deploy/rbac.yaml at 624fdde32dcd4bee161b6e7eef195e0c158795d2 · mitchellh.com/tack

Stitch any CI into Tangled

tack / deploy / rbac.yaml

at 624fdde32dcd4bee161b6e7eef195e0c158795d2 847 B View raw

Dylan Shepard k8s deployment (should take out before pr probaboy? 7w ago

 1# Role in tekton-pipelines so tack can manage PipelineRuns and read pod logs there.
 2# The RoleBinding references tack's ServiceAccount cross-namespace.
 3apiVersion: rbac.authorization.k8s.io/v1
 4kind: Role
 5metadata:
 6  name: tack
 7  namespace: tekton-pipelines
 8rules:
 9  - apiGroups: ["tekton.dev"]
10    resources: ["pipelineruns"]
11    verbs: ["create", "get", "list", "watch"]
12  - apiGroups: ["tekton.dev"]
13    resources: ["taskruns"]
14    verbs: ["list"]
15  - apiGroups: [""]
16    resources: ["pods"]
17    verbs: ["get", "list"]
18  - apiGroups: [""]
19    resources: ["pods/log"]
20    verbs: ["get"]
21---
22apiVersion: rbac.authorization.k8s.io/v1
23kind: RoleBinding
24metadata:
25  name: tack
26  namespace: tekton-pipelines
27subjects:
28  - kind: ServiceAccount
29    name: tack
30    namespace: tack
31roleRef:
32  kind: Role
33  name: tack
34  apiGroup: rbac.authorization.k8s.io

Configure Feed

Configure Feed