mirror of
https://github.com/bitnami/charts.git
synced 2026-04-02 07:17:26 +08:00
58001ca49f
* Update rbac-clustescope.yaml
Fix error if specify route.spec.host
2023-09-13T13:01:09Z ERROR GrafanaReconciler reconciler error in stage {"controller": "grafana", "controllerGroup": "grafana.integreatly.org", "controllerKind": "Grafana", "Grafana": {"name":"grafana-openshift","namespace":"test"}, "namespace": "test", "name": "grafana-openshift", "reconcileID": "aa772ba9-dbe2-4fa1-8be4-53ba727b34fe", "stage": "ingress", "error": "Route.route.openshift.io \"grafana-openshift-route\" is invalid: spec.host: Forbidden: you do not have permission to set the host field of the route"}
Signed-off-by: Petr Hatoň <70328252+hates52@users.noreply.github.com>
Signed-off-by: Petr Hatoň <sol60840@mpnyjww1v42y.cen.csin.cz>
* Bump to version 3.4.6
Signed-off-by: Petr Hatoň <sol60840@mpnyjww1v42y.cen.csin.cz>
---------
Signed-off-by: Petr Hatoň <70328252+hates52@users.noreply.github.com>
Signed-off-by: Petr Hatoň <sol60840@mpnyjww1v42y.cen.csin.cz>
Co-authored-by: Petr Hatoň <sol60840@mpnyjww1v42y.cen.csin.cz>
243 lines
4.6 KiB
YAML
243 lines
4.6 KiB
YAML
{{- /*
|
|
Copyright VMware, Inc.
|
|
SPDX-License-Identifier: APACHE-2.0
|
|
*/}}
|
|
|
|
{{- if and .Values.operator.rbac.create (not .Values.operator.namespaceScope) }}
|
|
apiVersion: rbac.authorization.k8s.io/v1
|
|
kind: ClusterRole
|
|
metadata:
|
|
name: {{ include "common.names.fullname.namespace" . }}
|
|
labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }}
|
|
{{- if .Values.commonAnnotations }}
|
|
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
|
|
{{- end }}
|
|
rules:
|
|
- apiGroups:
|
|
- ""
|
|
resources:
|
|
- configmaps
|
|
verbs:
|
|
- get
|
|
- list
|
|
- watch
|
|
- create
|
|
- update
|
|
- patch
|
|
- delete
|
|
- apiGroups:
|
|
- coordination.k8s.io
|
|
resources:
|
|
- leases
|
|
verbs:
|
|
- get
|
|
- list
|
|
- watch
|
|
- create
|
|
- update
|
|
- patch
|
|
- delete
|
|
- apiGroups:
|
|
- ""
|
|
resources:
|
|
- events
|
|
verbs:
|
|
- create
|
|
- patch
|
|
- apiGroups:
|
|
- ""
|
|
resources:
|
|
- configmaps
|
|
- persistentvolumeclaims
|
|
- secrets
|
|
- serviceaccounts
|
|
- services
|
|
verbs:
|
|
- create
|
|
- delete
|
|
- get
|
|
- list
|
|
- patch
|
|
- update
|
|
- watch
|
|
- apiGroups:
|
|
- ""
|
|
resources:
|
|
- events
|
|
verbs:
|
|
- create
|
|
- get
|
|
- list
|
|
- patch
|
|
- watch
|
|
- apiGroups:
|
|
- apps
|
|
resources:
|
|
- deployments
|
|
verbs:
|
|
- create
|
|
- delete
|
|
- get
|
|
- list
|
|
- patch
|
|
- update
|
|
- watch
|
|
- apiGroups:
|
|
- grafana.integreatly.org
|
|
resources:
|
|
- grafanadashboards
|
|
verbs:
|
|
- create
|
|
- delete
|
|
- get
|
|
- list
|
|
- patch
|
|
- update
|
|
- watch
