github.com/verrazzano/verrazzano@v1.7.0/platform-operator/thirdparty/charts/weblogic-operator/templates/_operator-clusterrole-general.tpl (about) 1 # Copyright (c) 2018, 2023, Oracle and/or its affiliates. 2 # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. 3 4 {{- define "operator.operatorClusterRoleGeneral" }} 5 --- 6 {{- if (eq .domainNamespaceSelectionStrategy "Dedicated") }} 7 kind: "Role" 8 {{- else }} 9 kind: "ClusterRole" 10 {{- end }} 11 apiVersion: "rbac.authorization.k8s.io/v1" 12 metadata: 13 {{- if (eq .domainNamespaceSelectionStrategy "Dedicated") }} 14 name: "weblogic-operator-role-general" 15 namespace: {{ .Release.Namespace | quote }} 16 {{- else }} 17 name: {{ list .Release.Namespace "weblogic-operator-clusterrole-general" | join "-" | quote }} 18 {{- end }} 19 labels: 20 weblogic.operatorName: {{ .Release.Namespace | quote }} 21 rules: 22 {{- if not (eq .domainNamespaceSelectionStrategy "Dedicated") }} 23 - apiGroups: [""] 24 resources: ["namespaces"] 25 verbs: ["get", "list", "watch"] 26 - apiGroups: ["apiextensions.k8s.io"] 27 resources: ["customresourcedefinitions"] 28 verbs: ["get", "list", "watch", "create", "update", "patch"] 29 {{- end }} 30 - apiGroups: [""] 31 resources: ["persistentvolumes"] 32 verbs: ["get", "list", "create"] 33 - apiGroups: ["weblogic.oracle"] 34 resources: ["domains", "clusters", "domains/status", "clusters/status"] 35 verbs: ["get", "create", "list", "watch", "update", "patch"] 36 - apiGroups: ["authentication.k8s.io"] 37 resources: ["tokenreviews"] 38 verbs: ["create"] 39 - apiGroups: ["authorization.k8s.io"] 40 resources: ["selfsubjectrulesreviews"] 41 verbs: ["create"] 42 - apiGroups: ["admissionregistration.k8s.io"] 43 resources: ["validatingwebhookconfigurations"] 44 verbs: ["get", "create", "update", "patch", "delete"] 45 {{- end }}