Add service permission to member role

Change-Id: Iab5f566ce4cbadb1df6cfa1c57756b6c66e0e1e2
This commit is contained in:
okozachenko 2020-08-05 00:52:18 +03:00
parent e5b54502e1
commit 2d65aa29fa
2 changed files with 17 additions and 3 deletions

View File

@ -18,9 +18,17 @@ kind: ClusterRole
metadata: metadata:
name: rbac-members name: rbac-members
rules: rules:
# List and get configmap, pv & pvc and namespaces, nodes & pods & pod logs # List and get configmap, pv & pvc and namespaces, nodes & pods & pod logs & services
- apiGroups: [""] - apiGroups: [""]
resources: ["configmaps", "nodes", "namespaces", "persistentvolumeclaims", "persistentvolumes", "pods", "pods/log"] resources:
- "configmaps"
- "nodes"
- "namespaces"
- "persistentvolumeclaims"
- "persistentvolumes"
- "pods"
- "pods/log"
- "services"
verbs: ["get", "list", "watch"] verbs: ["get", "list", "watch"]
# List all get applications # List all get applications
- apiGroups: ["apps"] - apiGroups: ["apps"]

View File

@ -146,4 +146,10 @@
- name: Ensure listing configmaps works - name: Ensure listing configmaps works
shell: kubectl --context=test get configmaps shell: kubectl --context=test get configmaps
- name: Ensure getting a configmap works - name: Ensure getting a configmap works
shell: kubectl --context=test get configmap test shell: kubectl --context=test get configmap test
# List and get service
- name: Ensure listing services works
shell: kubectl --context=test get services
- name: Ensure getting a configmap works
shell: kubectl --context=test get service kubernetes