diff options
Diffstat (limited to 'setup')
-rw-r--r-- | setup/configs/openshift.yml | 2 | ||||
-rw-r--r-- | setup/projects/openshift/templates/maintain.yml.j2 | 33 | ||||
-rw-r--r-- | setup/projects/openshift/vars/script.yml | 2 |
3 files changed, 37 insertions, 0 deletions
diff --git a/setup/configs/openshift.yml b/setup/configs/openshift.yml index 10146e8..a4024ae 100644 --- a/setup/configs/openshift.yml +++ b/setup/configs/openshift.yml @@ -20,6 +20,8 @@ ands_openshift_roles: kaas/admin: csa, kopmann katrin/admin: katrin adei/admin: csa + adei/view: pdv, kopmann + adei/kaas-maintain: pdv, kopmann bora/admin: ntj web/admin: kopmann mon/admin: csa diff --git a/setup/projects/openshift/templates/maintain.yml.j2 b/setup/projects/openshift/templates/maintain.yml.j2 new file mode 100644 index 0000000..41017a5 --- /dev/null +++ b/setup/projects/openshift/templates/maintain.yml.j2 @@ -0,0 +1,33 @@ +apiVersion: v1 +kind: ClusterRole +metadata: + annotations: + openshift.io/description: A user that can create and edit most objects in a project, + but can not update the project's membership. + openshift.io/reconcile-protect: "false" + creationTimestamp: null + name: kaas-maintain +rules: +- resources: + - pods/exec + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch +- resources: + - replicationcontrollers/scale + - deploymentconfigs/scale + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch diff --git a/setup/projects/openshift/vars/script.yml b/setup/projects/openshift/vars/script.yml new file mode 100644 index 0000000..0d9ccef --- /dev/null +++ b/setup/projects/openshift/vars/script.yml @@ -0,0 +1,2 @@ +oc: + - templates: "maintain*" |