Add helm chart for psp-rolebinding

This commit adds a helm chart that deploys a rolebinding to allow
application deployments to a specified namespace after the
PodSecurityPolicy plugin is enabled on the Kubernetes cluster.

Partial-bug: 1878900

Change-Id: I58270da3596eea536bc5b96a2e8a4d62e4138afc
Signed-off-by: Jerry Sun <jerry.sun@windriver.com>

psp-rolebinding/psp-rolebinding/helm-charts/psp-rolebinding/Chart.yaml

@@ -0,0 +1,5 @@
+apiVersion: v1
+appVersion: "1.0"
+description: A Helm chart for PSP role bindings
+name: psp-rolebinding
+version: 0.1.0

psp-rolebinding/psp-rolebinding/helm-charts/psp-rolebinding/templates/rolebinding.yaml

@@ -0,0 +1,21 @@
+{{/*
+#
+# Copyright (c) 2020 Wind River Systems, Inc.
+#
+# SPDX-License-Identifier: Apache-2.0
+#
+*/}}
+
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+  name:  {{ .Values.rolebindingNamespace }}-privileged-psp-users
+  namespace: {{ .Values.rolebindingNamespace }}
+roleRef:
+   apiGroup: rbac.authorization.k8s.io
+   kind: ClusterRole
+   name: privileged-psp-user
+subjects:
+- kind: Group
+  name: system:serviceaccounts:{{ .Values.serviceAccount }}
+  apiGroup: rbac.authorization.k8s.io

psp-rolebinding/psp-rolebinding/helm-charts/psp-rolebinding/values.yaml

@@ -0,0 +1,8 @@
+#
+# Copyright (c) 2020 Wind River Systems, Inc.
+#
+# SPDX-License-Identifier: Apache-2.0
+#
+
+rolebindingNamespace: default
+serviceAccount: default