From a082a0a0574788f011bd75ca098a50534e9e010d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?S=C3=B6ren=20Henning?= <soeren.henning@email.uni-kiel.de>
Date: Mon, 7 Dec 2020 10:06:53 +0100
Subject: [PATCH] Add RBAC resources

---
 .../kubernetes/rbac/role-binding.yaml         | 11 +++++
 .../infrastructure/kubernetes/rbac/role.yaml  | 41 +++++++++++++++++++
 .../kubernetes/rbac/service-account.yaml      |  4 ++
 3 files changed, 56 insertions(+)
 create mode 100644 execution/infrastructure/kubernetes/rbac/role-binding.yaml
 create mode 100644 execution/infrastructure/kubernetes/rbac/role.yaml
 create mode 100644 execution/infrastructure/kubernetes/rbac/service-account.yaml

diff --git a/execution/infrastructure/kubernetes/rbac/role-binding.yaml b/execution/infrastructure/kubernetes/rbac/role-binding.yaml
new file mode 100644
index 000000000..ef2d0c015
--- /dev/null
+++ b/execution/infrastructure/kubernetes/rbac/role-binding.yaml
@@ -0,0 +1,11 @@
+apiVersion: rbac.authorization.k8s.io/v1beta1
+kind: RoleBinding
+metadata:
+  name: theodolite
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: Role
+  name: theodolite
+subjects:
+- kind: ServiceAccount
+  name: theodolite
\ No newline at end of file
diff --git a/execution/infrastructure/kubernetes/rbac/role.yaml b/execution/infrastructure/kubernetes/rbac/role.yaml
new file mode 100644
index 000000000..84ba14a8b
--- /dev/null
+++ b/execution/infrastructure/kubernetes/rbac/role.yaml
@@ -0,0 +1,41 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+  name: theodolite
+rules:
+  - apiGroups:
+    - apps
+    resources:
+    - deployments
+    verbs:
+    - delete
+    - list
+    - get
+    - create
+  - apiGroups:
+    - ""
+    resources:
+    - services
+    - pods
+    - servicemonitors
+    - configmaps
+    verbs:
+    - delete
+    - list
+    - get
+    - create
+  - apiGroups:
+    - ""
+    resources:
+    - pods/exec
+    verbs:
+    - create
+    - get
+  - apiGroups:
+    - monitoring.coreos.com
+    resources:
+    - servicemonitors
+    verbs:
+    - delete
+    - list
+    - create
\ No newline at end of file
diff --git a/execution/infrastructure/kubernetes/rbac/service-account.yaml b/execution/infrastructure/kubernetes/rbac/service-account.yaml
new file mode 100644
index 000000000..c7f33076e
--- /dev/null
+++ b/execution/infrastructure/kubernetes/rbac/service-account.yaml
@@ -0,0 +1,4 @@
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: theodolite
\ No newline at end of file
-- 
GitLab