dev/tekton-demo
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

test update

Browse Source
This commit is contained in:
icurfer
2025-08-04 17:27:13 +09:00
parent 4e125a8456
commit 37b2474419
1 changed files with 17 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

29
sample-build/01-serviceaccount.yaml
View File

@ -1,9 +1,16 @@
# Tekton 빌드 및 트리거 공용 ServiceAccount
apiVersion: v1
kind: ServiceAccount
metadata:
name: tekton-triggers-sa
name: tekton-build-sa
namespace: tekton-demo
secrets:
- name: harbor-dockerconfig # Harbor 인증용 Secret
imagePullSecrets:
- name: harbor-dockerconfig # Docker 인증 정보 사용
---
# Tekton 파이프라인 실행 및 리소스 접근 권한(Role)
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
@ -15,10 +22,11 @@ rules:
verbs: ["get", "list", "watch", "create", "update", "delete"]
---
# RoleBinding - 해당 네임스페이스에서 tekton-build-sa에 Role 부여
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: tekton-build-sa-binding
name: tekton-build-rolebinding
namespace: tekton-demo
subjects:
- kind: ServiceAccount
@ -27,19 +35,15 @@ roleRef:
kind: Role
name: tekton-build-role
apiGroup: rbac.authorization.k8s.io
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: tekton-build-sa
namespace: tekton-demo
---
# Tekton Triggers(ClusterScope)용 권한
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: tekton-triggers-role
rules:
- apiGroups: [""] # core API
- apiGroups: [""]
resources: ["pods", "services", "endpoints", "configmaps", "secrets"]
verbs: ["get", "list", "watch", "create", "update", "patch", "delete"]
- apiGroups: ["apps"]
@ -48,11 +52,13 @@ rules:
- apiGroups: ["triggers.tekton.dev"]
resources: ["eventlisteners", "triggerbindings", "triggertemplates", "triggers"]
verbs: ["get", "list", "watch", "create", "update", "patch", "delete"]
---
# ClusterRoleBinding - tekton-build-sa에 Triggers ClusterRole 부여
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: tekton-build-sa-binding
name: tekton-triggers-clusterrolebinding
subjects:
- kind: ServiceAccount
name: tekton-build-sa
@ -60,5 +66,4 @@ subjects:
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cluster-admin
name: tekton-triggers-role