Created
July 26, 2018 13:41
-
-
Save chrisurwin/1213dea7be9446265e2ee178d059b720 to your computer and use it in GitHub Desktop.
Gitlab Yaml for Rancher Server 2.0
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
apiVersion: v1 | |
kind: Namespace | |
metadata: | |
name: gitlab-managed-apps | |
--- | |
apiVersion: v1 | |
kind: ServiceAccount | |
metadata: | |
name: gitlab-sa | |
namespace: gitlab-managed-apps | |
--- | |
kind: Role | |
apiVersion: rbac.authorization.k8s.io/v1beta1 | |
metadata: | |
name: gitlab-role | |
namespace: gitlab-managed-apps | |
rules: | |
- apiGroups: | |
- "" | |
- extensions | |
resources: | |
- '*' | |
verbs: | |
- '*' | |
--- | |
kind: RoleBinding | |
apiVersion: rbac.authorization.k8s.io/v1beta1 | |
metadata: | |
name: gitlab-rb | |
namespace: gitlab-managed-apps | |
subjects: | |
- kind: ServiceAccount | |
name: gitlab-sa | |
namespace: gitlab-managed-apps | |
roleRef: | |
kind: Role | |
name: gitlab-role | |
apiGroup: rbac.authorization.k8s.io | |
--- | |
kind: ClusterRoleBinding | |
apiVersion: rbac.authorization.k8s.io/v1beta1 | |
metadata: | |
name: gitlab-cluster | |
namespace: gitlab-managed-apps | |
subjects: | |
- kind: ServiceAccount | |
name: default | |
namespace: gitlab-managed-apps | |
roleRef: | |
kind: ClusterRole | |
name: cluster-admin | |
apiGroup: rbac.authorization.k8s.io | |
--- | |
apiVersion: v1 | |
kind: Secret | |
metadata: | |
name: gitlab-secret | |
namespace: gitlab-managed-apps | |
annotations: | |
kubernetes.io/service-account.name: gitlab-sa | |
type: kubernetes.io/service-account-token |
Proper role binding:
apiVersion: v1
kind: ServiceAccount
metadata:
name: gitlab
namespace: default
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1beta1
metadata:
name: gitlab-admin
namespace: default
subjects:
- kind: ServiceAccount
name: gitlab
namespace: default
roleRef:
kind: ClusterRole
name: cluster-admin
apiGroup: rbac.authorization.k8s.io
---
apiVersion: v1
kind: Secret
metadata:
name: gitlab-token
namespace: default
annotations:
kubernetes.io/service-account.name: gitlab
type: kubernetes.io/service-account-token
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Is this file still valid?
Trying to follow the steps on https://www.youtube.com/watch?v=efh76mKwyIc but Gitlab says gitlab-managed-apps is a reserved namespace when adding the kubernetes cluster to my Gitlab project.