| Giorgi Lekveishvili | 5b35646 | 2023-06-21 14:45:09 +0400 | [diff] [blame] | 1 | apiVersion: rbac.authorization.k8s.io/v1 |
| 2 | kind: ClusterRole |
| 3 | metadata: |
| 4 | name: cert-manager-gandi |
| 5 | rules: |
| 6 | - apiGroups: |
| 7 | - acme.bwolf.me |
| 8 | resources: |
| 9 | - gandi |
| 10 | verbs: |
| 11 | - "*" # TODO(giolekva): limit |
| 12 | --- |
| 13 | apiVersion: rbac.authorization.k8s.io/v1 |
| 14 | kind: ClusterRoleBinding |
| 15 | metadata: |
| 16 | name: cert-manager-gandi-binding |
| 17 | roleRef: |
| 18 | apiGroup: rbac.authorization.k8s.io |
| 19 | kind: ClusterRole |
| 20 | name: cert-manager-gandi |
| 21 | subjects: |
| 22 | - kind: ServiceAccount |
| 23 | name: {{ .Values.certManager.name }} |
| 24 | namespace: {{ .Values.certManager.namespace }} |