set RBAC using serviceaccount script

DataONEorg / k8s-cluster

Documentation on the DataONE Kubernetes cluster

Apache License 2.0

2 stars 1 forks source link

set RBAC using serviceaccount script #29

Closed mbjones closed 2 years ago

mbjones commented 2 years ago

The current serviceaccount script doesn't apply default RBAC rules. Reconfigure to apply the template file.

mbjones commented 2 years ago

I set up the application-context.yaml file in sha e394b43 with the SERVICE_ACCOUNT env variable, and use envsubst to substitute in the servie account name and then apply that. See the new apply_rbac function in the account creation script.

@gothub I tested and this seems to create RBAC properly in the initial service account creation. Please review and see if it looks good to you.

gothub commented 2 years ago

Yes, looks good. I tested in dev k8s and it worked for me.