eliott/Olares
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
e9af73ff1ba392e93285562cbaca51225e34945d
Olares/build/base-package/wizard/config/settings/templates/system-serviceaccount.yaml
Peng Peng 79372a32af feat: Merge the code currently scattered across the beclab and Above-os organizations into the https://github.com/beclab/Olares repository. (#1325) 
* feat: refactor

* refactor apps folder

* feat: add vendor folder

* refactor: package scripts

---------

Co-authored-by: eball <liuy102@hotmail.com>
2025-05-21 21:43:35 +08:00

197 lines
2.6 KiB
YAML
Raw Blame History

---
apiVersion: v1
kind: ServiceAccount
metadata:
namespace: os-system
name: os-internal
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: os-internal-rb
subjects:
- kind: ServiceAccount
namespace: os-system
name: os-internal
roleRef:
# kind: Role
kind: ClusterRole
name: cluster-admin
apiGroup: rbac.authorization.k8s.io
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: tapr-images-role
rules:
- apiGroups:
- '*'
resources:
- users
- configmaps
- secrets
verbs:
- get
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: sys-editor-role
rules:
- apiGroups:
- sys.bytetrade.io
- app.bytetrade.io
resources:
- '*'
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- '*'
resources:
- pods
- users
- configmaps
- secrets
verbs:
- get
- list
- watch
---
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: percona-server-mongodb-operator
rules:
- apiGroups:
- psmdb.percona.com
resources:
- perconaservermongodbs
- perconaservermongodbs/status
- perconaservermongodbbackups
- perconaservermongodbbackups/status
- perconaservermongodbrestores
- perconaservermongodbrestores/status
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- ""
resources:
- pods
- pods/exec
- services
- persistentvolumeclaims
- secrets
- configmaps
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- apps
resources:
- deployments
- replicasets
- statefulsets
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- batch
resources:
- cronjobs
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- policy
resources:
- poddisruptionbudgets
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- coordination.k8s.io
resources:
- leases
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- ""
resources:
- events
verbs:
- create
- patch
- apiGroups:
- certmanager.k8s.io
- cert-manager.io
resources:
- issuers
- certificates
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- deletecollection
- apiGroups:
- net.gke.io
- multicluster.x-k8s.io
resources:
- serviceexports
- serviceimports
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- deletecollection
Reference in New Issue View Git Blame Copy Permalink