mirror of https://github.com/coder/coder.git
feat: helm rbac perms for deployments (#8233)
This commit is contained in:
parent
b8a143566b
commit
df95cf7ab2
|
@ -27,7 +27,21 @@ rules:
|
|||
- patch
|
||||
- update
|
||||
- watch
|
||||
|
||||
{{- if .Values.coder.serviceAccount.enableDeployments }}
|
||||
- apiGroups:
|
||||
- apps
|
||||
resources:
|
||||
- deployments
|
||||
verbs:
|
||||
- create
|
||||
- delete
|
||||
- deletecollection
|
||||
- get
|
||||
- list
|
||||
- patch
|
||||
- update
|
||||
- watch
|
||||
{{- end }}
|
||||
---
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: RoleBinding
|
||||
|
|
|
@ -73,6 +73,9 @@ coder:
|
|||
# It is recommended to keep this on if you are using Kubernetes templates
|
||||
# within Coder.
|
||||
workspacePerms: true
|
||||
# coder.serviceAccount.enableDeployments -- Provides the service account permission
|
||||
# to manage Kubernetes deployments.
|
||||
enableDeployments: false
|
||||
# coder.serviceAccount.annotations -- The Coder service account annotations.
|
||||
annotations: {}
|
||||
# coder.serviceAccount.name -- The service account name
|
||||
|
|
Loading…
Reference in New Issue