helm-actions/templates/rolebinding-job.yaml

{{- if .Values.enabled }}
{{- if and (and .Values.provisioning.enabled .Values.persistence.enabled) .Values.persistence.mount }}
{{- $name := include "gitea.actions.workername" (dict "global" . "worker" "actions-token-job") }}
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
  name: {{ $name }}
  namespace: {{ .Values.namespace | default .Release.Namespace }}
  labels:
    {{- include "gitea.actions.labels" . | nindent 4 }}
    app.kubernetes.io/component: token-job
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: Role
  name: {{ $name }}
subjects:
  - kind: ServiceAccount
    name: {{ $name }}
    namespace: {{ .Values.namespace | default .Release.Namespace }}
{{- end }}
{{- end }}