mirrors/external-secrets
1
0
Fork 0
mirror of https://github.com/external-secrets/external-secrets.git synced 2024-12-14 11:57:59 +00:00
Code Activity

feat: add RBAC rules for user-facing ClusterRoles (#2286)

Browse source 
Signed-off-by: Matthew Hembree <matthew_hembree@yahoo.com>
This commit is contained in:
Matthew Hembree 2023-05-03 15:32:24 -05:00 committed by GitHub
parent 99a691f804
commit 6a2a050928
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 28 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

28
deploy/charts/external-secrets/templates/rbac.yaml
View file

@ -138,6 +138,19 @@ rules:
- "get" - "get"
- "watch" - "watch"
- "list" - "list"
- apiGroups:
- "generators.external-secrets.io"
resources:
- "acraccesstokens"
- "ecrauthorizationtokens"
- "fakes"
- "gcraccesstokens"
- "passwords"
- "vaultdynamicsecrets"
verbs:
- "get"
- "watch"
- "list"
--- ---
apiVersion: rbac.authorization.k8s.io/v1 apiVersion: rbac.authorization.k8s.io/v1
{{- if and .Values.scopedNamespace .Values.scopedRBAC }} {{- if and .Values.scopedNamespace .Values.scopedRBAC }}
@ -168,6 +181,21 @@ rules:
- "deletecollection" - "deletecollection"
- "patch" - "patch"
- "update" - "update"
- apiGroups:
- "generators.external-secrets.io"
resources:
- "acraccesstokens"
- "ecrauthorizationtokens"
- "fakes"
- "gcraccesstokens"
- "passwords"
- "vaultdynamicsecrets"
verbs:
- "create"
- "delete"
- "deletecollection"
- "patch"
- "update"
--- ---
apiVersion: rbac.authorization.k8s.io/v1 apiVersion: rbac.authorization.k8s.io/v1
{{- if and .Values.scopedNamespace .Values.scopedRBAC }} {{- if and .Values.scopedNamespace .Values.scopedRBAC }}