all repos — infra @ ac911ab1c14930ee95e220848d67a55cb0b49fa6

infrastructure manifests and setup notes

apps/garage/rbac.yaml (view raw)

 1---
 2apiVersion: v1
 3kind: ServiceAccount
 4metadata:
 5  name: garage
 6  labels:
 7    helm.sh/chart: garage-0.5.0
 8    app.kubernetes.io/name: garage
 9    app.kubernetes.io/instance: garage
10    app.kubernetes.io/version: "v1.0.0"
11    app.kubernetes.io/managed-by: Helm
12---
13apiVersion: rbac.authorization.k8s.io/v1
14kind: ClusterRole
15metadata:
16  name: manage-crds-default-garage
17  labels:
18    helm.sh/chart: garage-0.5.0
19    app.kubernetes.io/name: garage
20    app.kubernetes.io/instance: garage
21    app.kubernetes.io/version: "v1.0.0"
22    app.kubernetes.io/managed-by: Helm
23rules:
24- apiGroups: ["apiextensions.k8s.io"]
25  resources: ["customresourcedefinitions"]
26  verbs: ["get", "list", "watch", "create", "patch"]
27- apiGroups: ["deuxfleurs.fr"]
28  resources: ["garagenodes"]
29  verbs: ["get", "list", "watch", "create", "update", "patch", "delete"]
30---
31apiVersion: rbac.authorization.k8s.io/v1
32kind: ClusterRoleBinding
33metadata:
34  name: allow-crds-for-default-garage
35  labels:
36    helm.sh/chart: garage-0.5.0
37    app.kubernetes.io/name: garage
38    app.kubernetes.io/instance: garage
39    app.kubernetes.io/version: "v1.0.0"
40    app.kubernetes.io/managed-by: Helm
41subjects:
42- kind: ServiceAccount
43  name: garage
44  namespace: default
45roleRef:
46  kind: ClusterRole
47  name: manage-crds-default-garage
48  apiGroup: rbac.authorization.k8s.io
49