Merge "Move Kong to infra deployment"

[it/dep.git] / ric-infra / 25-tiller / helm / kong / charts / kong / charts / cassandra / templates / backup / rbac.yaml

diff --git a/ric-infra/25-tiller/helm/kong/charts/kong/charts/cassandra/templates/backup/rbac.yaml b/ric-infra/25-tiller/helm/kong/charts/kong/charts/cassandra/templates/backup/rbac.yaml
new file mode 100755 (executable)
index 0000000..12b0f27
--- /dev/null
+++ b/ric-infra/25-tiller/helm/kong/charts/kong/charts/cassandra/templates/backup/rbac.yaml
@@ -0,0 +1,50 @@
+{{- if .Values.backup.enabled }}
+{{- if .Values.serviceAccount.create }}
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ template "cassandra.serviceAccountName" . }}
+  labels:
+    app: {{ template "cassandra.name" . }}
+    chart: {{ template "cassandra.chart" . }}
+    release: "{{ .Release.Name }}"
+    heritage: "{{ .Release.Service }}"
+---
+{{- end }}
+{{- if .Values.rbac.create }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+  name: {{ template "cassandra.fullname" . }}-backup
+  labels:
+    app: {{ template "cassandra.name" . }}
+    chart: {{ template "cassandra.chart" . }}
+    release: "{{ .Release.Name }}"
+    heritage: "{{ .Release.Service }}"
+rules:
+- apiGroups: [""]
+  resources: ["pods", "pods/log"]
+  verbs: ["get", "list"]
+- apiGroups: [""]
+  resources: ["pods/exec"]
+  verbs: ["create"]
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+  name: {{ template "cassandra.fullname" . }}-backup
+  labels:
+    app: {{ template "cassandra.name" . }}
+    chart: {{ template "cassandra.chart" . }}
+    release: "{{ .Release.Name }}"
+    heritage: "{{ .Release.Service }}"
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: Role
+  name: {{ template "cassandra.fullname" . }}-backup
+subjects:
+- kind: ServiceAccount
+  name: {{ template "cassandra.serviceAccountName" . }}
+  namespace: {{ .Release.Namespace }}
+{{- end }}
+{{- end }}