Home Explore Help
Register Sign In
lcy
/
truenas
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Branch: master
Branches Tags
truenas
/
library
/
common
/
templates
/
lib
/
rbac
/
_getServiceAccounts.tpl

_getServiceAccounts.tpl 2.0 KB
Permalink History Raw

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152 
  1. {{/* Returns Service Account List for rbac */}}
    2. 

  2. {{/* Call this template:
    3. 

  3. {{ include "ix.v1.common.lib.rbac.serviceAccount" (dict "rootCtx" $ "objectData" $objectData) }}
    4. 

  4. rootCtx: The root context of the chart.
    5. 

  5. objectData: The object data to be used to render the RBAC.
    6. 

  6. */}}
    7. 

  7. {{/* Parses service accounts, and checks if RBAC have selected any of them */}}
    8. 

  8. {{- define "ix.v1.common.lib.rbac.serviceAccount" -}}
    9. 

  9.   {{- $rootCtx := .rootCtx -}}
    10. 

  10.   {{- $objectData := .objectData -}}
    11. 

  11. 

  12.   {{- $serviceAccounts := list -}}
    13. 

  13. 

  14.   {{- range $name, $serviceAccount := $rootCtx.Values.serviceAccount -}}
    15. 

  15.     {{- $saName := include "ix.v1.common.lib.chart.names.fullname" $rootCtx -}}
    16. 

  16. 

  17.     {{- if $serviceAccount.enabled -}}
    18. 

  18. 

  19.       {{- if not $serviceAccount.primary -}}
    20. 

  20.         {{- $saName = (printf "%s-%s" (include "ix.v1.common.lib.chart.names.fullname" $rootCtx) $name) -}}
    21. 

  21.       {{- end -}}
    22. 

  22. 

  23.       {{/* If allServiceAccounts is true */}}
    24. 

  24.       {{- if $objectData.allServiceAccounts -}}
    25. 

  25.         {{- $serviceAccounts = mustAppend $serviceAccounts $saName -}}
    26. 

  26. 

  27.       {{/* Else if serviceAccounts is a list */}}
    28. 

  28.       {{- else if (kindIs "slice" $objectData.serviceAccounts) -}}
    29. 

  29.         {{- if (mustHas $name $objectData.serviceAccounts) -}}
    30. 

  30.           {{- $serviceAccounts = mustAppend $serviceAccounts $saName -}}
    31. 

  31.         {{- end -}}
    32. 

  32. 

  33.       {{/* If not "allServiceAccounts" or "serviceAccounts", assign the primary service account to rbac */}}
    34. 

  34.       {{- else if $serviceAccount.primary -}}
    35. 

  35.         {{- if $objectData.primary -}}
    36. 

  36.           {{- $serviceAccounts = mustAppend $serviceAccounts $saName -}}
    37. 

  37.         {{- end -}}
    38. 

  38.       {{- end -}}
    39. 

  39. 

  40.     {{- end -}}
    41. 

  41.   {{- end -}}
    42. 

  42. 

  43.   {{- if not $serviceAccounts -}}
    44. 

  44.     {{- fail "RBAC - Expected at least one serviceAccount to be assigned. Assign one using [allServiceAccounts (boolean), serviceAccounts (list)]" -}}
    45. 

  45.   {{- end -}}
    46. 

  46. 

  47.   {{- range $serviceAccounts }}
    48. 

  48. - kind: ServiceAccount
    49. 

  49.   name: {{ . }}
    50. 

  50.   namespace: {{ $rootCtx.Release.Namespace }}
    51. 

  51.   {{- end -}}
    52. 

  52. {{- end -}}
    53.