wooo/awoooi
1
1
Fork 0
Code Issues 2 Pull Requests 1 Actions 2 Packages Projects Releases Wiki Activity
Files
2a2cb16c135fd7e5b159d94de9b5ff04f6cf31f5
awoooi/k8s/awoooi-dev/05-rbac.yaml
OG T 71a4e0f8c8
Some checks failed
CD Pipeline / build-and-deploy (push) Successful in 6m54s
Details
E2E Health Check / e2e-health (push) Successful in 16s
Details
CD Pipeline (Dev) / build-and-deploy-dev (push) Failing after 3m53s
Details
fix(k8s): 修復 dev RBAC RoleBinding 欄位名稱錯誤 
apiRef → name (正確 Kubernetes 欄位名稱)
防止 RoleBinding 建立失敗

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-01 16:27:12 +08:00

44 lines
991 B
YAML
Raw Blame History

# AWOOOI Dev RBAC - 最小權限
# 版本: v1.0 | 日期: 2026-04-01
apiVersion: v1
kind: ServiceAccount
metadata:
name: awoooi-executor-dev
namespace: awoooi-dev
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: awoooi-executor-dev-role
namespace: awoooi-dev
rules:
- apiGroups: ["apps"]
resources: ["deployments"]
verbs: ["get", "list", "watch", "patch", "update"]
- apiGroups: ["apps"]
resources: ["deployments/scale"]
verbs: ["patch", "update"]
- apiGroups: [""]
resources: ["pods"]
verbs: ["get", "list", "watch", "delete"]
- apiGroups: [""]
resources: ["events"]
verbs: ["get", "list", "watch"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: awoooi-executor-dev-binding
namespace: awoooi-dev
subjects:
- kind: ServiceAccount
name: awoooi-executor-dev
namespace: awoooi-dev
roleRef:
kind: Role
name: awoooi-executor-dev-role
apiGroup: rbac.authorization.k8s.io
Reference in New Issue View Git Blame Copy Permalink