fix(resources): do not set namespace in maester rolebinding
This commit is contained in:
parent
907618902e
commit
1fccf5f8dc
|
@ -1,4 +1,3 @@
|
||||||
---
|
|
||||||
# Source: hydra/charts/hydra-maester/templates/rbac.yaml
|
# Source: hydra/charts/hydra-maester/templates/rbac.yaml
|
||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
kind: ServiceAccount
|
kind: ServiceAccount
|
||||||
|
@ -11,12 +10,12 @@ apiVersion: rbac.authorization.k8s.io/v1
|
||||||
metadata:
|
metadata:
|
||||||
name: hydra-maester-role
|
name: hydra-maester-role
|
||||||
rules:
|
rules:
|
||||||
- apiGroups: ["hydra.ory.sh"]
|
- apiGroups: ["hydra.ory.sh"]
|
||||||
resources: ["oauth2clients", "oauth2clients/status"]
|
resources: ["oauth2clients", "oauth2clients/status"]
|
||||||
verbs: ["get", "list", "watch", "create", "update", "patch", "delete"]
|
verbs: ["get", "list", "watch", "create", "update", "patch", "delete"]
|
||||||
- apiGroups: [""]
|
- apiGroups: [""]
|
||||||
resources: ["secrets"]
|
resources: ["secrets"]
|
||||||
verbs: ["list", "watch", "create"]
|
verbs: ["list", "watch", "create"]
|
||||||
---
|
---
|
||||||
# Source: hydra/charts/hydra-maester/templates/rbac.yaml
|
# Source: hydra/charts/hydra-maester/templates/rbac.yaml
|
||||||
kind: ClusterRoleBinding
|
kind: ClusterRoleBinding
|
||||||
|
@ -24,9 +23,8 @@ apiVersion: rbac.authorization.k8s.io/v1
|
||||||
metadata:
|
metadata:
|
||||||
name: hydra-maester-role-binding
|
name: hydra-maester-role-binding
|
||||||
subjects:
|
subjects:
|
||||||
- kind: ServiceAccount
|
- kind: ServiceAccount
|
||||||
name: hydra-maester-account # Service account assigned to the controller pod.
|
name: hydra-maester-account # Service account assigned to the controller pod.
|
||||||
namespace: default
|
|
||||||
roleRef:
|
roleRef:
|
||||||
apiGroup: rbac.authorization.k8s.io
|
apiGroup: rbac.authorization.k8s.io
|
||||||
kind: ClusterRole
|
kind: ClusterRole
|
||||||
|
@ -38,12 +36,12 @@ apiVersion: rbac.authorization.k8s.io/v1
|
||||||
metadata:
|
metadata:
|
||||||
name: hydra-maester-role
|
name: hydra-maester-role
|
||||||
rules:
|
rules:
|
||||||
- apiGroups: [""]
|
- apiGroups: [""]
|
||||||
resources: ["secrets"]
|
resources: ["secrets"]
|
||||||
verbs: ["get", "list", "watch", "create"]
|
verbs: ["get", "list", "watch", "create"]
|
||||||
- apiGroups: ["hydra.ory.sh"]
|
- apiGroups: ["hydra.ory.sh"]
|
||||||
resources: ["oauth2clients", "oauth2clients/status"]
|
resources: ["oauth2clients", "oauth2clients/status"]
|
||||||
verbs: ["get", "list", "watch", "create", "update", "patch", "delete"]
|
verbs: ["get", "list", "watch", "create", "update", "patch", "delete"]
|
||||||
---
|
---
|
||||||
# Source: hydra/charts/hydra-maester/templates/rbac.yaml
|
# Source: hydra/charts/hydra-maester/templates/rbac.yaml
|
||||||
kind: RoleBinding
|
kind: RoleBinding
|
||||||
|
@ -51,9 +49,8 @@ apiVersion: rbac.authorization.k8s.io/v1
|
||||||
metadata:
|
metadata:
|
||||||
name: hydra-maester-role-binding
|
name: hydra-maester-role-binding
|
||||||
subjects:
|
subjects:
|
||||||
- kind: ServiceAccount
|
- kind: ServiceAccount
|
||||||
name: hydra-maester-account # Service account assigned to the controller pod.
|
name: hydra-maester-account # Service account assigned to the controller pod.
|
||||||
namespace: default
|
|
||||||
roleRef:
|
roleRef:
|
||||||
apiGroup: rbac.authorization.k8s.io
|
apiGroup: rbac.authorization.k8s.io
|
||||||
kind: Role
|
kind: Role
|
||||||
|
|
Loading…
Reference in New Issue