summaryrefslogtreecommitdiffstats
path: root/kubernetes/common/roles-wrapper
diff options
context:
space:
mode:
authorfarida azmy <farida.azmy.ext@orange.com>2021-04-11 15:41:32 +0200
committerSylvain Desbureaux <sylvain.desbureaux@orange.com>2021-10-10 20:12:28 +0000
commit37481801565c24fd5651a812adac5387f8e50e2f (patch)
tree7e5e776e7dcbde38a5c4d87e6ccde20ed7d1c3af /kubernetes/common/roles-wrapper
parentf09d817b0f58f89e9db06875e78404e7d978504e (diff)
[DCAEGEN2] Update chart with service account
Add service account to requirements.yaml, values.yaml and deployment/statefulset. Issue-ID: OOM-2726 Signed-off-by: farida azmy <farida.azmy.ext@orange.com> Co-authored-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: I6bafed3c621f4e7b1a307bc9338334586eb6795e Signed-off-by: Abdelmuhaimen Seaudi <abdelmuhaimen.seaudi@orange.com>
Diffstat (limited to 'kubernetes/common/roles-wrapper')
-rw-r--r--kubernetes/common/roles-wrapper/templates/role.yaml16
1 files changed, 15 insertions, 1 deletions
diff --git a/kubernetes/common/roles-wrapper/templates/role.yaml b/kubernetes/common/roles-wrapper/templates/role.yaml
index e2a84b4151..0be6c7bbd6 100644
--- a/kubernetes/common/roles-wrapper/templates/role.yaml
+++ b/kubernetes/common/roles-wrapper/templates/role.yaml
@@ -32,6 +32,7 @@ rules:
resources:
- pods
- deployments
+ - deployments/status
- jobs
- jobs/status
- statefulsets
@@ -52,6 +53,7 @@ rules:
resources:
- pods
- deployments
+ - deployments/status
- jobs
- jobs/status
- statefulsets
@@ -59,6 +61,7 @@ rules:
- replicasets/status
- daemonsets
- secrets
+ - services
verbs:
- get
- watch
@@ -68,6 +71,7 @@ rules:
- apps
resources:
- statefulsets
+ - configmaps
verbs:
- patch
- apiGroups:
@@ -76,6 +80,8 @@ rules:
resources:
- deployments
- secrets
+ - services
+ - pods
verbs:
- create
- apiGroups:
@@ -85,7 +91,8 @@ rules:
- pods
- persistentvolumeclaims
- secrets
- - deployment
+ - deployments
+ - services
verbs:
- delete
- apiGroups:
@@ -95,6 +102,13 @@ rules:
- pods/exec
verbs:
- create
+- apiGroups:
+ - cert-manager.io
+ resources:
+ - certificates
+ verbs:
+ - create
+ - delete
{{- else }}
# if you don't match read or create, then you're not allowed to use API
# except to see basic information about yourself