92 lines
2.6 KiB
YAML
92 lines
2.6 KiB
YAML
|
apiVersion: template.openshift.io/v1
|
||
|
kind: Template
|
||
|
metadata:
|
||
|
creationTimestamp: null
|
||
|
name: project-request
|
||
|
objects:
|
||
|
- apiVersion: project.openshift.io/v1
|
||
|
kind: Project
|
||
|
metadata:
|
||
|
annotations:
|
||
|
openshift.io/description: ${PROJECT_DESCRIPTION}
|
||
|
openshift.io/display-name: ${PROJECT_DISPLAYNAME}
|
||
|
openshift.io/requester: ${PROJECT_REQUESTING_USER}
|
||
|
labels:
|
||
|
size: small
|
||
|
creationTimestamp: null
|
||
|
name: ${PROJECT_NAME}
|
||
|
spec: {}
|
||
|
status: {}
|
||
|
- apiVersion: rbac.authorization.k8s.io/v1
|
||
|
kind: RoleBinding
|
||
|
metadata:
|
||
|
annotations:
|
||
|
openshift.io/description: Allows all pods in this namespace to pull images from
|
||
|
this namespace. It is auto-managed by a controller; remove subjects to disable.
|
||
|
creationTimestamp: null
|
||
|
name: system:image-pullers
|
||
|
namespace: ${PROJECT_NAME}
|
||
|
roleRef:
|
||
|
apiGroup: rbac.authorization.k8s.io
|
||
|
kind: ClusterRole
|
||
|
name: system:image-puller
|
||
|
subjects:
|
||
|
- apiGroup: rbac.authorization.k8s.io
|
||
|
kind: Group
|
||
|
name: system:serviceaccounts:${PROJECT_NAME}
|
||
|
- apiVersion: rbac.authorization.k8s.io/v1
|
||
|
kind: RoleBinding
|
||
|
metadata:
|
||
|
annotations:
|
||
|
openshift.io/description: Allows builds in this namespace to push images to
|
||
|
this namespace. It is auto-managed by a controller; remove subjects to disable.
|
||
|
creationTimestamp: null
|
||
|
name: system:image-builders
|
||
|
namespace: ${PROJECT_NAME}
|
||
|
roleRef:
|
||
|
apiGroup: rbac.authorization.k8s.io
|
||
|
kind: ClusterRole
|
||
|
name: system:image-builder
|
||
|
subjects:
|
||
|
- kind: ServiceAccount
|
||
|
name: builder
|
||
|
namespace: ${PROJECT_NAME}
|
||
|
- apiVersion: rbac.authorization.k8s.io/v1
|
||
|
kind: RoleBinding
|
||
|
metadata:
|
||
|
annotations:
|
||
|
openshift.io/description: Allows deploymentconfigs in this namespace to rollout
|
||
|
pods in this namespace. It is auto-managed by a controller; remove subjects
|
||
|
to disable.
|
||
|
creationTimestamp: null
|
||
|
name: system:deployers
|
||
|
namespace: ${PROJECT_NAME}
|
||
|
roleRef:
|
||
|
apiGroup: rbac.authorization.k8s.io
|
||
|
kind: ClusterRole
|
||
|
name: system:deployer
|
||
|
subjects:
|
||
|
- kind: ServiceAccount
|
||
|
name: deployer
|
||
|
namespace: ${PROJECT_NAME}
|
||
|
- apiVersion: rbac.authorization.k8s.io/v1
|
||
|
kind: RoleBinding
|
||
|
metadata:
|
||
|
creationTimestamp: null
|
||
|
name: admin
|
||
|
namespace: ${PROJECT_NAME}
|
||
|
roleRef:
|
||
|
apiGroup: rbac.authorization.k8s.io
|
||
|
kind: ClusterRole
|
||
|
name: admin
|
||
|
subjects:
|
||
|
- apiGroup: rbac.authorization.k8s.io
|
||
|
kind: User
|
||
|
name: ${PROJECT_ADMIN_USER}
|
||
|
parameters:
|
||
|
- name: PROJECT_NAME
|
||
|
- name: PROJECT_DISPLAYNAME
|
||
|
- name: PROJECT_DESCRIPTION
|
||
|
- name: PROJECT_ADMIN_USER
|
||
|
- name: PROJECT_REQUESTING_USER
|