| 12345678910111213141516171819 |
- {{- if and .Values.podSecurityPolicy.enabled (.Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy") }}
- apiVersion: rbac.authorization.k8s.io/v1
- kind: ClusterRole
- metadata:
- labels:
- {{- include "kube-state-metrics.labels" . | indent 4 }}
- name: psp-{{ template "kube-state-metrics.fullname" . }}
- rules:
- {{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
- {{- if semverCompare "> 1.15.0-0" $kubeTargetVersion }}
- - apiGroups: ['policy']
- {{- else }}
- - apiGroups: ['extensions']
- {{- end }}
- resources: ['podsecuritypolicies']
- verbs: ['use']
- resourceNames:
- - {{ template "kube-state-metrics.fullname" . }}
- {{- end }}
|
