Skip to content

Commit 7d68aef

Browse files
TheMeinerLPTheMeinerLP
committed
feat(kustomization): Add Kustomization and RBAC configurations for controllers and roles
1 parent d9e0030 commit 7d68aef

File tree

5 files changed

+70
-0
lines changed

5 files changed

+70
-0
lines changed

clusters/feather-core/controllers.yaml

Lines changed: 21 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,21 @@
1+
apiVersion: kustomize.toolkit.fluxcd.io/v1
2+
kind: Kustomization
3+
metadata:
4+
name: controllers
5+
namespace: flux-system
6+
spec:
7+
dependsOn:
8+
- name: base-controllers
9+
interval: 1m
10+
retryInterval: 1m
11+
timeout: 5m
12+
sourceRef:
13+
kind: GitRepository
14+
name: flux-system
15+
path: ./infrastructure/clusters/feather-core/controllers
16+
prune: true
17+
wait: true
18+
decryption:
19+
provider: sops
20+
secretRef:
21+
name: sops-gpg

clusters/feather-core/rbac.yaml

Lines changed: 19 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,19 @@
1+
apiVersion: kustomize.toolkit.fluxcd.io/v1
2+
kind: Kustomization
3+
metadata:
4+
name: rbac
5+
namespace: flux-system
6+
spec:
7+
interval: 1h
8+
retryInterval: 1m
9+
timeout: 5m
10+
sourceRef:
11+
kind: GitRepository
12+
name: flux-system
13+
path: ./infrastructure/clusters/feather-core/rbac
14+
prune: true
15+
wait: true
16+
decryption:
17+
provider: sops
18+
secretRef:
19+
name: sops-gpg

infrastructure/clusters/feather-core/rbac/kustomization.yaml

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,6 @@
1+
apiVersion: kustomize.config.k8s.io/v1beta1
2+
kind: Kustomization
3+
4+
resources:
5+
- themeinerlp.yml
6+
- onelitefeather.yml

infrastructure/clusters/feather-core/rbac/onelitefeather.yml

Lines changed: 12 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,12 @@
1+
apiVersion: rbac.authorization.k8s.io/v1
2+
kind: ClusterRoleBinding
3+
metadata:
4+
name: oidc-onelitefeather-binding
5+
subjects:
6+
- kind: User
7+
name: "oidc:onelitefeather@onelitefeather.net"
8+
apiGroup: rbac.authorization.k8s.io
9+
roleRef:
10+
kind: ClusterRole
11+
name: cluster-admin
12+
apiGroup: rbac.authorization.k8s.io

infrastructure/clusters/feather-core/rbac/themeinerlp.yml

Lines changed: 12 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,12 @@
1+
apiVersion: rbac.authorization.k8s.io/v1
2+
kind: ClusterRoleBinding
3+
metadata:
4+
name: oidc-themeinerlp-binding
5+
subjects:
6+
- kind: User
7+
name: "oidc:themeinerlp@onelitefeather.net"
8+
apiGroup: rbac.authorization.k8s.io
9+
roleRef:
10+
kind: ClusterRole
11+
name: cluster-admin
12+
apiGroup: rbac.authorization.k8s.io

0 commit comments

Comments
 (0)