
{{ if not .Values.rbac.clusterWideAccess -}}
namespace: {{ default .Release.Namespace .Values.runners.namespace | quote }}
{{- end }}
rules:
{{- if .Values.rbac.podSecurityPolicy.enabled }}
- apiGroups: ['policy']
resources: ['podsecuritypolicies']
verbs: ['use']
resourceNames:
{{ toYaml .Values.rbac.podSecurityPolicy.resourceNames | indent 2 }}
{{- end }}
{{- if or (empty .Values.rbac.rules) (or .Values.rbac.resources .Values.rbac.verbs) }}
- apiGroups: [""]
resources: {{ (default (list "*") .Values.rbac.resources | toJson) }}
verbs: {{ (default (list "*") .Values.rbac.verbs | toJson) }}
{{- end -}}
{{ range .Values.rbac.rules }}
- apiGroups: {{ (default (list "") .apiGroups) | toJson }}
resources: {{ (default (list "*") .resources) | toJson }}
verbs: {{ (default (list "*") .verbs) | toJson }}
{{- end }}
{{- end -}}