github.com/verrazzano/verrazzano@v1.7.0/platform-operator/thirdparty/charts/cert-manager/templates/startupapicheck-psp-clusterrolebinding.yaml

github.com/verrazzano/verrazzano@v1.7.0/platform-operator/thirdparty/charts/cert-manager/templates/startupapicheck-psp-clusterrolebinding.yaml (about)

     1  {{- if .Values.startupapicheck.enabled }}
     2  {{- if .Values.global.podSecurityPolicy.enabled }}
     3  {{- if .Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy" }}
     4  apiVersion: rbac.authorization.k8s.io/v1
     5  kind: ClusterRoleBinding
     6  metadata:
     7    name: {{ template "startupapicheck.fullname" . }}-psp
     8    labels:
     9      app: {{ include "startupapicheck.name" . }}
    10      app.kubernetes.io/name: {{ include "startupapicheck.name" . }}
    11      app.kubernetes.io/instance: {{ .Release.Name }}
    12      app.kubernetes.io/component: "startupapicheck"
    13      {{- include "labels" . | nindent 4 }}
    14    {{- with .Values.startupapicheck.rbac.annotations }}
    15    annotations:
    16      {{- toYaml . | nindent 4 }}
    17    {{- end }}
    18  roleRef:
    19    apiGroup: rbac.authorization.k8s.io
    20    kind: ClusterRole
    21    name: {{ template "startupapicheck.fullname" . }}-psp
    22  subjects:
    23    - kind: ServiceAccount
    24      name: {{ template "startupapicheck.serviceAccountName" . }}
    25      namespace: {{ include "cert-manager.namespace" . }}
    26  {{- end }}
    27  {{- end }}
    28  {{- end }}