charts/rabbitmq-cluster-operator/templates/messaging-topology-operator/clusterrole.yaml - atmosphere - Gitiles

 {{- /*
 Copyright Broadcom, Inc. All Rights Reserved.
 SPDX-License-Identifier: APACHE-2.0
 */}}

 {{- if and .Values.msgTopologyOperator.enabled .Values.msgTopologyOperator.rbac.create }}
 apiVersion: {{ include "common.capabilities.rbac.apiVersion" . }}
 kind: ClusterRole
 metadata:
   {{- $versionLabel := dict "app.kubernetes.io/version" ( include "common.images.version" ( dict "imageRoot" .Values.msgTopologyOperator.image "chart" .Chart ) ) }}
   {{- $labels := include "common.tplvalues.merge" ( dict "values" ( list .Values.commonLabels $versionLabel ) "context" . ) }}
   labels: {{- include "common.labels.standard" ( dict "customLabels" $labels "context" $ ) | nindent 4 }}
     app.kubernetes.io/component: messaging-topology-operator
     app.kubernetes.io/part-of: rabbitmq
   name: {{ template "rmqco.msgTopologyOperator.fullname.namespace" . }}
   {{- if .Values.commonAnnotations }}
   annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
   {{- end }}
 rules:
   {{- if .Values.msgTopologyOperator.rbac.clusterRole.customRules }}
   {{- range .Values.msgTopologyOperator.rbac.clusterRole.customRules }}
   - apiGroups: {{ .apiGroups | toYaml | nindent 6 }}
     resources: {{ .resources | toYaml | nindent 6 }}
     verbs: {{ .verbs | toYaml | nindent 6 }}
   {{- end }}
   {{- else }}
   {{- if .Values.msgTopologyOperator.rbac.clusterRole.extraRules }}
   {{- range .Values.msgTopologyOperator.rbac.clusterRole.extraRules }}
   - apiGroups: {{ .apiGroups | toYaml | nindent 6 }}
     resources: {{ .resources | toYaml | nindent 6 }}
     verbs: {{ .verbs | toYaml | nindent 6 }}
   {{- end }}
   {{- end }}
   - apiGroups:
       - ""
     resources:
       - events
     verbs:
       - create
       - get
       - patch
   - apiGroups:
       - ""
     resources:
       - secrets
     verbs:
       - create
       - get
       - list
       - patch
       - update
       - watch
   - apiGroups:
       - ""
     resources:
       - services
     verbs:
       - get
       - list
       - watch
   - apiGroups:
       - rabbitmq.com
     resources:
       - bindings
     verbs:
       - create
       - delete
       - get
       - list
       - patch
       - update
       - watch
   - apiGroups:
       - rabbitmq.com
     resources:
       - bindings/status
     verbs:
       - get
       - patch
       - update
   - apiGroups:
       - rabbitmq.com
     resources:
       - exchanges
     verbs:
       - create
       - delete
       - get
       - list
       - patch
       - update
       - watch
   - apiGroups:
       - rabbitmq.com
     resources:
       - exchanges/status
     verbs:
       - get
       - patch
       - update
   - apiGroups:
       - rabbitmq.com
     resources:
       - federations
     verbs:
       - create
       - delete
       - get
       - list
       - patch
       - update
       - watch
   - apiGroups:
       - rabbitmq.com
     resources:
       - federations/status
     verbs:
       - get
       - patch
       - update
   - apiGroups:
       - rabbitmq.com
     resources:
       - permissions
     verbs:
       - create
       - delete
       - get
       - list
       - patch
       - update
       - watch
   - apiGroups:
       - rabbitmq.com
     resources:
       - permissions/status
     verbs:
       - get
       - patch
       - update
   - apiGroups:
       - rabbitmq.com
     resources:
       - policies
     verbs:
       - create
       - delete
       - get
       - list
       - patch
       - update
       - watch
   - apiGroups:
       - rabbitmq.com
     resources:
       - policies/status
     verbs:
       - get
       - patch
       - update
   - apiGroups:
       - rabbitmq.com
     resources:
       - queues
     verbs:
