Mirrors/flux2
1
0
Fork 0
mirror of synced 2026-03-21 18:06:55 +00:00
Code Issues Packages Projects Releases Wiki Activity

Grant service account read-only access to controllers

Browse Source 
For image automation to use a service account to authenticate to container registries, the controllers needs read-only access to service accounts.

Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
This commit is contained in:
Stefan Prodan
2022-05-04 10:47:04 +03:00
parent 4dd20af7e0
commit 5dee903374
1 changed files with 2 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
manifests/rbac/controller.yaml
View File

@@ -23,6 +23,8 @@ rules:
resources: resources:
- namespaces - namespaces
- secrets - secrets
- configmaps
- serviceaccounts
verbs: verbs:
- get - get
- list - list
@@ -34,19 +36,6 @@ rules:
verbs: verbs:
- create - create
- patch - patch
- apiGroups:
- ""
resources:
- configmaps
- configmaps/status
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups: - apiGroups:
- "coordination.k8s.io" - "coordination.k8s.io"
resources: resources: