Skip to content

Commit

Permalink
feat: Add permission to patch secret for updating exist certificate
Browse files Browse the repository at this point in the history
  • Loading branch information
jay-bisonai committed Apr 17, 2024
1 parent c10cfb9 commit e5632e3
Showing 1 changed file with 6 additions and 3 deletions.
9 changes: 6 additions & 3 deletions cronjobs/values.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -76,14 +76,17 @@ jobs:
mountPath: /etc/letsencrypt
namespace: orakl
clusterRole:
name: orakl-tls-renew-permission
name: orakl-tls-renew
rules:
- apiGroups: ["apps"]
resources: ["deployments"]
verbs: ["get", "list"]
- apiGroups: [""]
resources: ["pods", "secrets"]
resources: ["pods"]
verbs: ["get", "list", "exec"]
- apiGroups: [""]
resources: ["secrets"]
verbs: ["get", "list", "patch"]
- apiGroups: [""]
resources: ["pods/exec"]
verbs: ["create"]
Expand All @@ -110,6 +113,6 @@ jobs:
kubectl create secret tls orakl-backend-fe-tls \
--cert=/etc/letsencrypt/live/orakl.network/cert.pem \
--key=/etc/letsencrypt/live/orakl.network/privkey.pem \
--dry-run=client -o yaml | kubectl apply -f -
--dry-run=client -o yaml | kubectl apply -n orakl -f -
sleep infinity

0 comments on commit e5632e3

Please sign in to comment.