From 666b81af9c216ad93141f904f75863dc26ad20d1 Mon Sep 17 00:00:00 2001
From: Magnus Andersson <mandersson@sunet.se>
Date: Wed, 6 Nov 2024 15:07:53 +0100
Subject: [PATCH] Add matrix deploy role

---
 k8s/matrix/matrix-deploy-role.yaml | 43 ++++++++++++++++++++++++++++++
 k8s/matrix/matrix-namespace.yaml   |  7 +++++
 2 files changed, 50 insertions(+)
 create mode 100644 k8s/matrix/matrix-deploy-role.yaml
 create mode 100644 k8s/matrix/matrix-namespace.yaml

diff --git a/k8s/matrix/matrix-deploy-role.yaml b/k8s/matrix/matrix-deploy-role.yaml
new file mode 100644
index 0000000..018e59d
--- /dev/null
+++ b/k8s/matrix/matrix-deploy-role.yaml
@@ -0,0 +1,43 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+  namespace: btsystem-registry
+  name: btsystemregistry-reader
+rules:
+  - apiGroups: [""] # "" indicates the core API group
+    resources:
+      - pods
+      - configmaps
+      - events
+      - limitranges
+      - persistentvolumeclaims
+      - podtemplates
+      - replicationcontrollers
+      - resourcequotas
+      - secrets
+      - services
+      - controllerrevisions
+      - daemonsets
+      - deployments
+      - replicasets
+      - statefulsets
+      - localsubjectaccessreviews
+      - horizontalpodautoscalers
+      - cronjobs
+      - jobs
+      - leases
+      - networkpolicies
+      - networksets
+      - endpointslices
+      - events
+      - ingresses
+      - networkpolicies
+      - objectbucketclaims
+      - poddisruptionbudgets
+      - rolebindings
+      - roles
+      - csistoragecapacities
+    verbs:
+      - get
+      - watch
+      - list
diff --git a/k8s/matrix/matrix-namespace.yaml b/k8s/matrix/matrix-namespace.yaml
new file mode 100644
index 0000000..76f5ca6
--- /dev/null
+++ b/k8s/matrix/matrix-namespace.yaml
@@ -0,0 +1,7 @@
+---
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: matrix
+  labels:
+    name: matrix