github.com/devseccon/trivy@v0.47.1-0.20231123133102-bd902a0bd996/helm/trivy/templates/role.yaml

github.com/devseccon/trivy@v0.47.1-0.20231123133102-bd902a0bd996/helm/trivy/templates/role.yaml (about)

     1  {{- if .Values.rbac.create }}
     2  apiVersion: rbac.authorization.k8s.io/v1
     3  kind: Role
     4  metadata:
     5    name: {{ include "trivy.fullname" . }}
     6    labels:
     7  {{ include "trivy.labels" . | indent 4 }}
     8    namespace: {{ .Release.Namespace }}
     9  {{- if .Values.rbac.pspEnabled }}
    10    {{- if .Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy" }}
    11  rules:
    12  - apiGroups:      ['policy']
    13    resources:      ['podsecuritypolicies']
    14    verbs:          ['use']
    15    resourceNames:  [{{ include "trivy.fullname" . }}]
    16    {{- end }}
    17  {{- end }}
    18  {{- end }}