| Giorgi Lekveishvili | d1234c1 | 2023-06-19 10:37:06 +0400 | [diff] [blame] | 1 | {{- if .Values.global.podSecurityPolicy.enabled }} |
| 2 | apiVersion: rbac.authorization.k8s.io/v1 |
| 3 | kind: ClusterRoleBinding |
| 4 | metadata: |
| 5 | name: {{ template "webhook.fullname" . }}-psp |
| 6 | labels: |
| 7 | app: {{ include "webhook.name" . }} |
| 8 | app.kubernetes.io/name: {{ include "webhook.name" . }} |
| 9 | app.kubernetes.io/instance: {{ .Release.Name }} |
| 10 | app.kubernetes.io/component: "webhook" |
| 11 | {{- include "labels" . | nindent 4 }} |
| 12 | roleRef: |
| 13 | apiGroup: rbac.authorization.k8s.io |
| 14 | kind: ClusterRole |
| 15 | name: {{ template "webhook.fullname" . }}-psp |
| 16 | subjects: |
| 17 | - kind: ServiceAccount |
| 18 | name: {{ template "webhook.serviceAccountName" . }} |
| 19 | namespace: {{ include "cert-manager.namespace" . }} |
| 20 | {{- end }} |