Skip to content

Instantly share code, notes, and snippets.

@ivaravko

ivaravko/ci-robot-role-binding.yaml

Last active July 17, 2019 15:30
Show Gist options
  • Save ivaravko/b2739203f1201c450b5c96ae398d21e3 to your computer and use it in GitHub Desktop.
Save ivaravko/b2739203f1201c450b5c96ae398d21e3 to your computer and use it in GitHub Desktop.
Download ZIP
RBAC CI
Raw
ci-robot-role-binding.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: ci-robot
namespace: search
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: ci-robot
subjects:
- kind: ServiceAccount
name: ci-robot
namespace: search
Raw
ci-robot-role.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: ci-robot
namespace: search
rules:
- apiGroups:
- ""
resources:
- configmaps
- pods
- pods/portforward
- pods/proxy
- services
- secrets
- endpoints
verbs:
- get
- watch
- list
- create
- update
- patch
- delete
- deletecollection
- apiGroups:
- apps
resources:
- deployments
- deployments/rollback
- deployments/scale
- replicasets
- replicasets/scale
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- extensions
resources:
- ingresses
- deployments
- deployments/rollback
- deployments/scale
- replicasets
- replicasets/scale
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- ""
resources:
- bindings
- events
- limitranges
- pods/log
- pods/status
- resourcequotas
- resourcequotas/status
- serviceaccounts
- namespaces/status
verbs:
- get
- list
- watch
Raw
ci-robot-service-account.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
name: ci-robot
namespace: search
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment