github.com/argoproj/argo-events@v1.9.1/examples/rbac/workflow-rbac.yaml

github.com/argoproj/argo-events@v1.9.1/examples/rbac/workflow-rbac.yaml (about)

     1  # This file enables a Workflow Pod (running Emissary executor) to be able to read and patch WorkflowTaskResults,
     2  # which get shared with the Workflow Controller. The Controller uses the results to update Workflow status.
     3  apiVersion: rbac.authorization.k8s.io/v1
     4  kind: Role
     5  metadata:
     6    annotations:
     7      workflows.argoproj.io/description: |
     8        Recomended minimum permissions for the `emissary` executor.
     9    name: executor
    10  rules:
    11  - apiGroups:
    12    - argoproj.io
    13    resources:
    14    - workflowtaskresults
    15    verbs:
    16    - create
    17    - patch
    18  ---
    19  apiVersion: rbac.authorization.k8s.io/v1
    20  kind: RoleBinding
    21  metadata:
    22    name: executor-default
    23  roleRef:
    24    apiGroup: rbac.authorization.k8s.io
    25    kind: Role
    26    name: executor
    27  subjects:
    28  - kind: ServiceAccount
    29    name: default