diff options
| author | Saumit <justsaumit@protonmail.com> | 2025-10-11 02:34:38 +0530 |
|---|---|---|
| committer | Saumit <justsaumit@protonmail.com> | 2025-10-11 02:34:38 +0530 |
| commit | 88a326bacdffde9e065b08ba893a17149584e72e (patch) | |
| tree | 20e380438497afb8c4b33a932505602590721690 /astroshop-platform/argocd-helmchart/templates/argocd-server/clusterrole.yaml | |
| parent | ef773bd27019ec6597bd12237e3b4f4f0f46f244 (diff) | |
platform: Adding argocd helm chart
Diffstat (limited to 'astroshop-platform/argocd-helmchart/templates/argocd-server/clusterrole.yaml')
| -rw-r--r-- | astroshop-platform/argocd-helmchart/templates/argocd-server/clusterrole.yaml | 78 |
1 files changed, 78 insertions, 0 deletions
diff --git a/astroshop-platform/argocd-helmchart/templates/argocd-server/clusterrole.yaml b/astroshop-platform/argocd-helmchart/templates/argocd-server/clusterrole.yaml new file mode 100644 index 0000000..1bc9aed --- /dev/null +++ b/astroshop-platform/argocd-helmchart/templates/argocd-server/clusterrole.yaml @@ -0,0 +1,78 @@ +{{- if .Values.createClusterRoles }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: {{ include "argo-cd.server.fullname" . }} + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} +rules: + {{- if .Values.server.clusterRoleRules.enabled }} + {{- toYaml .Values.server.clusterRoleRules.rules | nindent 2 }} + {{- else }} + - apiGroups: + - '*' + resources: + - '*' + verbs: + - delete # supports deletion a live object in UI + - get # supports viewing live object manifest in UI + - patch # supports `argocd app patch` + - apiGroups: + - "" + resources: + - events + verbs: + - list # supports listing events in UI + - create + - apiGroups: + - "" + resources: + - pods + - pods/log + verbs: + - get # supports viewing pod logs from UI + {{- if eq (toString (index .Values.configs.cm "exec.enabled")) "true" }} + - apiGroups: + - "" + resources: + - pods/exec + verbs: + - create + {{- end }} + - apiGroups: + - argoproj.io + resources: + - applications + - applicationsets + verbs: + - get + - list + - update + - watch + {{- if (index .Values.configs.params "application.namespaces") }} + - apiGroups: + - "argoproj.io" + resources: + - "applications" + verbs: + - create + - delete + - update + - patch + {{- end }} + - apiGroups: + - batch + resources: + {{/* supports triggering jobs from UI */}} + - jobs + verbs: + - create + - apiGroups: + - argoproj.io + resources: + - workflows + verbs: + {{/* supports triggering workflows from UI */}} + - create + {{- end }} +{{- end }} |