From 706e472f661dcd6066b92c146a61463098c41e8a Mon Sep 17 00:00:00 2001 From: Floppy Disk Date: Fri, 6 Dec 2024 13:43:19 +0300 Subject: [PATCH] add cozystack-cluster-admin --- .../templates/configure-kk.yaml | 13 +++++++++++++ .../templates/rolebinding.yaml | 16 ++++++++++++++++ .../keycloak-configure/templates/roles.yaml | 15 +++++++++++++++ 3 files changed, 44 insertions(+) create mode 100644 packages/system/keycloak-configure/templates/roles.yaml diff --git a/packages/system/keycloak-configure/templates/configure-kk.yaml b/packages/system/keycloak-configure/templates/configure-kk.yaml index f9c19b27..5ec8e0ae 100644 --- a/packages/system/keycloak-configure/templates/configure-kk.yaml +++ b/packages/system/keycloak-configure/templates/configure-kk.yaml @@ -225,3 +225,16 @@ spec: realmRef: name: keycloakrealm-cozy kind: ClusterKeycloakRealm + +--- + +apiVersion: v1.edp.epam.com/v1 +kind: KeycloakRealmGroup +metadata: + name: cozystack-cluster-admin + namespace: cozy-dashboard +spec: + name: cozystack-cluster-admin + realmRef: + name: keycloakrealm-cozy + kind: ClusterKeycloakRealm diff --git a/packages/system/keycloak-configure/templates/rolebinding.yaml b/packages/system/keycloak-configure/templates/rolebinding.yaml index 83272889..53d606a7 100644 --- a/packages/system/keycloak-configure/templates/rolebinding.yaml +++ b/packages/system/keycloak-configure/templates/rolebinding.yaml @@ -11,3 +11,19 @@ subjects: - apiGroup: rbac.authorization.k8s.io kind: Group name: kubeapps-admin + +--- + +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: cozystack-cluster-admin-group + namespace: cozy-dashboard +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: cozystack-cluster-admin +subjects: +- apiGroup: rbac.authorization.k8s.io + kind: Group + name: cozystack-cluster-admin diff --git a/packages/system/keycloak-configure/templates/roles.yaml b/packages/system/keycloak-configure/templates/roles.yaml new file mode 100644 index 00000000..8b35215e --- /dev/null +++ b/packages/system/keycloak-configure/templates/roles.yaml @@ -0,0 +1,15 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: cozystack-cluster-admin +rules: +- apiGroups: + - '*' + resources: + - '*' + verbs: + - '*' +- nonResourceURLs: + - '*' + verbs: + - '*'