summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorrameshiyer27 <ramesh.murugan.iyer@est.tech>2022-03-29 14:33:10 +0100
committerSylvain Desbureaux <sylvain.desbureaux@orange.com>2022-03-31 13:20:32 +0000
commit6a704d00d3a598039f926f80600f00a8b25e58de (patch)
tree507356b4024be0824abe091839c2865a306e447f
parentf509a5f5f1a2fdf75c18f73beca71405be818b57 (diff)
[POLICY] Enable cluster role for k8s-ppnt
Cluster role is required for the k8s-ppnt to perform helm deployments on the cluster Issue-ID: POLICY-3748 Signed-off-by: zrrmmua <ramesh.murugan.iyer@est.tech> Change-Id: Ib916803d22f6ecf0ed16e8c75fe52b4e567069ca
-rw-r--r--kubernetes/policy/components/policy-clamp-cl-k8s-ppnt/templates/service.yaml28
1 files changed, 26 insertions, 2 deletions
diff --git a/kubernetes/policy/components/policy-clamp-cl-k8s-ppnt/templates/service.yaml b/kubernetes/policy/components/policy-clamp-cl-k8s-ppnt/templates/service.yaml
index be2449f890..73381c9e3b 100644
--- a/kubernetes/policy/components/policy-clamp-cl-k8s-ppnt/templates/service.yaml
+++ b/kubernetes/policy/components/policy-clamp-cl-k8s-ppnt/templates/service.yaml
@@ -1,6 +1,6 @@
{{/*
# ============LICENSE_START=======================================================
-# Copyright (C) 2021 Nordix Foundation. All rights reserved.
+# Copyright (C) 2021-2022 Nordix Foundation. All rights reserved.
# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -18,4 +18,28 @@
# ============LICENSE_END=========================================================
*/}}
-{{ include "common.service" . }}
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+ name: policy-clamp-cl-k8s-ppnt
+ namespace: {{ include "common.namespace" . }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+ name: {{ include "common.namespace" . }}-policy-clamp-cl-k8s-ppnt-binding
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ include "common.release" . }}
+ heritage: {{ .Release.Service }}
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: ClusterRole
+ name: cluster-admin
+subjects:
+ - kind: ServiceAccount
+ name: policy-clamp-cl-k8s-ppnt
+ namespace: {{ include "common.namespace" . }}
+