github.com/verrazzano/verrazzano@v1.7.0/platform-operator/thirdparty/charts/thanos/templates/query-frontend/psp-clusterrole.yaml (about) 1 {{- $pspAvailable := (semverCompare "<1.25-0" (include "common.capabilities.kubeVersion" .)) }} 2 {{- if and $pspAvailable .Values.queryFrontend.enabled .Values.queryFrontend.pspEnabled .Values.queryFrontend.rbac.create }} 3 apiVersion: {{ include "common.capabilities.rbac.apiVersion" . }} 4 kind: ClusterRole 5 metadata: 6 name: {{ include "common.names.fullname" . }}-query-frontend 7 namespace: {{ .Release.Namespace | quote }} 8 labels: {{- include "common.labels.standard" . | nindent 4 }} 9 app.kubernetes.io/component: query-frontend 10 {{- if .Values.commonLabels }} 11 {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} 12 {{- end }} 13 {{- if .Values.commonAnnotations }} 14 annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} 15 {{- end }} 16 rules: 17 - apiGroups: ['policy'] 18 resources: ['podsecuritypolicies'] 19 verbs: ['use'] 20 resourceNames: 21 - {{ include "common.names.fullname" . }}-query-frontend 22 {{- if .Values.queryFrontend.rbac.rules }} 23 {{- include "common.tplvalues.render" ( dict "value" .Values.queryFrontend.rbac.rules "context" $ ) | nindent 2 }} 24 {{- end }} 25 {{- end }}