deploy/charts/admin/templates/exposer/ingress/ingress-rbac.yaml - dubbo-kubernetes - Git at Google

 {{- $ingress := .Values.ingress -}}
 {{- $rbac := .Values.rbac -}}
 {{- if $ingress.enabled }}
 apiVersion: v1
 kind: ServiceAccount
 metadata:
   name: {{ template "traefik.name" . }}
   namespace: {{ template "ingress.namespace" . }}
 ---
 apiVersion: {{ include "rbac.apiVersion" . }}
 kind: ClusterRole
 metadata:
   name: {{ include "traefik.name" . }}-clusterrole
 rules:
 - apiGroups:
   - extensions
   - networking.k8s.io
   resources:
   - ingressclasses
   - ingresses
   verbs:
   - get
   - list
   - watch
 - apiGroups:
   - ""
   resources:
   - services
   - endpoints
   - secrets
   verbs:
   - get
   - list
   - watch
 - apiGroups:
   - extensions
   - networking.k8s.io
   resources:
   - ingresses/status
   verbs:
   - update
 - apiGroups:
   - traefik.io
   - traefik.containo.us
   resources:
   - ingressroutes
   - ingressroutetcps
   - ingressrouteudps
   - middlewares
   - middlewaretcps
   - tlsoptions
   - tlsstores
   - traefikservices
   - serverstransports
   verbs:
   - get
   - list
   - watch
 ---
 apiVersion: {{ include "rbac.apiVersion" . }}
 kind: ClusterRoleBinding
 metadata:
   name: {{ include "traefik.name" . }}-clusterrolebinding
 roleRef:
   apiGroup: rbac.authorization.k8s.io
   kind: ClusterRole
   name: {{ include "traefik.name" . }}-clusterrole
 subjects:
 - kind: ServiceAccount
   name: {{ template "traefik.name" . }}
   namespace: {{ template "ingress.namespace" . }}
   {{- end -}}
	{{- $ingress := .Values.ingress -}}
	{{- $rbac := .Values.rbac -}}
	{{- if $ingress.enabled }}
	apiVersion: v1
	kind: ServiceAccount
	metadata:
	name: {{ template "traefik.name" . }}
	namespace: {{ template "ingress.namespace" . }}
	---
	apiVersion: {{ include "rbac.apiVersion" . }}
	kind: ClusterRole
	metadata:
	name: {{ include "traefik.name" . }}-clusterrole
	rules:
	- apiGroups:
	- extensions
	- networking.k8s.io
	resources:
	- ingressclasses
	- ingresses
	verbs:
	- get
	- list
	- watch
	- apiGroups:
	- ""
	resources:
	- services
	- endpoints
	- secrets
	verbs:
	- get
	- list
	- watch
	- apiGroups:
	- extensions
	- networking.k8s.io
	resources:
	- ingresses/status
	verbs:
	- update
	- apiGroups:
	- traefik.io
	- traefik.containo.us
	resources:
	- ingressroutes
	- ingressroutetcps
	- ingressrouteudps
	- middlewares
	- middlewaretcps
	- tlsoptions
	- tlsstores
	- traefikservices
	- serverstransports
	verbs:
	- get
	- list
	- watch
	---
	apiVersion: {{ include "rbac.apiVersion" . }}
	kind: ClusterRoleBinding
	metadata:
	name: {{ include "traefik.name" . }}-clusterrolebinding
	roleRef:
	apiGroup: rbac.authorization.k8s.io
	kind: ClusterRole
	name: {{ include "traefik.name" . }}-clusterrole
	subjects:
	- kind: ServiceAccount
	name: {{ template "traefik.name" . }}
	namespace: {{ template "ingress.namespace" . }}
	{{- end -}}