sjenning · November 7, 2022 20:09 · Nov 7, 2022 · Nov 7, 2022 · Nov 7, 2022
diff --git a/sjenning-ci-cluster-config.yaml b/sjenning-ci-cluster-config.yaml
@@ -3,6 +3,47 @@ kind: Namespace
 metadata:
   name: sjenning
 ---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+  name: hypershift
+  namespace: sjenning
+rules:
+- apiGroups:
+  - hypershift.openshift.io
+  resources:
+  - hostedclusters
+  - nodepools
+  - nodepools/admin
+  verbs:
+  - create
+  - get
+  - list
+  - watch
+  - update
+  - patch
+  - delete
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+  name: hypershift
+  namespace: sjenning
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: Role
+  name: hypershift
+subjects:
+- kind: ServiceAccount
+  name: sjenning-dev
+  namespace: sjenning
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: sjenning-dev
+  namespace: sjenning
+---
 apiVersion: v1
 kind: ServiceAccount
 metadata:

diff --git a/sjenning-ci-cluster-config.yaml b/sjenning-ci-cluster-config.yaml
@@ -3,41 +3,6 @@ kind: Namespace
 metadata:
   name: sjenning
 ---
-apiVersion: rbac.authorization.k8s.io/v1
-kind: Role
-metadata:
-  name: hypershift
-  namespace: sjenning
-rules:
-- apiGroups:
-  - hypershift.openshift.io
-  resources:
-  - hostedclusters
-  - nodepools
-  - nodepools/admin
-  verbs:
-  - create
-  - get
-  - list
-  - watch
-  - update
-  - patch
-  - delete
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: RoleBinding
-metadata:
-  name: hypershift
-  namespace: sjenning
-roleRef:
-  apiGroup: rbac.authorization.k8s.io
-  kind: Role
-  name: hypershift
-subjects:
-- kind: ServiceAccount
-  name: sjenning-dev
-  namespace: sjenning
----
 apiVersion: v1
 kind: ServiceAccount
 metadata:

diff --git a/sjenning-ci-cluster-config.yaml b/sjenning-ci-cluster-config.yaml
@@ -0,0 +1,86 @@
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: sjenning
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+  name: hypershift
+  namespace: sjenning
+rules:
+- apiGroups:
+  - hypershift.openshift.io
+  resources:
+  - hostedclusters
+  - nodepools
+  - nodepools/admin
+  verbs:
+  - create
+  - get
+  - list
+  - watch
+  - update
+  - patch
+  - delete
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+  name: hypershift
+  namespace: sjenning
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: Role
+  name: hypershift
+subjects:
+- kind: ServiceAccount
+  name: sjenning-dev
+  namespace: sjenning
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: sjenning-dev
+  namespace: sjenning
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+  name: admin-sjenning
+  namespace: sjenning
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: admin
+subjects:
+- kind: ServiceAccount
+  name: sjenning-dev
+  namespace: sjenning
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: sjenning-namespace-patcher
+rules:
+- apiGroups:
+  - ""
+  resourceNames:
+  - sjenning
+  resources:
+  - namespaces
+  verbs:
+  - patch
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: sjenning-namespace-patcher
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: sjenning-namespace-patcher
+subjects:
+- kind: ServiceAccount
+  name: sjenning-dev
+  namespace: sjenning
No results found