admin/k3s-gitops
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
bf29990add16360da13a4b7b62ec30523aaac2dd
k3s-gitops/helm/jenkins/templates/rbac.yaml
Claude AI 4d06531df5 feat: jenkins Helm chart — rbac template
2026-03-08 15:23:31 +00:00

48 lines
1.5 KiB
YAML
Raw Blame History

{{- if .Values.rbac.enabled }}
apiVersion: v1
kind: ServiceAccount
metadata:
name: {{ .Values.rbac.serviceAccountName }}
namespace: {{ .Values.namespace }}
labels:
{{- include "jenkins.labels" . | nindent 4 }}
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: {{ .Values.rbac.clusterRoleName }}
labels:
{{- include "jenkins.labels" . | nindent 4 }}
rules:
- apiGroups: [""]
resources: ["pods", "services", "configmaps", "secrets"]
verbs: ["get", "list", "watch", "create", "update", "patch", "delete"]
- apiGroups: [""]
resources: ["pods/exec", "pods/log"]
verbs: ["create", "get"]
- apiGroups: ["apps"]
resources: ["deployments", "statefulsets", "daemonsets", "replicasets"]
verbs: ["get", "list", "watch", "create", "update", "patch", "delete"]
- apiGroups: ["networking.k8s.io"]
resources: ["ingresses"]
verbs: ["get", "list", "watch", "create", "update", "patch", "delete"]
- apiGroups: ["argoproj.io"]
resources: ["applications"]
verbs: ["get", "list", "watch", "update", "patch"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: {{ .Values.rbac.clusterRoleName }}
labels:
{{- include "jenkins.labels" . | nindent 4 }}
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: {{ .Values.rbac.clusterRoleName }}
subjects:
- kind: ServiceAccount
name: {{ .Values.rbac.serviceAccountName }}
namespace: {{ .Values.namespace }}
{{- end }}
Reference in New Issue View Git Blame Copy Permalink