charts/cert-manager/templates/cainjector-psp-clusterrole.yaml - pcloud - Gitiles

 {{- if .Values.cainjector.enabled }}
 {{- if .Values.global.podSecurityPolicy.enabled }}
 kind: ClusterRole
 apiVersion: rbac.authorization.k8s.io/v1
 metadata:
   name: {{ template "cainjector.fullname" . }}-psp
   labels:
     app: {{ include "cainjector.name" . }}
     app.kubernetes.io/name: {{ include "cainjector.name" . }}
     app.kubernetes.io/instance: {{ .Release.Name }}
     app.kubernetes.io/component: "cainjector"
     {{- include "labels" . | nindent 4 }}
 rules:
 - apiGroups: ['policy']
   resources: ['podsecuritypolicies']
   verbs:     ['use']
   resourceNames:
   - {{ template "cainjector.fullname" . }}
 {{- end }}
 {{- end }}
	{{- if .Values.cainjector.enabled }}
	{{- if .Values.global.podSecurityPolicy.enabled }}
	kind: ClusterRole
	apiVersion: rbac.authorization.k8s.io/v1
	metadata:
	name: {{ template "cainjector.fullname" . }}-psp
	labels:
	app: {{ include "cainjector.name" . }}
	app.kubernetes.io/name: {{ include "cainjector.name" . }}
	app.kubernetes.io/instance: {{ .Release.Name }}
	app.kubernetes.io/component: "cainjector"
	{{- include "labels" . \| nindent 4 }}
	rules:
	- apiGroups: ['policy']
	resources: ['podsecuritypolicies']
	verbs: ['use']
	resourceNames:
	- {{ template "cainjector.fullname" . }}
	{{- end }}
	{{- end }}