hogweed1/k8s
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
cf44e82d1b
k8s/helm-charts/dashy/charts/common/templates/lib/rbac/_getServiceAccounts.tpl
root 1eaf295724
Some checks failed
continuous-integration/drone/push Build is failing
Details
new way of doin
2023-11-16 19:42:02 +10:00

53 lines
2.0 KiB
Smarty
Raw Blame History

{{/* Returns Service Account List for rbac */}}
{{/* Call this template:
{{ include "tc.v1.common.lib.rbac.serviceAccount" (dict "rootCtx" $ "objectData" $objectData) }}
rootCtx: The root context of the chart.
objectData: The object data to be used to render the RBAC.
*/}}
{{/* Parses service accounts, and checks if RBAC have selected any of them */}}
{{- define "tc.v1.common.lib.rbac.serviceAccount" -}}
{{- $rootCtx := .rootCtx -}}
{{- $objectData := .objectData -}}
{{- $serviceAccounts := list -}}
{{- range $name, $serviceAccount := $rootCtx.Values.serviceAccount -}}
{{- $saName := include "tc.v1.common.lib.chart.names.fullname" $rootCtx -}}
{{- if $serviceAccount.enabled -}}
{{- if not $serviceAccount.primary -}}
{{- $saName = (printf "%s-%s" (include "tc.v1.common.lib.chart.names.fullname" $rootCtx) $name) -}}
{{- end -}}
{{/* If allServiceAccounts is true */}}
{{- if $objectData.allServiceAccounts -}}
{{- $serviceAccounts = mustAppend $serviceAccounts $saName -}}
{{/* Else if serviceAccounts is a list */}}
{{- else if (kindIs "slice" $objectData.serviceAccounts) -}}
{{- if (mustHas $name $objectData.serviceAccounts) -}}
{{- $serviceAccounts = mustAppend $serviceAccounts $saName -}}
{{- end -}}
{{/* If not "allServiceAccounts" or "serviceAccounts", assign the primary service account to rbac */}}
{{- else if $serviceAccount.primary -}}
{{- if $objectData.primary -}}
{{- $serviceAccounts = mustAppend $serviceAccounts $saName -}}
{{- end -}}
{{- end -}}
{{- end -}}
{{- end -}}
{{- if not $serviceAccounts -}}
{{- fail "RBAC - Expected at least one serviceAccount to be assigned. Assign one using [allServiceAccounts (boolean), serviceAccounts (list)]" -}}
{{- end -}}
{{- range $serviceAccounts }}
- kind: ServiceAccount
name: {{ . }}
namespace: {{ $rootCtx.Release.Namespace }}
{{- end -}}
{{- end -}}
Reference in New Issue View Git Blame Copy Permalink