chore: add role for deploying

helm/nextjs-slack-clone/templates/role.yaml

@@ -0,0 +1,36 @@
+{{- if .Values.serviceAccount.create -}}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+  name: {{ include "nextjs-slack-clone.fullname" . }}-deployer
+  labels:
+    {{- include "nextjs-slack-clone.labels" . | nindent 4 }}
+rules:
+  # Permissions needed for deployment
+  - apiGroups: [""]
+    resources: ["pods", "services", "secrets", "configmaps"]
+    verbs: ["get", "list", "watch", "create", "update", "patch", "delete"]
+  - apiGroups: ["apps"]
+    resources: ["deployments", "statefulsets", "replicasets"]
+    verbs: ["get", "list", "watch", "create", "update", "patch", "delete"]
+  - apiGroups: ["networking.k8s.io"]
+    resources: ["ingresses"]
+    verbs: ["get", "list", "watch", "create", "update", "patch", "delete"]
+  - apiGroups: ["autoscaling"]
+    resources: ["horizontalpodautoscalers"]
+    verbs: ["get", "list", "watch", "create", "update", "patch", "delete"]
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+  name: {{ include "nextjs-slack-clone.fullname" . }}-deployer-binding
+  labels:
+    {{- include "nextjs-slack-clone.labels" . | nindent 4 }}
+subjects:
+- kind: ServiceAccount
+  name: {{ include "nextjs-slack-clone.serviceAccountName" . }}
+roleRef:
+  kind: Role
+  name: {{ include "nextjs-slack-clone.fullname" . }}-deployer
+  apiGroup: rbac.authorization.k8s.io
+{{- end }}

helm/nextjs-slack-clone/values.yaml

@@ -68,3 +68,8 @@ registry:
   url: registry.mattiaswiberg.com
   username: ""  # To be provided during deployment
   password: ""  # To be provided during deployment
+
+# Environment variables for the application
+env:
+  NEXT_PUBLIC_SUPABASE_URL: ""  # To be provided during deployment
+  NEXT_PUBLIC_SUPABASE_ANON_KEY: ""  # To be provided during deployment