{{- $targe_id := .Values.computeQuotaTarget.targetId | required ".Values.computeQuotaTarget.targetId is required." -}} kind: ClusterRole apiVersion: rbac.authorization.k8s.io/v1 metadata: name: hyperpod-ns-{{ $targe_id }}-cluster-role rules: - apiGroups: [ "" ] resources: [ "namespaces" ] verbs: ["list", "get"] - apiGroups: [ "kueue.x-k8s.io" ] resources: [ "clusterqueues" ] resourceNames: ["hyperpod-ns-{{ $targe_id }}-clusterqueue"] verbs: [ "list", "get", "watch" ] - apiGroups: [ "kueue.x-k8s.io" ] resources: [ "resourceflavors", "workloadpriorityclasses" ] verbs: [ "list", "get", "watch" ] --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: hyperpod-ns-{{ $targe_id }}-cluster-role-binding subjects: - kind: Group name: hyperpod-ns-{{ $targe_id }}-namespace-level-group apiGroup: rbac.authorization.k8s.io roleRef: kind: ClusterRole name: hyperpod-ns-{{ $targe_id }}-cluster-role apiGroup: rbac.authorization.k8s.io