Packer.Images/ansible/roles/firstboot/files/ansible_payload/bootstrap/templates/serviceaccount.j2.DISABLED
Danny Bessems 89cf69adc7
All checks were successful
continuous-integration/drone/push Build is passing
Refactor cluster registration
2023-04-02 22:36:23 +02:00

28 lines
723 B
Plaintext

apiVersion: v1
kind: ServiceAccount
metadata:
name: {{ _template.account.name }}
namespace: {{ _template.account.namespace }}
---
apiVersion: v1
kind: Secret
metadata:
name: {{ _template.account.name }}-secret
namespace: {{ _template.account.namespace }}
annotations:
kubernetes.io/service-account.name: {{ _template.account.name }}
type: kubernetes.io/service-account-token
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: {{ _template.clusterrolebinding.name }}
subjects:
- kind: ServiceAccount
name: {{ _template.account.name }}
namespace: {{ _template.account.namespace }}
roleRef:
kind: ClusterRole
name: cluster-admin
apiGroup: rbac.authorization.k8s.io