Skip to content

Commit

Permalink
add kubeapps-admin role
Browse files Browse the repository at this point in the history
  • Loading branch information
@klinch0
klinch0 committed Dec 6, 2024
1 parent 706e472 commit 3932476
Show file tree
Hide file tree
Showing 2 changed files with 59 additions and 1 deletion.
18 changes: 17 additions & 1 deletion packages/system/keycloak-configure/templates/rolebinding.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,14 +6,30 @@ metadata:
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: admin
name: kubeapps-admin
subjects:
- apiGroup: rbac.authorization.k8s.io
kind: Group
name: kubeapps-admin

---

apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: kubeapps-admin
namespace: cozy-public
subjects:
- kind: Group
name: kubeapps-admin
apiGroup: rbac.authorization.k8s.io
roleRef:
kind: Role
name: kubeapps-admin
apiGroup: rbac.authorization.k8s.io

---

apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
Expand Down
42 changes: 42 additions & 0 deletions packages/system/keycloak-configure/templates/roles.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,45 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: kubeapps-admin
rules:
- apiGroups: [""]
resources:
- "*"
verbs:
- get
- list
- watch
- apiGroups: ["apps.cozystack.io"]
resources:
- '*'
verbs:
- '*'
- apiGroups: ["helm.toolkit.fluxcd.io"]
resources:
- helmreleases
verbs:
- '*'
---

apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: kubeapps-admin
namespace: cozy-public
rules:
- apiGroups: ["source.toolkit.fluxcd.io"]
resources: ["helmrepositories"]
verbs:
- get
- list
- apiGroups: ["source.toolkit.fluxcd.io"]
resources:
- helmcharts
verbs: ["*"]

---

apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
Expand Down

0 comments on commit 3932476

Please sign in to comment.