CadolesKube
/
sso-kustom
14
0
Fork 0
Code Issues 19 Pull Requests 4 Projects Releases Wiki Activity

fix(resources): do not set namespace in maester rolebinding

This commit is contained in:
Philippe Caseiro 2024-01-30 12:27:50 +01:00
parent 907618902e
commit 1fccf5f8dc
1 changed files with 16 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

35
resources/hydra/resources/hydra-maester/resources/hydra-maester-rbac.yaml
View File

@ -1,4 +1,3 @@
---
# Source: hydra/charts/hydra-maester/templates/rbac.yaml
apiVersion: v1
kind: ServiceAccount
@ -11,12 +10,12 @@ apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: hydra-maester-role
rules:
- apiGroups: ["hydra.ory.sh"]
resources: ["oauth2clients", "oauth2clients/status"]
verbs: ["get", "list", "watch", "create", "update", "patch", "delete"]
- apiGroups: [""]
resources: ["secrets"]
verbs: ["list", "watch", "create"]
- apiGroups: ["hydra.ory.sh"]
resources: ["oauth2clients", "oauth2clients/status"]
verbs: ["get", "list", "watch", "create", "update", "patch", "delete"]
- apiGroups: [""]
resources: ["secrets"]
verbs: ["list", "watch", "create"]
---
# Source: hydra/charts/hydra-maester/templates/rbac.yaml
kind: ClusterRoleBinding
@ -24,9 +23,8 @@ apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: hydra-maester-role-binding
subjects:
- kind: ServiceAccount
name: hydra-maester-account # Service account assigned to the controller pod.
namespace: default
- kind: ServiceAccount
name: hydra-maester-account # Service account assigned to the controller pod.
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
@ -38,12 +36,12 @@ apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: hydra-maester-role
rules:
- apiGroups: [""]
resources: ["secrets"]
verbs: ["get", "list", "watch", "create"]
- apiGroups: ["hydra.ory.sh"]
resources: ["oauth2clients", "oauth2clients/status"]
verbs: ["get", "list", "watch", "create", "update", "patch", "delete"]
- apiGroups: [""]
resources: ["secrets"]
verbs: ["get", "list", "watch", "create"]
- apiGroups: ["hydra.ory.sh"]
resources: ["oauth2clients", "oauth2clients/status"]
verbs: ["get", "list", "watch", "create", "update", "patch", "delete"]
---
# Source: hydra/charts/hydra-maester/templates/rbac.yaml
kind: RoleBinding
@ -51,9 +49,8 @@ apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: hydra-maester-role-binding
subjects:
- kind: ServiceAccount
name: hydra-maester-account # Service account assigned to the controller pod.
namespace: default
- kind: ServiceAccount
name: hydra-maester-account # Service account assigned to the controller pod.
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role