6f717a602f
Configures `myks` for Helm chart rendering with `ytt` overlays to manage cluster applications. Defines prototypes and environment-specific configurations for core applications including ArgoCD, Traefik, Cert-Manager, and Forgejo. Adds comprehensive documentation covering cluster setup, GitOps structure, and development environment. Integrates `direnv` for environment variable management, `gitignore` for file exclusion, and `sops` for secret encryption. Includes rendered Kubernetes manifests and ArgoCD application resources for initial deployment.
48 lines
1.1 KiB
YAML
48 lines
1.1 KiB
YAML
apiVersion: rbac.authorization.k8s.io/v1
|
|
kind: ClusterRole
|
|
metadata:
|
|
annotations:
|
|
a8r.io/repository: ""
|
|
labels:
|
|
app: cert-manager
|
|
app.kubernetes.io/component: cert-manager
|
|
app.kubernetes.io/instance: cert-manager
|
|
app.kubernetes.io/managed-by: Helm
|
|
app.kubernetes.io/name: cert-manager
|
|
app.kubernetes.io/version: v1.17.2
|
|
helm.sh/chart: cert-manager-v1.17.2
|
|
name: cert-manager-controller-certificatesigningrequests
|
|
namespace: cert-manager
|
|
rules:
|
|
- apiGroups:
|
|
- certificates.k8s.io
|
|
resources:
|
|
- certificatesigningrequests
|
|
verbs:
|
|
- get
|
|
- list
|
|
- watch
|
|
- update
|
|
- apiGroups:
|
|
- certificates.k8s.io
|
|
resources:
|
|
- certificatesigningrequests/status
|
|
verbs:
|
|
- update
|
|
- patch
|
|
- apiGroups:
|
|
- certificates.k8s.io
|
|
resourceNames:
|
|
- issuers.cert-manager.io/*
|
|
- clusterissuers.cert-manager.io/*
|
|
resources:
|
|
- signers
|
|
verbs:
|
|
- sign
|
|
- apiGroups:
|
|
- authorization.k8s.io
|
|
resources:
|
|
- subjectaccessreviews
|
|
verbs:
|
|
- create
|