| {{/* |
| Licensed under the Apache License, Version 2.0 (the "License"); |
| you may not use this file except in compliance with the License. |
| You may obtain a copy of the License at |
| |
| http://www.apache.org/licenses/LICENSE-2.0 |
| |
| Unless required by applicable law or agreed to in writing, software |
| distributed under the License is distributed on an "AS IS" BASIS, |
| WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| See the License for the specific language governing permissions and |
| limitations under the License. |
| */}} |
| |
| {{- if .Values.manifests.role_cert_manager }} |
| {{- $serviceAccountName := "libvirt" }} |
| --- |
| apiVersion: rbac.authorization.k8s.io/v1 |
| kind: RoleBinding |
| metadata: |
| name: {{ .Release.Name }}-cert-manager |
| namespace: {{ .Release.Namespace }} |
| roleRef: |
| apiGroup: rbac.authorization.k8s.io |
| kind: Role |
| name: {{ .Release.Name }}-cert-manager |
| subjects: |
| - kind: ServiceAccount |
| name: {{ $serviceAccountName }} |
| namespace: {{ .Release.Namespace }} |
| --- |
| apiVersion: rbac.authorization.k8s.io/v1 |
| kind: Role |
| metadata: |
| name: {{ .Release.Name }}-cert-manager |
| namespace: {{ .Release.Namespace }} |
| rules: |
| - apiGroups: |
| - cert-manager.io |
| verbs: |
| - get |
| - list |
| - create |
| - watch |
| resources: |
| - certificates |
| - apiGroups: |
| - "" |
| verbs: |
| - get |
| - list |
| - patch |
| - watch |
| resources: |
| - secrets |
| {{- end -}} |