agones.dev/agones@v1.53.0/install/helm/agones/templates/serviceaccounts/sdk.yaml (about)

     1  # Copyright 2018 Google LLC All Rights Reserved.
     2  #
     3  # Licensed under the Apache License, Version 2.0 (the "License");
     4  # you may not use this file except in compliance with the License.
     5  # You may obtain a copy of the License at
     6  #
     7  #     http://www.apache.org/licenses/LICENSE-2.0
     8  #
     9  # Unless required by applicable law or agreed to in writing, software
    10  # distributed under the License is distributed on an "AS IS" BASIS,
    11  # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    12  # See the License for the specific language governing permissions and
    13  # limitations under the License.
    14  {{- if .Values.agones.registerServiceAccounts }}
    15  {{- range .Values.gameservers.namespaces }}
    16  apiVersion: v1
    17  kind: ServiceAccount
    18  metadata:
    19    name: {{ $.Values.agones.serviceaccount.sdk.name }}
    20    namespace: {{ . }}
    21    labels:
    22      app: {{ template "agones.name" $ }}
    23      chart: {{ template "agones.chart" $ }}
    24      release: {{ $.Release.Name }}
    25      heritage: {{ $.Release.Service }}
    26  {{- if hasKey $.Values.agones.serviceaccount.sdk.annotations . }}
    27    annotations:
    28  {{- get $.Values.agones.serviceaccount.sdk.annotations . | toYaml | nindent 4 }}
    29  {{- end }}
    30  ---
    31  {{- end }}
    32  {{- if .Values.agones.rbacEnabled }}
    33  apiVersion: rbac.authorization.k8s.io/v1
    34  kind: ClusterRole
    35  metadata:
    36    name: {{ .Values.agones.serviceaccount.sdk.name }}
    37    labels:
    38      app: {{ template "agones.name" . }}
    39      chart: {{ template "agones.chart" . }}
    40      release: {{ .Release.Name }}
    41      heritage: {{ .Release.Service }}
    42  rules:
    43  - apiGroups: [""]
    44    resources: ["events"]
    45    verbs: ["create", "patch"]
    46  - apiGroups: ["agones.dev"]
    47    resources: ["gameservers"]
    48    verbs: ["list", "patch", "watch"]
    49  ---
    50    {{- range .Values.gameservers.namespaces }}
    51  apiVersion: rbac.authorization.k8s.io/v1
    52  kind: RoleBinding
    53  metadata:
    54    name: {{ $.Values.agones.serviceaccount.sdk.name }}-access
    55    namespace: {{ . }}
    56    labels:
    57      app: {{ template "agones.name" $ }}
    58      chart: {{ template "agones.chart" $ }}
    59      release: {{ $.Release.Name }}
    60      heritage: {{ $.Release.Service }}
    61  subjects:
    62  - kind: User
    63    name: system:serviceaccount:{{ . }}:{{ $.Values.agones.serviceaccount.sdk.name }}
    64    apiGroup: rbac.authorization.k8s.io
    65  roleRef:
    66    apiGroup: rbac.authorization.k8s.io
    67    kind: ClusterRole
    68    name: {{ $.Values.agones.serviceaccount.sdk.name }}
    69  ---
    70    {{- end }}
    71  {{- end }}
    72  {{- end }}