kubernetes/common/mongodb/templates/role.yaml

   1 {{- /*
   2 Copyright VMware, Inc.
   3 SPDX-License-Identifier: APACHE-2.0
   4 */}}
   5
   6 {{- if .Values.rbac.create }}
   7 apiVersion: {{ include "common.capabilities.rbac.apiVersion" . }}
   8 kind: Role
   9 metadata:
  10   name: {{ include "mongodb.fullname" . }}
  11   namespace: {{ include "mongodb.namespace" . | quote }}
  12   labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }}
  13 rules:
  14   - apiGroups:
  15       - ""
  16     resources:
  17       - services
  18     verbs:
  19       - get
  20       - list
  21       - watch
  22 {{- if .Values.rbac.rules }}
  23 {{- include "common.tplvalues.render" ( dict "value" .Values.rbac.rules "context" $ ) | nindent 2 }}
  24 {{- end -}}
  25 {{- if and (include "common.capabilities.psp.supported" .) .Values.podSecurityPolicy.create }}
  26   - apiGroups: ['{{ template "podSecurityPolicy.apiGroup" . }}']
  27     resources: ['podsecuritypolicies']
  28     verbs: ['use']
  29     resourceNames: [{{ include "mongodb.fullname" . }}]
  30 {{- end -}}
  31 {{- end }}