-
Notifications
You must be signed in to change notification settings - Fork 247
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
move RBAC manifests from
components/authentication/base to componen… (
#2322) * move RBAC manifests from `components/authentication/base` to component specific directory 1. pipeline-service 2. multi-arch-controller * FRHTAP-1201: RH - Fix secret store version (#2341) The enging that contains the S3 secrets is of type v1. Signed-off-by: gbenhaim <[email protected]> * move RBAC manifests from `components/authentication/base` to component specific directory 1. pipeline-service 2. multi-arch-controller --------- Signed-off-by: gbenhaim <[email protected]> Co-authored-by: Gal Ben Haim <[email protected]>
- Loading branch information
1 parent
41dc409
commit 63817ed
Showing
24 changed files
with
368 additions
and
247 deletions.
There are no files selected for viewing
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -42,6 +42,7 @@ rules: | |
| resources: | ||
| - results | ||
| - records | ||
| - logs | ||
| verbs: | ||
| - get | ||
| - list | ||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
142 changes: 0 additions & 142 deletions
142
components/authentication/base/pipeline-service-sre.yaml
This file was deleted.
Oops, something went wrong.
5 changes: 5 additions & 0 deletions
5
components/multi-arch-controller/base/rbac/kustomization.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,5 @@ | ||
| apiVersion: kustomize.config.k8s.io/v1beta1 | ||
| kind: Kustomization | ||
|
|
||
| resources: | ||
| - role-binding.yaml |
78 changes: 78 additions & 0 deletions
78
components/multi-arch-controller/base/rbac/role-binding.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,78 @@ | ||
| --- | ||
| kind: ClusterRole | ||
| apiVersion: rbac.authorization.k8s.io/v1 | ||
| metadata: | ||
| name: multi-arch-controller-maintainer | ||
| rules: | ||
| - apiGroups: | ||
| - operators.coreos.com | ||
| resources: | ||
| - installplans | ||
| verbs: | ||
| - get | ||
| - list | ||
| - update | ||
| - patch | ||
| - verbs: | ||
| - patch | ||
| - get | ||
| apiGroups: | ||
| - '' | ||
| resources: | ||
| - serviceaccounts | ||
| resourceNames: | ||
| - pipeline # TODO: figure out how to 'gitops' this. | ||
| - verbs: | ||
| - create | ||
| - get | ||
| - list | ||
| - watch | ||
| - delete | ||
| apiGroups: | ||
| - '' | ||
| resources: | ||
| - secrets | ||
| - verbs: | ||
| - '*' # needed till we figure out how to cleanup workspaces. | ||
| apiGroups: | ||
| - 'tekton.dev' | ||
| resources: | ||
| - 'pipelineruns' | ||
| - apiGroups: | ||
| - results.tekton.dev | ||
| resources: | ||
| - results | ||
| - records | ||
| verbs: | ||
| - get | ||
| - list | ||
| - apiGroups: | ||
| - '' | ||
| resources: | ||
| - pods/portforward | ||
| verbs: | ||
| - create | ||
| - apiGroups: | ||
| - 'apps' | ||
| resources: | ||
| - deployments | ||
| verbs: | ||
| - get | ||
| - patch | ||
| --- | ||
| kind: RoleBinding | ||
| apiVersion: rbac.authorization.k8s.io/v1 | ||
| metadata: | ||
| name: multi-arch-controller-maintainers | ||
| namespace: multi-arch-controller | ||
| subjects: | ||
| - kind: User | ||
| apiGroup: rbac.authorization.k8s.io | ||
| name: sbose78 | ||
| - kind: User | ||
| apiGroup: rbac.authorization.k8s.io | ||
| name: stuartwdouglas | ||
| roleRef: | ||
| apiGroup: rbac.authorization.k8s.io | ||
| kind: ClusterRole | ||
| name: multi-arch-controller-maintainer |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
5 changes: 5 additions & 0 deletions
5
components/pipeline-service/base/rbac/cluster-role/kustomization.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,5 @@ | ||
| apiVersion: kustomize.config.k8s.io/v1beta1 | ||
| kind: Kustomization | ||
| resources: | ||
| - pipeline-service-sre.yaml | ||
| - pipeline-maintainer.yaml |
Oops, something went wrong.