Home Esplora Aiuto
Registrati Accedi
lcy
/
truenas
1
0
Forka 0
File Problemi 0 Pull Requests 0 Wiki
Albero (Tree): 929e60d801
Rami (Branch) Tag
truenas
/
library
/
common
/
templates
/
class
/
_rbac.tpl

_rbac.tpl 2.8 KB
Cronologia Originale

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364 
  1. {{/* RBAC Class */}}
    2. 

  2. {{/* Call this template:
    3. 

  3. {{ include "ix.v1.common.class.rbac" (dict "rootCtx" $ "objectData" $objectData) }}
    4. 

  4. 

  5. rootCtx: The root context of the chart.
    6. 

  6. objectData:
    7. 

  7.   name: The name of the rbac.
    8. 

  8.   labels: The labels of the rbac.
    9. 

  9.   annotations: The annotations of the rbac.
    10. 

  10.   clusterWide: Whether the rbac is cluster wide or not.
    11. 

  11.   rules: The rules of the rbac.
    12. 

  12.   subjects: The subjects of the rbac.
    13. 

  13. */}}
    14. 

  14. 

  15. {{- define "ix.v1.common.class.rbac" -}}
    16. 

  16. 

  17.   {{- $rootCtx := .rootCtx -}}
    18. 

  18.   {{- $objectData := .objectData }}
    19. 

  19. ---
    20. 

  20. apiVersion: rbac.authorization.k8s.io/v1
    21. 

  21. kind: {{ ternary "ClusterRole" "Role" $objectData.clusterWide }}
    22. 

  22. metadata:
    23. 

  23.   name: {{ $objectData.name }}
    24. 

  24.   {{- if not $objectData.clusterWide }}
    25. 

  25.   namespace: {{ $rootCtx.Release.Namespace }}
    26. 

  26.   {{- end }}
    27. 

  27.   {{- $labels := (mustMerge ($objectData.labels | default dict) (include "ix.v1.common.lib.metadata.allLabels" $rootCtx | fromYaml)) -}}
    28. 

  28.   {{- with (include "ix.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "labels" $labels) | trim) }}
    29. 

  29.   labels:
    30. 

  30.     {{- . | nindent 4 }}
    31. 

  31.   {{- end -}}
    32. 

  32.   {{- $annotations := (mustMerge ($objectData.annotations | default dict) (include "ix.v1.common.lib.metadata.allAnnotations" $rootCtx | fromYaml)) -}}
    33. 

  33.   {{- with (include "ix.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "annotations" $annotations) | trim) }}
    34. 

  34.   annotations:
    35. 

  35.     {{- . | nindent 4 }}
    36. 

  36.   {{- end }}
    37. 

  37. rules:
    38. 

  38.   {{- include "ix.v1.common.lib.rbac.rules" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim | nindent 2 }}
    39. 

  39. ---
    40. 

  40. apiVersion: rbac.authorization.k8s.io/v1
    41. 

  41. kind: {{ ternary "ClusterRoleBinding" "RoleBinding" $objectData.clusterWide }}
    42. 

  42. metadata:
    43. 

  43.   name: {{ $objectData.name }}
    44. 

  44.   {{- if not $objectData.clusterWide }}
    45. 

  45.   namespace: {{ $rootCtx.Release.Namespace }}
    46. 

  46.   {{- end }}
    47. 

  47.   {{- $labels := (mustMerge ($objectData.labels | default dict) (include "ix.v1.common.lib.metadata.allLabels" $rootCtx | fromYaml)) -}}
    48. 

  48.   {{- with (include "ix.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "labels" $labels) | trim) }}
    49. 

  49.   labels:
    50. 

  50.     {{- . | nindent 4 }}
    51. 

  51.   {{- end -}}
    52. 

  52.   {{- $annotations := (mustMerge ($objectData.annotations | default dict) (include "ix.v1.common.lib.metadata.allAnnotations" $rootCtx | fromYaml)) -}}
    53. 

  53.   {{- with (include "ix.v1.common.lib.metadata.render" (dict "rootCtx" $rootCtx "annotations" $annotations) | trim) }}
    54. 

  54.   annotations:
    55. 

  55.     {{- . | nindent 4 }}
    56. 

  56.   {{- end }}
    57. 

  57. roleRef:
    58. 

  58.   apiGroup: rbac.authorization.k8s.io
    59. 

  59.   kind: {{ ternary "ClusterRole" "Role" $objectData.clusterWide }}
    60. 

  60.   name: {{ $objectData.name }}
    61. 

  61. subjects:
    62. 

  62.   {{- include "ix.v1.common.lib.rbac.serviceAccount" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim | nindent 2 }}
    63. 

  63.   {{- include "ix.v1.common.lib.rbac.subjects" (dict "rootCtx" $rootCtx "objectData" $objectData) | trim | nindent 2 }}
    64. 

  64. {{- end -}}
    65.