|
|
- apiGroups:
|
|
- grafana.integreatly.org
|
|
resources:
|
|
- grafanadashboards/finalizers
|
|
verbs:
|
|
- update
|
|
- apiGroups:
|
|
- grafana.integreatly.org
|
|
resources:
|
|
- grafanadashboards/status
|
|
verbs:
|
|
- get
|
|
- patch
|
|
- update
|
|
- apiGroups:
|
|
- grafana.integreatly.org
|
|
resources:
|
|
- grafanadatasources
|
|
verbs:
|
|
- create
|
|
- delete
|
|
- get
|
|
- list
|
|
- patch
|
|
- update
|
|
- watch
|
|
- apiGroups:
|
|
- grafana.integreatly.org
|
|
resources:
|
|
- grafanadatasources/finalizers
|
|
verbs:
|
|
- update
|
|
- apiGroups:
|
|
- grafana.integreatly.org
|
|
resources:
|
|
- grafanadatasources/status
|
|
verbs:
|
|
- get
|
|
- patch
|
|
- update
|
|
- apiGroups:
|
|
- grafana.integreatly.org
|
|
resources:
|
|
- grafanafolders
|
|
verbs:
|
|
- create
|
|
- delete
|
|
- get
|
|
- list
|
|
- patch
|
|
- update
|
|
- watch
|
|
- apiGroups:
|
|
- grafana.integreatly.org
|
|
resources:
|
|
- grafanafolders/finalizers
|
|
verbs:
|
|
- update
|
|
- apiGroups:
|
|
- grafana.integreatly.org
|
|
resources:
|
|
- grafanafolders/status
|
|
verbs:
|
|
- get
|
|
- patch
|
|
- update
|
|
- apiGroups:
|
|
- grafana.integreatly.org
|
|
resources:
|
|
- grafanas
|
|
verbs:
|
|
- create
|
|
- delete
|
|
- get
|
|
- list
|
|
- patch
|
|
- update
|
|
- watch
|
|
- apiGroups:
|
|
- grafana.integreatly.org
|
|
resources:
|
|
- grafanas/finalizers
|
|
verbs:
|
|
- update
|
|
- apiGroups:
|
|
- grafana.integreatly.org
|
|
resources:
|
|
- grafanas/status
|
|
verbs:
|
|
- get
|
|
- patch
|
|
- update
|
|
- apiGroups:
|
|
- networking.k8s.io
|
|
resources:
|
|
- ingresses
|
|
verbs:
|
|
- create
|
|
- delete
|
|
- get
|
|
- list
|
|
- patch
|
|
- update
|
|
- watch
|
|
- apiGroups:
|
|
- route.openshift.io
|
|
resources:
|
|
- routes
|
|
- routes/custom-host
|
|
verbs:
|
|
- create
|
|
- delete
|
|
- get
|
|
- list
|
|
- update
|
|
- watch
|
|
- apiGroups:
|
|
- authentication.k8s.io
|
|
resources:
|
|
- tokenreviews
|
|
verbs:
|
|
- create
|
|
- apiGroups:
|
|
- authorization.k8s.io
|
|
resources:
|
|
- subjectaccessreviews
|
|
verbs:
|
|
- create
|
|
---
|
|
apiVersion: rbac.authorization.k8s.io/v1
|
|
kind: ClusterRoleBinding
|
|
metadata:
|
|
name: {{ include "common.names.fullname.namespace" . }}
|
|
labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }}
|
|
{{- if .Values.commonAnnotations }}
|
|
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
|
|
{{- end }}
|
|
subjects:
|
|
- kind: ServiceAccount
|
|
name: {{ include "grafana-operator.serviceAccountName" . }}
|
|
namespace: {{ include "common.names.namespace" . }}
|
|
roleRef:
|
|
kind: ClusterRole
|
|
name: {{ include "common.names.fullname.namespace" . }}
|
|
apiGroup: rbac.authorization.k8s.io
|
|
{{- end }}
|