       - create
       - delete
       - get
       - list
       - patch
       - update
       - watch
   - apiGroups:
       - rabbitmq.com
     resources:
       - queues/status
     verbs:
       - get
       - patch
       - update
   - apiGroups:
       - rabbitmq.com
     resources:
       - rabbitmqclusters
     verbs:
       - get
       - list
       - watch
   - apiGroups:
       - rabbitmq.com
     resources:
       - rabbitmqclusters/status
     verbs:
       - get
   - apiGroups:
       - rabbitmq.com
     resources:
       - schemareplications
     verbs:
       - create
       - delete
       - get
       - list
       - patch
       - update
       - watch
   - apiGroups:
       - rabbitmq.com
     resources:
       - schemareplications/status
     verbs:
       - get
       - patch
       - update
   - apiGroups:
       - rabbitmq.com
     resources:
       - shovels
     verbs:
       - create
       - delete
       - get
       - list
       - patch
       - update
       - watch
   - apiGroups:
       - rabbitmq.com
     resources:
       - shovels/status
     verbs:
       - get
       - patch
       - update
   - apiGroups:
       - rabbitmq.com
     resources:
       - superstreams
     verbs:
       - create
       - delete
       - get
       - list
       - patch
       - update
       - watch
   - apiGroups:
       - rabbitmq.com
     resources:
       - superstreams/status
     verbs:
       - get
       - patch
       - update
   - apiGroups:
       - rabbitmq.com
     resources:
       - users
     verbs:
       - create
       - delete
       - get
       - list
       - patch
       - update
       - watch
   - apiGroups:
       - rabbitmq.com
     resources:
       - users/status
     verbs:
       - get
       - patch
       - update
   - apiGroups:
       - rabbitmq.com
     resources:
       - vhosts
     verbs:
       - create
       - delete
       - get
       - list
       - patch
       - update
       - watch
   - apiGroups:
       - rabbitmq.com
     resources:
       - vhosts/status
     verbs:
       - get
       - patch
       - update
   - apiGroups:
       - rabbitmq.com
     resources:
       - topicpermissions
     verbs:
       - create
       - delete
       - get
       - list
       - patch
       - update
       - watch
   - apiGroups:
       - rabbitmq.com
     resources:
       - topicpermissions/status
     verbs:
       - get
       - patch
       - update
   - apiGroups:
     - rabbitmq.com
     resources:
     - operatorpolicies
     verbs:
     - create
     - delete
     - get
     - list
     - patch
     - update
     - watch
   - apiGroups:
     - rabbitmq.com
     resources:
     - operatorpolicies/status
     verbs:
     - get
   {{- end }}
 {{- end }}
	{{- /*
	Copyright Broadcom, Inc. All Rights Reserved.
	SPDX-License-Identifier: APACHE-2.0
	*/}}

	{{- if and .Values.msgTopologyOperator.enabled .Values.msgTopologyOperator.rbac.create }}
	apiVersion: {{ include "common.capabilities.rbac.apiVersion" . }}
	kind: ClusterRole
	metadata:
	{{- $versionLabel := dict "app.kubernetes.io/version" ( include "common.images.version" ( dict "imageRoot" .Values.msgTopologyOperator.image "chart" .Chart ) ) }}
	{{- $labels := include "common.tplvalues.merge" ( dict "values" ( list .Values.commonLabels $versionLabel ) "context" . ) }}
	labels: {{- include "common.labels.standard" ( dict "customLabels" $labels "context" $ ) \| nindent 4 }}
	app.kubernetes.io/component: messaging-topology-operator
	app.kubernetes.io/part-of: rabbitmq
	name: {{ template "rmqco.msgTopologyOperator.fullname.namespace" . }}
	{{- if .Values.commonAnnotations }}
	annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) \| nindent 4 }}
	{{- end }}
	rules:
	{{- if .Values.msgTopologyOperator.rbac.clusterRole.customRules }}
	{{- range .Values.msgTopologyOperator.rbac.clusterRole.customRules }}
