From ba352e7f2d911b490b4f5f900ae86509753eafba Mon Sep 17 00:00:00 2001 From: Janis Date: Sat, 2 May 2026 22:12:20 +0200 Subject: [PATCH] feat(rbac): add Role and RoleBinding for coordinator rollout scaler in nowchess and nowchess-staging namespaces --- nowchess/eu-central-1-prod/kustomization.yaml | 1 + .../eu-central-1-prod/rbac-coordinator.yaml | 24 ++++++++++++++++++ .../eu-central-1-staging/kustomization.yaml | 1 + .../rbac-coordinator.yaml | 25 +++++++++++++++++++ 4 files changed, 51 insertions(+) create mode 100644 nowchess/eu-central-1-prod/rbac-coordinator.yaml create mode 100644 nowchess/eu-central-1-staging/rbac-coordinator.yaml diff --git a/nowchess/eu-central-1-prod/kustomization.yaml b/nowchess/eu-central-1-prod/kustomization.yaml index c0e5e1c..f71ea2d 100644 --- a/nowchess/eu-central-1-prod/kustomization.yaml +++ b/nowchess/eu-central-1-prod/kustomization.yaml @@ -4,6 +4,7 @@ namespace: nowchess resources: - ../base - ingress.yaml +- rbac-coordinator.yaml patches: - patch: |- apiVersion: v1 diff --git a/nowchess/eu-central-1-prod/rbac-coordinator.yaml b/nowchess/eu-central-1-prod/rbac-coordinator.yaml new file mode 100644 index 0000000..dadbed5 --- /dev/null +++ b/nowchess/eu-central-1-prod/rbac-coordinator.yaml @@ -0,0 +1,24 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: coordinator-rollout-scaler + namespace: nowchess +rules: + - apiGroups: ["argoproj.io"] + resources: ["rollouts", "rollouts/scale"] + verbs: ["get", "update", "patch"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: coordinator-rollout-scaler + namespace: nowchess +subjects: + - kind: ServiceAccount + name: default + namespace: nowchess +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: coordinator-rollout-scaler + diff --git a/nowchess/eu-central-1-staging/kustomization.yaml b/nowchess/eu-central-1-staging/kustomization.yaml index 51d42d1..7e1ea9c 100644 --- a/nowchess/eu-central-1-staging/kustomization.yaml +++ b/nowchess/eu-central-1-staging/kustomization.yaml @@ -4,6 +4,7 @@ namespace: nowchess-staging resources: - ../base - ingress.yaml +- rbac-coordinator.yaml patches: - patch: |- apiVersion: v1 diff --git a/nowchess/eu-central-1-staging/rbac-coordinator.yaml b/nowchess/eu-central-1-staging/rbac-coordinator.yaml new file mode 100644 index 0000000..66841a5 --- /dev/null +++ b/nowchess/eu-central-1-staging/rbac-coordinator.yaml @@ -0,0 +1,25 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: coordinator-rollout-scaler + namespace: nowchess-staging +rules: + - apiGroups: ["argoproj.io"] + resources: ["rollouts", "rollouts/scale"] + verbs: ["get", "update", "patch"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: coordinator-rollout-scaler + namespace: nowchess-staging +subjects: + - kind: ServiceAccount + name: default + namespace: nowchess-staging +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: coordinator-rollout-scaler + +