icecheng/freeleaps-ops
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
c2d2fa6345
freeleaps-ops/cluster/manifests/freeleaps-infra-system/telepresence/telepresence-oss/templates/clientRbac/connect.yaml

44 lines
1.0 KiB
YAML
Raw Normal View History

fix: update Jenkins token in gitea webhook configuration Signed-off-by: zhenyus <zhenyus@mathmast.com>
2025-07-24 08:51:35 +00:00
{{- with .Values.clientRbac }}
{{- if .create }}
{{- /*
Client must have the following RBAC in the traffic-manager.namespace to establish
a port-forward to the traffic-manager pod.
*/}}
kind: Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: traffic-manager-connect
namespace: {{ include "traffic-manager.namespace" $ }}
labels:
{{- include "telepresence.labels" $ | nindent 4 }}
rules:
- apiGroups: [""]
resources: ["pods"]
verbs: ["get", "list"]
- apiGroups: [""]
resources: ["services"]
resourceNames:
- {{ include "traffic-manager.name" $ }}
verbs: ["get"]
- apiGroups: [""]
resources: ["pods/portforward"]
verbs: ["create"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: traffic-manager-connect
namespace: {{ include "traffic-manager.namespace" $ }}
labels:
{{- include "telepresence.labels" $ | nindent 4 }}
subjects:
{{ toYaml .subjects }}
roleRef:
apiGroup: rbac.authorization.k8s.io
name: traffic-manager-connect
kind: Role
{{- end }}
{{- end }}
Reference in New Issue Copy Permalink