91 lines
1.8 KiB
YAML
91 lines
1.8 KiB
YAML
---
|
|
apiVersion: v1
|
|
kind: ServiceAccount
|
|
metadata:
|
|
name: kubernetes-replicator
|
|
namespace: kube-system
|
|
---
|
|
apiVersion: rbac.authorization.k8s.io/v1
|
|
kind: ClusterRole
|
|
metadata:
|
|
name: kubernetes-replicator
|
|
rules:
|
|
- apiGroups: ["", "apps", "extensions"]
|
|
resources:
|
|
- secrets
|
|
- configmaps
|
|
- roles
|
|
- rolebindings
|
|
- cronjobs
|
|
- deployments
|
|
- events
|
|
- ingresses
|
|
- jobs
|
|
- pods
|
|
- pods/attach
|
|
- pods/exec
|
|
- pods/log
|
|
- pods/portforward
|
|
- services
|
|
- namespaces
|
|
- serviceaccounts
|
|
verbs: ["*"]
|
|
- apiGroups: ["batch"]
|
|
resources:
|
|
- configmaps
|
|
- cronjobs
|
|
- deployments
|
|
- events
|
|
- ingresses
|
|
- jobs
|
|
- pods
|
|
- pods/attach
|
|
- pods/exec
|
|
- pods/log
|
|
- pods/portforward
|
|
- services
|
|
verbs: ["*"]
|
|
- apiGroups: ["rbac.authorization.k8s.io"]
|
|
resources:
|
|
- roles
|
|
- rolebindings
|
|
- clusterrolebindings
|
|
verbs: ["get", "list", "watch"]
|
|
---
|
|
apiVersion: rbac.authorization.k8s.io/v1
|
|
kind: ClusterRoleBinding
|
|
metadata:
|
|
name: kubernetes-replicator
|
|
roleRef:
|
|
apiGroup: rbac.authorization.k8s.io
|
|
kind: ClusterRole
|
|
name: kubernetes-replicator
|
|
subjects:
|
|
- kind: ServiceAccount
|
|
name: kubernetes-replicator
|
|
namespace: kube-system
|
|
---
|
|
apiVersion: argoproj.io/v1alpha1
|
|
kind: Application
|
|
metadata:
|
|
name: kubernetes-replicator
|
|
namespace: argocd
|
|
spec:
|
|
project: default
|
|
source:
|
|
repoURL: "https://helm.mittwald.de"
|
|
chart: "kubernetes-replicator"
|
|
targetRevision: "2.12.0"
|
|
helm:
|
|
releaseName: "kubernetes-replicator"
|
|
values: |
|
|
serviceAccount:
|
|
create: false
|
|
name: kubernetes-replicator
|
|
destination:
|
|
server: "https://kubernetes.default.svc"
|
|
namespace: kube-system
|
|
syncPolicy:
|
|
automated:
|
|
prune: true
|
|
selfHeal: true
|