{{- if eq .Values.global.platform "openshift" -}} apiVersion: authorization.openshift.io/v1 kind: Role metadata: labels: {{- include "cd-pipeline-operator.labels" . | nindent 4 }} name: edp-{{ .Values.name }} rules: - apiGroups: - argoproj.io resources: - applicationsets verbs: - get - list - patch - update - watch - create - apiGroups: - '*' resources: - cdpipelines - cdpipelines/finalizers - cdpipelines/status - codebases - codebases/finalizers - codebases/status - codebasebranches - codebasebranches/finalizers - codebasebranches/status - stages - stages/finalizers - stages/status - gitservers - gitservers/status - gitservers/finalizers - edpcomponents - edpcomponents/finalizers - edpcomponents/status - codebaseimagestreams - codebaseimagestreams/status - codebaseimagestreams/finalizers - configmaps - events verbs: - '*' - apiGroups: - coordination.k8s.io resources: - leases verbs: - create - get - list - update - apiGroups: - rbac.authorization.k8s.io resources: - rolebindings verbs: - get - list - create - delete - update - apiGroups: [ "" ] resources: - secrets verbs: - create - get - list - patch - update - watch {{- end -}}