summaryrefslogtreecommitdiffstats
path: root/setup/projects/openshift
diff options
context:
space:
mode:
Diffstat (limited to 'setup/projects/openshift')
-rw-r--r--setup/projects/openshift/templates/maintain.yml.j233
-rw-r--r--setup/projects/openshift/vars/script.yml2
2 files changed, 35 insertions, 0 deletions
diff --git a/setup/projects/openshift/templates/maintain.yml.j2 b/setup/projects/openshift/templates/maintain.yml.j2
new file mode 100644
index 0000000..41017a5
--- /dev/null
+++ b/setup/projects/openshift/templates/maintain.yml.j2
@@ -0,0 +1,33 @@
+apiVersion: v1
+kind: ClusterRole
+metadata:
+ annotations:
+ openshift.io/description: A user that can create and edit most objects in a project,
+ but can not update the project's membership.
+ openshift.io/reconcile-protect: "false"
+ creationTimestamp: null
+ name: kaas-maintain
+rules:
+- resources:
+ - pods/exec
+ verbs:
+ - create
+ - delete
+ - deletecollection
+ - get
+ - list
+ - patch
+ - update
+ - watch
+- resources:
+ - replicationcontrollers/scale
+ - deploymentconfigs/scale
+ verbs:
+ - create
+ - delete
+ - deletecollection
+ - get
+ - list
+ - patch
+ - update
+ - watch
diff --git a/setup/projects/openshift/vars/script.yml b/setup/projects/openshift/vars/script.yml
new file mode 100644
index 0000000..0d9ccef
--- /dev/null
+++ b/setup/projects/openshift/vars/script.yml
@@ -0,0 +1,2 @@
+oc:
+ - templates: "maintain*"