Adding Istio installtion helm charts

[demo.git] / vnfs / DAaaS / deploy / 00-init / istio / istio-operator / templates / operator-rbac.yaml

diff --git a/vnfs/DAaaS/deploy/00-init/istio/istio-operator/templates/operator-rbac.yaml b/vnfs/DAaaS/deploy/00-init/istio/istio-operator/templates/operator-rbac.yaml
deleted file mode 100644 (file)
index d506ee4..0000000
--- a/vnfs/DAaaS/deploy/00-init/istio/istio-operator/templates/operator-rbac.yaml
+++ /dev/null
@@ -1,315 +0,0 @@
-{{- if .Values.rbac.enabled }}
-apiVersion: v1
-kind: ServiceAccount
-metadata:
-  name: {{ include "istio-operator.fullname" . }}-operator
-  labels:
-    app.kubernetes.io/name: {{ include "istio-operator.name" . }}
-    helm.sh/chart: {{ include "istio-operator.chart" . }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-    app.kubernetes.io/version: {{ .Chart.AppVersion }}
-    app.kubernetes.io/component: operator
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
-  name: {{ include "istio-operator.fullname" . }}-operator
-  labels:
-    app.kubernetes.io/name: {{ include "istio-operator.name" . }}
-    helm.sh/chart: {{ include "istio-operator.chart" . }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-    app.kubernetes.io/version: {{ .Chart.AppVersion }}
-    app.kubernetes.io/component: operator
-rules:
-- apiGroups:
-  - ""
-  resources:
-  - nodes
-  - services
-  - endpoints
-  - pods
-  - replicationcontrollers
-  - services
-  - endpoints
-  - pods
-  verbs:
-  - get
-  - list
-  - watch
-- apiGroups:
-  - ""
-  resources:
-  - serviceaccounts
-  - configmaps
-  verbs:
-  - get
-  - list
-  - watch
-  - create
-  - update
-  - patch
-  - delete
-- apiGroups:
-  - ""
-  resources:
-  - namespaces
-  verbs:
-  - get
-  - list
-  - watch
-  - update
-  - patch
-- apiGroups:
-  - apps
-  resources:
-  - replicasets
-  verbs:
-  - get
-  - list
-  - watch
-- apiGroups:
-  - apps
-  resources:
-  - deployments
-  - daemonsets
-  verbs:
-  - get
-  - list
-  - watch
-  - create
-  - update
-  - patch
-  - delete
-- apiGroups:
-  - apps
-  resources:
-  - deployments/status
-  verbs:
-  - get
-  - update
-  - patch
-- apiGroups:
-  - extensions
-  resources:
-  - ingresses
-  - ingresses/status
-  verbs:
-  - '*'
-- apiGroups:
-  - extensions
-  resources:
-  - deployments
-  verbs:
-  - get
-- apiGroups:
-  - extensions
-  resources:
-  - deployments/finalizers
-  verbs:
-  - update
-- apiGroups:
-  - extensions
-  resources:
-  - replicasets
-  verbs:
-  - get
-  - list
-  - watch
-- apiGroups:
-  - policy
-  resources:
-  - poddisruptionbudgets
-  verbs:
-  - get
-  - list
-  - watch
-  - create
-  - update
-  - patch
-  - delete
-- apiGroups:
-  - autoscaling
-  resources:
-  - horizontalpodautoscalers
-  verbs:
-  - get
-  - list
-  - watch
-  - create
-  - update
-  - patch
-  - delete
-- apiGroups:
-  - apiextensions.k8s.io
-  resources:
-  - customresourcedefinitions
-  verbs:
-  - '*'
-- apiGroups:
-  - rbac.authorization.k8s.io
-  resources:
-  - clusterroles
-  - clusterrolebindings
-  - roles
-  - rolebindings
-  - ""
-  verbs:
-  - get
-  - list
-  - watch
-  - create
-  - update
-  - patch
-  - delete
-- apiGroups:
-  - authentication.k8s.io
-  resources:
-  - tokenreviews
-  verbs:
-  - create
-- apiGroups:
-  - istio.banzaicloud.io
-  resources:
-  - istios
-  verbs:
-  - get
-  - list
-  - watch
-  - create
-  - update
-  - patch
-  - delete
-- apiGroups:
-  - istio.banzaicloud.io
-  resources:
-  - istios/status
-  verbs:
-  - get
-  - update
-  - patch
-- apiGroups:
-  - authentication.istio.io
-  - cloud.istio.io
-  - config.istio.io
-  - istio.istio.io
-  - networking.istio.io
-  - rbac.istio.io
-  - scalingpolicy.istio.io
-  resources:
-  - '*'
-  verbs:
-  - '*'
-- apiGroups:
-  - apps
-  resources:
-  - deployments
-  verbs:
-  - get
-  - list
-  - watch
-  - create
-  - update
-  - patch
-  - delete
-- apiGroups:
-  - apps
-  resources:
-  - deployments/status
-  verbs:
-  - get
-  - update
-  - patch
-- apiGroups:
-  - istio.banzaicloud.io
-  resources:
-  - remoteistios
-  verbs:
-  - get
-  - list
-  - watch
-  - create
-  - update
-  - patch
-  - delete
-- apiGroups:
-  - istio.banzaicloud.io
-  resources:
-  - remoteistios/status
-  verbs:
-  - get
-  - update
-  - patch
-- apiGroups:
-  - admissionregistration.k8s.io
-  resources:
-  - validatingwebhookconfigurations
-  verbs:
-  - get
-  - list
-  - watch
-  - create
-  - update
-  - patch
-  - delete
-- apiGroups:
-  - istio.banzaicloud.io
-  resources:
-  - istios
-  verbs:
-  - get
-  - list
-  - watch
-- apiGroups:
-  - admissionregistration.k8s.io
-  resources:
-  - mutatingwebhookconfigurations
-  - validatingwebhookconfigurations
-  verbs:
-  - '*'
-- apiGroups:
-  - ""
-  resources:
-  - secrets
-  verbs:
-  - get
-  - list
-  - watch
-  - create
-  - update
-  - patch
-  - delete
-- apiGroups:
-  - ""
-  resources:
-  - services
-  verbs:
-  - get
-  - list
-  - watch
-  - create
-  - update
-  - patch
-  - delete
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
-  name: {{ include "istio-operator.fullname" . }}-operator
-  labels:
-    app.kubernetes.io/name: {{ include "istio-operator.name" . }}
-    helm.sh/chart: {{ include "istio-operator.chart" . }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-    app.kubernetes.io/version: {{ .Chart.AppVersion }}
-    app.kubernetes.io/component: operator
-roleRef:
-  apiGroup: rbac.authorization.k8s.io
-  kind: ClusterRole
-  name: {{ include "istio-operator.fullname" . }}-operator
-subjects:
-- kind: ServiceAccount
-  name: {{ include "istio-operator.fullname" . }}-operator
-  namespace: {{ .Release.Namespace }}
-{{- end }}