rbac: use a user account
This commit is contained in:
parent
39defdb858
commit
c16b4dce0f
22
rbac.yaml
22
rbac.yaml
|
|
@ -1,12 +1,3 @@
|
|||
apiVersion: v1
|
||||
kind: ServiceAccount
|
||||
metadata:
|
||||
name: woodpecker-auth
|
||||
namespace: ci
|
||||
automountServiceAccountToken: true
|
||||
|
||||
---
|
||||
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRole
|
||||
metadata:
|
||||
|
|
@ -23,21 +14,10 @@ kind: ClusterRoleBinding
|
|||
metadata:
|
||||
name: woodpecker-auth
|
||||
subjects:
|
||||
- kind: ServiceAccount
|
||||
- kind: User
|
||||
name: woodpecker-auth
|
||||
namespace: ci
|
||||
roleRef:
|
||||
kind: ClusterRole
|
||||
name: woodpecker-auth
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
|
||||
---
|
||||
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: woodpecker-auth-secret
|
||||
namespace: ci
|
||||
annotations:
|
||||
kubernetes.io/service-account.name: woodpecker-auth
|
||||
type: kubernetes.io/service-account-token
|
||||
|
|
|
|||
Loading…
Reference in a new issue