add cluster role for editing stages
This commit is contained in:
36
stage-maker/cluster-role.yaml
Normal file
36
stage-maker/cluster-role.yaml
Normal file
@@ -0,0 +1,36 @@
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRole
|
||||
metadata:
|
||||
name: stage-editor-role
|
||||
rules:
|
||||
- apiGroups:
|
||||
- ontime.getontime.no
|
||||
resources:
|
||||
- stages
|
||||
verbs:
|
||||
- create
|
||||
- delete
|
||||
- get
|
||||
- list
|
||||
- patch
|
||||
- update
|
||||
- watch
|
||||
- apiGroups:
|
||||
- ontime.getontime.no
|
||||
resources:
|
||||
- stages/status
|
||||
verbs:
|
||||
- get
|
||||
---
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRoleBinding
|
||||
metadata:
|
||||
name: edit-stages-clusterrolebinding
|
||||
subjects:
|
||||
- kind: ServiceAccount
|
||||
name: stage-editor
|
||||
namespace: stage-maker
|
||||
roleRef:
|
||||
kind: ClusterRole
|
||||
name: stage-editor-role
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
@@ -1,3 +1,5 @@
|
||||
resources:
|
||||
- namespace.yaml
|
||||
- pod.yaml
|
||||
- pod.yaml
|
||||
- cluster-role.yaml
|
||||
- service-account.yaml
|
||||
|
||||
@@ -4,6 +4,7 @@ metadata:
|
||||
name: stage-maker
|
||||
namespace: stage-maker
|
||||
spec:
|
||||
serviceAccountName: stage-editor
|
||||
containers:
|
||||
- name: stage-maker
|
||||
image: git.jwetzell.com/jwetzell/stage-maker:v0.0.1
|
||||
5
stage-maker/service-account.yaml
Normal file
5
stage-maker/service-account.yaml
Normal file
@@ -0,0 +1,5 @@
|
||||
apiVersion: v1
|
||||
kind: ServiceAccount
|
||||
metadata:
|
||||
name: stage-editor
|
||||
namespace: stage-maker
|
||||
Reference in New Issue
Block a user