github.com/tilt-dev/tilt@v0.36.0/integration/access.yaml

github.com/tilt-dev/tilt@v0.36.0/integration/access.yaml (about)

     1  # Grant access to everything in the tilt-integration namespace
     2  kind: Role
     3  apiVersion: rbac.authorization.k8s.io/v1
     4  metadata:
     5    name: tilt-integration-user-full-access
     6    namespace: tilt-integration
     7  rules:
     8  - apiGroups: ["", "extensions", "apps"]
     9    resources: ["*"]
    10    verbs: ["*"]
    11  - apiGroups: ["batch"]
    12    resources:
    13    - jobs
    14    - cronjobs
    15    verbs: ["*"]
    16  ---
    17  kind: RoleBinding
    18  apiVersion: rbac.authorization.k8s.io/v1
    19  metadata:
    20    name: tilt-integration-user-view
    21    namespace: tilt-integration
    22  subjects:
    23  - kind: ServiceAccount
    24    name: tilt-integration-user
    25    namespace: tilt-integration
    26  roleRef:
    27    apiGroup: rbac.authorization.k8s.io
    28    kind: Role
    29    name: tilt-integration-user-full-access
    30  ---
    31  
    32  # Grant access to nodes across all namespaces
    33  kind: ClusterRole
    34  apiVersion: rbac.authorization.k8s.io/v1
    35  metadata:
    36    name: tilt-integration-user-node-readonly-access
    37  rules:
    38  - apiGroups: [""]
    39    resources: ["nodes"]
    40    verbs: ["get", "watch", "list"]
    41  ---
    42  kind: ClusterRoleBinding
    43  apiVersion: rbac.authorization.k8s.io/v1
    44  metadata:
    45    name: tilt-integration-user-node-view
    46  subjects:
    47  - kind: ServiceAccount
    48    name: tilt-integration-user
    49    namespace: tilt-integration
    50  roleRef:
    51    apiGroup: rbac.authorization.k8s.io
    52    kind: ClusterRole
    53    name: tilt-integration-user-node-readonly-access
    54  ---
    55  
    56  # Grant read-only access to kube-public
    57  kind: ClusterRole
    58  apiVersion: rbac.authorization.k8s.io/v1
    59  metadata:
    60    name: tilt-integration-user-kube-public-readonly-access
    61    namespace: kube-public
    62  rules:
    63    - apiGroups: [""]
    64      resources: ["*"]
    65      verbs: ["get", "watch", "list"]
    66  ---
    67  kind: ClusterRoleBinding
    68  apiVersion: rbac.authorization.k8s.io/v1
    69  metadata:
    70    name: tilt-integration-user-kube-public-view
    71    namespace: kube-public
    72  subjects:
    73    - kind: ServiceAccount
    74      name: tilt-integration-user
    75      namespace: tilt-integration
    76  roleRef:
    77    apiGroup: rbac.authorization.k8s.io
    78    kind: ClusterRole
    79    name: tilt-integration-user-kube-public-readonly-access