	- apiGroups: {{ .apiGroups \| toYaml \| nindent 6 }}
	resources: {{ .resources \| toYaml \| nindent 6 }}
	verbs: {{ .verbs \| toYaml \| nindent 6 }}
	{{- end }}
	{{- else }}
	{{- if .Values.msgTopologyOperator.rbac.clusterRole.extraRules }}
	{{- range .Values.msgTopologyOperator.rbac.clusterRole.extraRules }}
	- apiGroups: {{ .apiGroups \| toYaml \| nindent 6 }}
	resources: {{ .resources \| toYaml \| nindent 6 }}
	verbs: {{ .verbs \| toYaml \| nindent 6 }}
	{{- end }}
	{{- end }}
	- apiGroups:
	- ""
	resources:
	- events
	verbs:
	- create
	- get
	- patch
	- apiGroups:
	- ""
	resources:
	- secrets
	verbs:
	- create
	- get
	- list
	- patch
	- update
	- watch
	- apiGroups:
	- ""
	resources:
	- services
	verbs:
	- get
	- list
	- watch
	- apiGroups:
	- rabbitmq.com
	resources:
	- bindings
	verbs:
	- create
	- delete
	- get
	- list
	- patch
	- update
	- watch
	- apiGroups:
	- rabbitmq.com
	resources:
	- bindings/status
	verbs:
	- get
	- patch
	- update
	- apiGroups:
	- rabbitmq.com
	resources:
	- exchanges
	verbs:
	- create
	- delete
	- get
	- list
	- patch
	- update
	- watch
	- apiGroups:
	- rabbitmq.com
	resources:
	- exchanges/status
	verbs:
	- get
	- patch
	- update
	- apiGroups:
	- rabbitmq.com
	resources:
	- federations
	verbs:
	- create
	- delete
	- get
	- list
	- patch
	- update
	- watch
	- apiGroups:
	- rabbitmq.com
	resources:
	- federations/status
	verbs:
	- get
	- patch
	- update
	- apiGroups:
	- rabbitmq.com
	resources:
	- permissions
	verbs:
	- create
	- delete
	- get
	- list
	- patch
	- update
	- watch
	- apiGroups:
	- rabbitmq.com
	resources:
	- permissions/status
	verbs:
	- get
	- patch
	- update
	- apiGroups:
	- rabbitmq.com
	resources:
	- policies
	verbs:
	- create
	- delete
	- get
	- list
	- patch
	- update
	- watch
	- apiGroups:
	- rabbitmq.com
	resources:
	- policies/status
	verbs:
	- get
	- patch
	- update
	- apiGroups:
	- rabbitmq.com
	resources:
	- queues
	verbs:
	- create
	- delete
	- get
	- list
	- patch
	- update
	- watch
	- apiGroups:
	- rabbitmq.com
	resources:
	- queues/status
	verbs:
	- get
	- patch
	- update
	- apiGroups:
	- rabbitmq.com
	resources:
	- rabbitmqclusters
	verbs:
	- get
	- list
	- watch
	- apiGroups:
	- rabbitmq.com
	resources:
	- rabbitmqclusters/status
	verbs:
	- get
	- apiGroups:
	- rabbitmq.com
	resources:
	- schemareplications
	verbs:
	- create
	- delete
	- get
	- list
	- patch
	- update
	- watch
	- apiGroups:
	- rabbitmq.com
	resources:
	- schemareplications/status
	verbs:
	- get
	- patch
	- update
	- apiGroups:
	- rabbitmq.com
	resources:
	- shovels
	verbs:
	- create
	- delete
	- get
	- list
	- patch
	- update
	- watch
	- apiGroups:
	- rabbitmq.com
	resources:
	- shovels/status
	verbs:
	- get
	- patch
	- update
	- apiGroups:
	- rabbitmq.com
	resources:
	- superstreams
	verbs:
	- create
	- delete
	- get
	- list
	- patch
	- update
	- watch
	- apiGroups:
	- rabbitmq.com
	resources:
	- superstreams/status
	verbs:
	- get
	- patch
	- update
	- apiGroups:
	- rabbitmq.com
	resources:
	- users
	verbs:
	- create
	- delete
	- get
	- list
	- patch
	- update
	- watch
	- apiGroups:
	- rabbitmq.com
	resources:
	- users/status
	verbs:
	- get
	- patch
	- update
	- apiGroups:
	- rabbitmq.com
	resources:
	- vhosts
	verbs:
	- create
	- delete
	- get
	- list
	- patch
	- update
	- watch
	- apiGroups:
	- rabbitmq.com
	resources:
	- vhosts/status
	verbs:
	- get
	- patch
	- update
	- apiGroups:
	- rabbitmq.com
	resources:
	- topicpermissions
	verbs:
	- create
	- delete
	- get
	- list
	- patch
	- update
	- watch
	- apiGroups:
	- rabbitmq.com
	resources:
	- topicpermissions/status
	verbs:
	- get
	- patch
	- update
	- apiGroups:
	- rabbitmq.com
	resources:
	- operatorpolicies
	verbs:
	- create
	- delete
	- get
	- list
	- patch
	- update
	- watch
	- apiGroups:
	- rabbitmq.com
	resources:
	- operatorpolicies/status
	verbs:
	- get
	{{- end }}
	{{- end }}