Skip to content

Commit

Permalink
Add RBAC aggregator cluster roles for appwrappers
Browse files Browse the repository at this point in the history
  • Loading branch information
@dgrove-oss @openshift-merge-bot
dgrove-oss authored and openshift-merge-bot[bot] committed Nov 1, 2024
1 parent 067c47b commit 397963f
Show file tree
Hide file tree
Showing 3 changed files with 51 additions and 0 deletions.
27 changes: 27 additions & 0 deletions config/rbac/appwrapper_editor_role.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,27 @@
# permissions for end users to edit appwrappers.
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
labels:
rbac.authorization.k8s.io/aggregate-to-admin: "true"
rbac.authorization.k8s.io/aggregate-to-edit: "true"
name: appwrapper-editor-role
rules:
- apiGroups:
- workload.codeflare.dev
resources:
- appwrappers
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- workload.codeflare.dev
resources:
- appwrappers/status
verbs:
- get
22 changes: 22 additions & 0 deletions config/rbac/appwrapper_viewer_role.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@
# permissions for end users to view appwrappers.
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
labels:
rbac.authorization.k8s.io/aggregate-to-view: "true"
name: viewer-role
rules:
- apiGroups:
- workload.codeflare.dev
resources:
- appwrappers
verbs:
- get
- list
- watch
- apiGroups:
- workload.codeflare.dev
resources:
- appwrappers/status
verbs:
- get
2 changes: 2 additions & 0 deletions config/rbac/kustomization.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,3 +9,5 @@ resources:
- role_binding.yaml
- leader_election_role.yaml
- leader_election_role_binding.yaml
- appwrapper_editor_role.yaml
- appwrapper_viewer_role.yaml

0 comments on commit 397963f

Please sign in to comment.