charts/certificate-issuer-private/templates/gandi-webhook-secret-reader.yaml - pcloud - Gitiles

 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRole
 metadata:
   name: {{ .Release.Namespace }}-cert-manager-gandi-webhook-secret-reader  # TODO(giolekva): make namespace part configurable
   namespace: {{ .Release.Namespace }}
 rules:
 - apiGroups:
   - ""
   resources:
   - secrets
   verbs:
   - get
 ---
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRoleBinding
 metadata:
   name: {{ .Release.Namespace }}-cert-manager-gandi-webhook-secret-reader
   namespace: {{ .Release.Namespace }}
 roleRef:
   apiGroup: rbac.authorization.k8s.io
   kind: ClusterRole
   name: {{ .Release.Namespace }}-cert-manager-gandi-webhook-secret-reader
 subjects:
 - kind: ServiceAccount
   name: {{ .Values.certManager.gandiWebhookSecretReader }}
   namespace: {{ .Values.certManager.namespace }}
	apiVersion: rbac.authorization.k8s.io/v1
	kind: ClusterRole
	metadata:
	name: {{ .Release.Namespace }}-cert-manager-gandi-webhook-secret-reader # TODO(giolekva): make namespace part configurable
	namespace: {{ .Release.Namespace }}
	rules:
	- apiGroups:
	- ""
	resources:
	- secrets
	verbs:
	- get
	---
	apiVersion: rbac.authorization.k8s.io/v1
	kind: ClusterRoleBinding
	metadata:
	name: {{ .Release.Namespace }}-cert-manager-gandi-webhook-secret-reader
	namespace: {{ .Release.Namespace }}
	roleRef:
	apiGroup: rbac.authorization.k8s.io
	kind: ClusterRole
	name: {{ .Release.Namespace }}-cert-manager-gandi-webhook-secret-reader
	subjects:
	- kind: ServiceAccount
	name: {{ .Values.certManager.gandiWebhookSecretReader }}
	namespace: {{ .Values.certManager.namespace }}