{{/*

#
# Dieses ist erstmal ausgeschaltet, vielleicht brauchen wir das mal in einer späteren Version
#

apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  name: nplus-role-argo
  annotations:
    {{- include "nplus.argoSharedResource" . | nindent 4 }}
    {{- include "nplus.annotations" . | nindent 4 }}

rules:
  - apiGroups: ["argoproj.io"]
    resources: ["applications"]
    verbs: ["create", "get", "update", "patch", "delete", "list", "watch"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: nplus-role-binding-argo
  labels:
    {{- include "nplus.instanceLabels" . | nindent 4 }}
  annotations:
    {{- include "nplus.argoSharedResource" . | nindent 4 }}
    {{- include "nplus.annotations" . | nindent 4 }}

roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: nplus-role-argo
subjects:
- kind: ServiceAccount
  name: nplus-svc-account
  {{- if .this.utils.includeNamespace }}
  namespace: {{ .Release.Namespace }}
  {{- end }}

---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
  name: nplus-argo-role
  namespace: argocd
  labels:
    {{- include "nplus.instanceLabels" . | nindent 4 }}
  annotations:
    {{- include "nplus.argoSharedResource" . | nindent 4 }}
    {{- include "nplus.annotations" . | nindent 4 }}

rules:
  - apiGroups: [""]
    resources: ["configmaps", "application","applicationset"]
    verbs: ["create", "get", "update", "patch", "delete", "list", "watch"]

---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
  name: nplus-argo-role-binding
  namespace: argocd
  labels:
    {{- include "nplus.instanceLabels" . | nindent 4 }}
  annotations:
    {{- include "nplus.argoSharedResource" . | nindent 4 }}
    {{- include "nplus.annotations" . | nindent 4 }}

roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: Role
  name: nplus-argo-role
subjects:
- kind: ServiceAccount
  name: nplus-svc-account
  {{- if .this.utils.includeNamespace }}
  namespace: {{ .Release.Namespace }}
  {{- end }}

*/}}