From b6afd567162f5437421a285c017e75c2950ad270 Mon Sep 17 00:00:00 2001 From: "Benjamin A. Petersen" Date: Wed, 11 Oct 2023 12:49:18 -0400 Subject: [PATCH] remove old install artifacts --- .../local-user-authenticator-pkginstall.yml | 27 ++++++++++++++ ...-package-rbac-concierge-concierge-rbac.yml | 35 +++++++++++++++++++ ...nticator-local-user-authenticator-rbac.yml | 35 +++++++++++++++++++ ...ackage-rbac-supervisor-supervisor-rbac.yml | 35 +++++++++++++++++++ 4 files changed, 132 insertions(+) create mode 100644 deploy_carvel/deploy/local-user-authenticator-pkginstall.yml create mode 100644 deploy_carvel/deploy/pinniped-package-rbac-concierge-concierge-rbac.yml create mode 100644 deploy_carvel/deploy/pinniped-package-rbac-local-user-authenticator-local-user-authenticator-rbac.yml create mode 100644 deploy_carvel/deploy/pinniped-package-rbac-supervisor-supervisor-rbac.yml diff --git a/deploy_carvel/deploy/local-user-authenticator-pkginstall.yml b/deploy_carvel/deploy/local-user-authenticator-pkginstall.yml new file mode 100644 index 00000000..c1dbfedc --- /dev/null +++ b/deploy_carvel/deploy/local-user-authenticator-pkginstall.yml @@ -0,0 +1,27 @@ +--- +apiVersion: packaging.carvel.dev/v1alpha1 +kind: PackageInstall +metadata: + # name, does not have to be versioned, versionSelection.constraints below will handle + name: "local-user-authenticator-package-install" + namespace: "local-user-authenticator-install-ns" +spec: + serviceAccountName: "pinniped-package-rbac-local-user-authenticator-sa-superadmin-dangerous" + packageRef: + refName: "local-user-authenticator.pinniped.dev" + versionSelection: + constraints: "0.0.0-7E26B8EF-A4D6-4020-83E8-EAF8F3D1533F" + values: + - secretRef: + name: "local-user-authenticator-package-install-secret" +--- +apiVersion: v1 +kind: Secret +metadata: + name: "local-user-authenticator-package-install-secret" + namespace: "local-user-authenticator-install-ns" +stringData: + values.yml: | + --- + image_repo: kind-registry.local:5000/test/build + image_tag: 0.0.0-7E26B8EF-A4D6-4020-83E8-EAF8F3D1533F diff --git a/deploy_carvel/deploy/pinniped-package-rbac-concierge-concierge-rbac.yml b/deploy_carvel/deploy/pinniped-package-rbac-concierge-concierge-rbac.yml new file mode 100644 index 00000000..bd79c4cd --- /dev/null +++ b/deploy_carvel/deploy/pinniped-package-rbac-concierge-concierge-rbac.yml @@ -0,0 +1,35 @@ +--- +apiVersion: v1 +kind: Namespace +metadata: + name: "concierge-install-ns" +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: "pinniped-package-rbac-concierge-sa-superadmin-dangerous" + namespace: "concierge-install-ns" +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: "pinniped-package-rbac-concierge-role-superadmin-dangerous" + namespace: "concierge-install-ns" +rules: +- apiGroups: ["*"] + resources: ["*"] + verbs: ["*"] +--- +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: "pinniped-package-rbac-concierge-role-binding-superadmin-dangerous" +subjects: +- kind: ServiceAccount + name: "pinniped-package-rbac-concierge-sa-superadmin-dangerous" + namespace: "concierge-install-ns" +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: "pinniped-package-rbac-concierge-role-superadmin-dangerous" + diff --git a/deploy_carvel/deploy/pinniped-package-rbac-local-user-authenticator-local-user-authenticator-rbac.yml b/deploy_carvel/deploy/pinniped-package-rbac-local-user-authenticator-local-user-authenticator-rbac.yml new file mode 100644 index 00000000..b04a37c6 --- /dev/null +++ b/deploy_carvel/deploy/pinniped-package-rbac-local-user-authenticator-local-user-authenticator-rbac.yml @@ -0,0 +1,35 @@ +--- +apiVersion: v1 +kind: Namespace +metadata: + name: "local-user-authenticator-install-ns" +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: "pinniped-package-rbac-local-user-authenticator-sa-superadmin-dangerous" + namespace: "local-user-authenticator-install-ns" +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: "pinniped-package-rbac-local-user-authenticator-role-superadmin-dangerous" + namespace: "local-user-authenticator-install-ns" +rules: +- apiGroups: ["*"] + resources: ["*"] + verbs: ["*"] +--- +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: "pinniped-package-rbac-local-user-authenticator-role-binding-superadmin-dangerous" +subjects: +- kind: ServiceAccount + name: "pinniped-package-rbac-local-user-authenticator-sa-superadmin-dangerous" + namespace: "local-user-authenticator-install-ns" +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: "pinniped-package-rbac-local-user-authenticator-role-superadmin-dangerous" + diff --git a/deploy_carvel/deploy/pinniped-package-rbac-supervisor-supervisor-rbac.yml b/deploy_carvel/deploy/pinniped-package-rbac-supervisor-supervisor-rbac.yml new file mode 100644 index 00000000..d3ea042a --- /dev/null +++ b/deploy_carvel/deploy/pinniped-package-rbac-supervisor-supervisor-rbac.yml @@ -0,0 +1,35 @@ +--- +apiVersion: v1 +kind: Namespace +metadata: + name: "supervisor-install-ns" +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: "pinniped-package-rbac-supervisor-sa-superadmin-dangerous" + namespace: "supervisor-install-ns" +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: "pinniped-package-rbac-supervisor-role-superadmin-dangerous" + namespace: "supervisor-install-ns" +rules: +- apiGroups: ["*"] + resources: ["*"] + verbs: ["*"] +--- +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: "pinniped-package-rbac-supervisor-role-binding-superadmin-dangerous" +subjects: +- kind: ServiceAccount + name: "pinniped-package-rbac-supervisor-sa-superadmin-dangerous" + namespace: "supervisor-install-ns" +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: "pinniped-package-rbac-supervisor-role-superadmin-dangerous" +