github.com/verrazzano/verrazzano@v1.7.1/tools/scripts/testrole.yaml

github.com/verrazzano/verrazzano@v1.7.1/tools/scripts/testrole.yaml (about)

     1  # Copyright (c) 2020, 2021, Oracle and/or its affiliates.
     2  # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl.
     3  
     4  apiVersion: rbac.authorization.k8s.io/v1
     5  kind: ClusterRole
     6  metadata:
     7    name: verrazzano-test-role
     8  rules:
     9    - apiGroups:
    10        - '*'
    11      resources:
    12        # Access to pods for verifying application deployed in test namespace mostly
    13        - pods
    14        - pods/status
    15        # Access to ingresses, mostly required for verrazzano-system namespaces to find ingress for system vmi's and console ingress
    16        - ingresses
    17        # Access to ingresses, mostly required for istio-system namespaces to find ingress ip from istio-ingressgateway service
    18        - services
    19        # Access to secrets, mostly for Verrazzano secret in verrazzano-system to access vmi
    20        - secrets
    21        - destinationrules
    22        - deployments
    23        - gateways
    24        - verrazzanomonitoringinstances
    25      verbs:
    26        - get
    27        - list
    28        - watch
    29    - apiGroups:
    30        - '*'
    31      resources:
    32        # Access to create secrets, bobs-books and todo-list test create docker reg secret
    33        - secrets
    34      verbs:
    35        - create
    36        - update
    37        - delete
    38    - apiGroups:
    39        - '*'
    40      resources:
    41        # Access to get namespaces
    42        - namespaces
    43      verbs:
    44        - get