[CI] Add deploy service account and RBAC
Some checks failed
continuous-integration/drone/push Build is failing
Some checks failed
continuous-integration/drone/push Build is failing
This commit is contained in:
parent
03a194ed78
commit
3260c6ea1a
1 changed files with 41 additions and 0 deletions
41
kube/beer-serviceaccount.yaml
Normal file
41
kube/beer-serviceaccount.yaml
Normal file
|
@ -0,0 +1,41 @@
|
|||
---
|
||||
apiVersion: v1
|
||||
kind: ServiceAccount
|
||||
metadata:
|
||||
name: beer-deploy
|
||||
namespace: beer
|
||||
|
||||
---
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: Role
|
||||
metadata:
|
||||
name: beer-deploy-role
|
||||
namespace: beer # Should be namespace you are granting access to
|
||||
rules:
|
||||
- apiGroups: ["*"]
|
||||
resources: ["*"]
|
||||
verbs: ["*"]
|
||||
---
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: RoleBinding
|
||||
metadata:
|
||||
name: beer-rolebinding
|
||||
namespace: beer
|
||||
roleRef:
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
kind: Role
|
||||
name: beer-deploy-role
|
||||
subjects:
|
||||
- namespace: beer
|
||||
kind: ServiceAccount
|
||||
name: beer-deploy
|
||||
|
||||
#---
|
||||
#ApiVersion: v1
|
||||
#Kind: Secret
|
||||
#Metadata:
|
||||
# name: beer-deploy-secret
|
||||
# annotations:
|
||||
# kubernetes.io/service-account.name: beer-deploy
|
||||
#Type: kubernetes.io/service-account-token
|
||||
|
Loading…
Reference in a new issue