Gitiles
Code Review Sign In
code.v1.dodo.cloud / helm-charts / 193b7c00535673b7179e819138aa22b02f462461 / . / charts / longhorn / templates / clusterrolebinding.yaml
blob: 2e34f014ce4d8db7fbb1837f154c3c3d59a8da16 [file] [log] [blame]
Giorgi Lekveishvili4ec4c022024-08-17 15:09:24 +0400[diff] [blame]1apiVersion: rbac.authorization.k8s.io/v1
2kind: ClusterRoleBinding
3metadata:
4 name: longhorn-bind
5 labels: {{- include "longhorn.labels" . | nindent 4 }}
6roleRef:
7 apiGroup: rbac.authorization.k8s.io
8 kind: ClusterRole
9 name: longhorn-role
10subjects:
11- kind: ServiceAccount
12 name: longhorn-service-account
13 namespace: {{ include "release_namespace" . }}
14---
15apiVersion: rbac.authorization.k8s.io/v1
16kind: ClusterRoleBinding
17metadata:
18 name: longhorn-support-bundle
19 labels: {{- include "longhorn.labels" . | nindent 4 }}
20roleRef:
21 apiGroup: rbac.authorization.k8s.io
22 kind: ClusterRole
23 name: cluster-admin
24subjects:
25- kind: ServiceAccount
26 name: longhorn-support-bundle
27 namespace: {{ include "release_namespace" . }}
Giorgi Lekveishvili193b7c02025-05-22 16:21:37 +0400[diff] [blame^]28{{- if .Values.openshift.enabled }}
29---
30apiVersion: rbac.authorization.k8s.io/v1
31kind: ClusterRoleBinding
32metadata:
33 name: longhorn-ocp-privileged-bind
34 labels: {{- include "longhorn.labels" . | nindent 4 }}
35roleRef:
36 apiGroup: rbac.authorization.k8s.io
37 kind: ClusterRole
38 name: longhorn-ocp-privileged-role
39subjects:
40- kind: ServiceAccount
41 name: longhorn-service-account
42 namespace: {{ include "release_namespace" . }}
43- kind: ServiceAccount
44 name: longhorn-ui-service-account
45 namespace: {{ include "release_namespace" . }}
46- kind: ServiceAccount
47 name: default # supportbundle-agent-support-bundle uses default sa
48 namespace: {{ include "release_namespace" . }}
49{{- end }}