From 3260c6ea1a97ba4d472da8ba2baf7e120d970ce4 Mon Sep 17 00:00:00 2001
From: kleph <kleph@kleph.eu>
Date: Sat, 22 Feb 2020 02:50:07 +0100
Subject: [PATCH] [CI] Add deploy service account and RBAC

---
 kube/beer-serviceaccount.yaml | 41 +++++++++++++++++++++++++++++++++++
 1 file changed, 41 insertions(+)
 create mode 100644 kube/beer-serviceaccount.yaml

diff --git a/kube/beer-serviceaccount.yaml b/kube/beer-serviceaccount.yaml
new file mode 100644
index 0000000..e028118
--- /dev/null
+++ b/kube/beer-serviceaccount.yaml
@@ -0,0 +1,41 @@
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: beer-deploy
+  namespace: beer
+
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+  name: beer-deploy-role
+  namespace: beer # Should be namespace you are granting access to
+rules:
+- apiGroups: ["*"]
+  resources: ["*"]
+  verbs: ["*"]
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+  name: beer-rolebinding
+  namespace: beer
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: Role
+  name: beer-deploy-role
+subjects:
+- namespace: beer
+  kind: ServiceAccount
+  name: beer-deploy
+
+#---
+#ApiVersion: v1
+#Kind: Secret
+#Metadata:
+#  name: beer-deploy-secret
+#  annotations:
+#    kubernetes.io/service-account.name: beer-deploy
+#Type: kubernetes.io/service-account-token
+