Code Review / ric-plt / ric-dep.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | inline | side by side
Add support for prometheus
[ric-plt/ric-dep.git] / helm / infrastructure / subcharts / prometheus / templates / server-clusterrole.yaml
diff --git a/helm/infrastructure/subcharts/prometheus/templates/server-clusterrole.yaml b/helm/infrastructure/subcharts/prometheus/templates/server-clusterrole.yaml
new file mode 100644 (file)
index 0000000..c0c0585
--- /dev/null
+++ b/helm/infrastructure/subcharts/prometheus/templates/server-clusterrole.yaml
@@ -0,0 +1,47 @@
+{{- if and .Values.server.enabled .Values.rbac.create -}}
+apiVersion: rbac.authorization.k8s.io/v1beta1
+kind: ClusterRole
+metadata:
+  labels:
+    {{- include "prometheus.server.labels" . | nindent 4 }}
+  name: {{ template "prometheus.server.fullname" . }}
+rules:
+{{- if .Values.podSecurityPolicy.enabled }}
+  - apiGroups:
+    - extensions
+    resources:
+    - podsecuritypolicies
+    verbs:
+    - use
+    resourceNames:
+    - {{ template "prometheus.server.fullname" . }}
+{{- end }}
+  - apiGroups:
+      - ""
+    resources:
+      - nodes
+      - nodes/proxy
+      - nodes/metrics
+      - services
+      - endpoints
+      - pods
+      - ingresses
+      - configmaps
+    verbs:
+      - get
+      - list
+      - watch
+  - apiGroups:
+      - "extensions"
+    resources:
+      - ingresses/status
+      - ingresses
+    verbs:
+      - get
+      - list
+      - watch
+  - nonResourceURLs:
+      - "/metrics"
+    verbs:
+      - get
+{{- end }}