mirrors/prometheus-operator
mirrors/prometheus-operator
1
0
Fork 0
mirror of https://github.com/prometheus-operator/prometheus-operator.git synced 2025-04-16 09:16:38 +00:00
Code Activity
prometheus-operator/contrib/kube-prometheus/jsonnet/kube-state-metrics/kube-state-metrics-cluster-role.libsonnet
Frederic Branczyk 8b54c34352
kube-prometheus: Convert to jsonnet
2018-04-11 18:51:35 +02:00

75 lines
1.9 KiB
Jsonnet
Raw Blame History

local k = import "ksonnet.beta.3/k.libsonnet";
local clusterRole = k.rbac.v1.clusterRole;
local policyRule = clusterRole.rulesType;
local coreRule = policyRule.new() +
policyRule.withApiGroups([""]) +
policyRule.withResources([
"configmaps",
"secrets",
"nodes",
"pods",
"services",
"resourcequotas",
"replicationcontrollers",
"limitranges",
"persistentvolumeclaims",
"persistentvolumes",
"namespaces",
"endpoints",
]) +
policyRule.withVerbs(["list", "watch"]);
local extensionsRule = policyRule.new() +
policyRule.withApiGroups(["extensions"]) +
policyRule.withResources([
"daemonsets",
"deployments",
"replicasets",
]) +
policyRule.withVerbs(["list", "watch"]);
local appsRule = policyRule.new() +
policyRule.withApiGroups(["apps"]) +
policyRule.withResources([
"statefulsets",
]) +
policyRule.withVerbs(["list", "watch"]);
local batchRule = policyRule.new() +
policyRule.withApiGroups(["batch"]) +
policyRule.withResources([
"cronjobs",
"jobs",
]) +
policyRule.withVerbs(["list", "watch"]);
local autoscalingRule = policyRule.new() +
policyRule.withApiGroups(["autoscaling"]) +
policyRule.withResources([
"horizontalpodautoscalers",
]) +
policyRule.withVerbs(["list", "watch"]);
local authenticationRole = policyRule.new() +
policyRule.withApiGroups(["authentication.k8s.io"]) +
policyRule.withResources([
"tokenreviews",
]) +
policyRule.withVerbs(["create"]);
local authorizationRole = policyRule.new() +
policyRule.withApiGroups(["authorization.k8s.io"]) +
policyRule.withResources([
"subjectaccessreviews",
]) +
policyRule.withVerbs(["create"]);
local rules = [coreRule, extensionsRule, appsRule, batchRule, autoscalingRule, authenticationRole, authorizationRole];
{
new()::
clusterRole.new() +
clusterRole.mixin.metadata.withName("kube-state-metrics") +
clusterRole.withRules(rules)
}
View git blame Copy permalink