limbosolutions.com/git.limbosolutions.com
1
0
Fork 0
Code Issues Pull Requests Actions Projects Releases Wiki Activity

fix: RBAC so continuous deploy service account can run helm upgrade

Browse Source
This commit is contained in:
Márcio Fernandes
2025-11-29 04:39:41 +00:00
parent f32d574347
commit 26a8867587
1 changed files with 11 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
deploy/infra/cd-service-account-rbac.yaml
View File

@@ -5,7 +5,7 @@ metadata:
name: continuous-deploy name: continuous-deploy
rules: rules:
- apiGroups: [""] - apiGroups: [""]
resources: ["pods", "services", "secrets", "configmaps", "persistentvolumeclaims", "endpoints"] resources: ["pods", "services", "secrets", "configmaps", "persistentvolumeclaims", "endpoints", "serviceaccounts"]
verbs: ["get", "watch", "list", "create", "update", "patch", "delete"] verbs: ["get", "watch", "list", "create", "update", "patch", "delete"]
- apiGroups: ["apps"] - apiGroups: ["apps"]
@@ -15,6 +15,16 @@ rules:
- apiGroups: ["batch"] - apiGroups: ["batch"]
resources: ["cronjobs", "jobs"] resources: ["cronjobs", "jobs"]
verbs: ["get", "list", "watch", "create", "update", "patch", "delete"] verbs: ["get", "list", "watch", "create", "update", "patch", "delete"]
- apiGroups: ["networking.k8s.io"]
resources: ["networkpolicies"]
verbs: ["get", "list", "watch", "patch", "update"]
- apiGroups: ["policy"]
resources: ["poddisruptionbudgets"]
verbs: ["get", "list", "watch", "update", "patch"]
--- ---
apiVersion: rbac.authorization.k8s.io/v1 apiVersion: rbac.authorization.k8s.io/v1