30 lines
680 B
Django/Jinja
30 lines
680 B
Django/Jinja
---
|
|
kind: ClusterRoleBinding
|
|
apiVersion: rbac.authorization.k8s.io/v1
|
|
metadata:
|
|
name: tiller
|
|
namespace: {{ tiller_namespace }}
|
|
subjects:
|
|
- kind: ServiceAccount
|
|
name: {{ tiller_service_account }}
|
|
namespace: {{ tiller_namespace }}
|
|
roleRef:
|
|
kind: ClusterRole
|
|
name: cluster-admin
|
|
apiGroup: rbac.authorization.k8s.io
|
|
{% if podsecuritypolicy_enabled %}
|
|
---
|
|
kind: ClusterRoleBinding
|
|
apiVersion: rbac.authorization.k8s.io/v1
|
|
metadata:
|
|
name: psp:tiller
|
|
subjects:
|
|
- kind: ServiceAccount
|
|
name: {{ tiller_service_account }}
|
|
namespace: {{ tiller_namespace }}
|
|
roleRef:
|
|
apiGroup: rbac.authorization.k8s.io
|
|
kind: ClusterRole
|
|
name: psp:privileged
|
|
{% endif %}
|