File tree Expand file tree Collapse file tree 3 files changed +4
-88
lines changed Expand file tree Collapse file tree 3 files changed +4
-88
lines changed Original file line number Diff line number Diff line change @@ -117,34 +117,6 @@ rules:
117117# Source: coder/templates/rbac.yaml
118118apiVersion: rbac.authorization.k8s.io/v1
119119kind: Role
120- metadata:
121- name: coder-workspace-perms
122- namespace: test-namespace2
123- rules:
124- - apiGroups:
125- - apps
126- resources:
127- - deployments
128- verbs:
129- - create
130- - delete
131- - deletecollection
132- - get
133- - list
134- - patch
135- - update
136- - watch
137- - apiGroups:
138- - networking.k8s.io
139- resources:
140- - ingresses
141- verbs:
142- - get
143- - list
144- ---
145- # Source: coder/templates/rbac.yaml
146- apiVersion: rbac.authorization.k8s.io/v1
147- kind: Role
148120metadata:
149121 name: coder-workspace-perms
150122 namespace: test-namespace3
@@ -262,21 +234,6 @@ roleRef:
262234# Source: coder/templates/rbac.yaml
263235apiVersion: rbac.authorization.k8s.io/v1
264236kind: RoleBinding
265- metadata:
266- name: "coder"
267- namespace: test-namespace2
268- subjects:
269- - kind: ServiceAccount
270- name: "coder"
271- namespace: default
272- roleRef:
273- apiGroup: rbac.authorization.k8s.io
274- kind: Role
275- name: coder-workspace-perms
276- ---
277- # Source: coder/templates/rbac.yaml
278- apiVersion: rbac.authorization.k8s.io/v1
279- kind: RoleBinding
280237metadata:
281238 name: "coder"
282239 namespace: test-namespace3
Original file line number Diff line number Diff line change @@ -117,34 +117,6 @@ rules:
117117# Source: coder/templates/rbac.yaml
118118apiVersion: rbac.authorization.k8s.io/v1
119119kind: Role
120- metadata:
121- name: coder-workspace-perms
122- namespace: test-namespace2
123- rules:
124- - apiGroups:
125- - apps
126- resources:
127- - deployments
128- verbs:
129- - create
130- - delete
131- - deletecollection
132- - get
133- - list
134- - patch
135- - update
136- - watch
137- - apiGroups:
138- - networking.k8s.io
139- resources:
140- - ingresses
141- verbs:
142- - get
143- - list
144- ---
145- # Source: coder/templates/rbac.yaml
146- apiVersion: rbac.authorization.k8s.io/v1
147- kind: Role
148120metadata:
149121 name: coder-workspace-perms
150122 namespace: test-namespace3
@@ -262,21 +234,6 @@ roleRef:
262234# Source: coder/templates/rbac.yaml
263235apiVersion: rbac.authorization.k8s.io/v1
264236kind: RoleBinding
265- metadata:
266- name: "coder"
267- namespace: test-namespace2
268- subjects:
269- - kind: ServiceAccount
270- name: "coder"
271- namespace: coder
272- roleRef:
273- apiGroup: rbac.authorization.k8s.io
274- kind: Role
275- name: coder-workspace-perms
276- ---
277- # Source: coder/templates/rbac.yaml
278- apiVersion: rbac.authorization.k8s.io/v1
279- kind: RoleBinding
280237metadata:
281238 name: "coder"
282239 namespace: test-namespace3
Original file line number Diff line number Diff line change 11{{- define "libcoder.rbac.forNamespace" -}}
22 {{- $nsPerms := ternary .workspacePerms .Top.Values.coder.serviceAccount.workspacePerms (hasKey . "workspacePerms") -}}
3- {{- $nsDeploy := ternary .enableDeployments .Top.Values.coder.serviceAccount.enableDeployments (hasKey . "enableDeployments") -}}
4- {{- $nsExtra := ternary .extraRules .Top.Values.coder.serviceAccount.extraRules (hasKey . "extraRules") -}}
3+ {{- $nsDeployRaw := ternary .enableDeployments .Top.Values.coder.serviceAccount.enableDeployments (hasKey . "enableDeployments") -}}
4+ {{- $nsExtraRaw := ternary .extraRules .Top.Values.coder.serviceAccount.extraRules (hasKey . "extraRules") -}}
5+ {{- $nsDeploy := and $nsPerms $nsDeployRaw -}}
6+ {{- $nsExtra := ternary $nsExtraRaw (list) $nsPerms -}}
57
68 {{- if or $nsPerms (or $nsDeploy $nsExtra) }}
79---
You can’t perform that action at this time.
0 commit comments