diff --git a/dev/tekton/dashboard.yaml b/dev/tekton/dashboard.yaml new file mode 100755 index 0000000..dfae974 --- /dev/null +++ b/dev/tekton/dashboard.yaml @@ -0,0 +1,292 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + labels: + app.kubernetes.io/component: dashboard + app.kubernetes.io/instance: default + app.kubernetes.io/part-of: tekton-dashboard + name: tekton-dashboard + namespace: tekton-pipelines +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + labels: + app.kubernetes.io/instance: default + app.kubernetes.io/part-of: tekton-dashboard + name: tekton-dashboard-info + namespace: tekton-pipelines +rules: + - apiGroups: + - "" + resourceNames: + - dashboard-info + resources: + - configmaps + verbs: + - get +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + app.kubernetes.io/component: dashboard + app.kubernetes.io/instance: default + app.kubernetes.io/part-of: tekton-dashboard + name: tekton-dashboard-backend +rules: + - apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: + - get + - list + - apiGroups: + - security.openshift.io + resources: + - securitycontextconstraints + verbs: + - use + - apiGroups: + - tekton.dev + resources: + - clustertasks + verbs: + - get + - list + - watch + - update + - apiGroups: + - triggers.tekton.dev + resources: + - clusterinterceptors + - clustertriggerbindings + verbs: + - get + - list + - watch + - update +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + app.kubernetes.io/component: dashboard + app.kubernetes.io/instance: default + app.kubernetes.io/part-of: tekton-dashboard + name: tekton-dashboard-tenant +rules: + - apiGroups: + - dashboard.tekton.dev + resources: + - extensions + verbs: + - get + - list + - watch + - update + - apiGroups: + - "" + resources: + - events + - namespaces + - pods + - pods/log + verbs: + - get + - list + - watch + - update + - apiGroups: + - tekton.dev + resources: + - tasks + - taskruns + - pipelines + - pipelineruns + - customruns + verbs: + - get + - list + - watch + - update + - apiGroups: + - triggers.tekton.dev + resources: + - eventlisteners + - interceptors + - triggerbindings + - triggers + - triggertemplates + verbs: + - get + - list + - watch +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + labels: + app.kubernetes.io/instance: default + app.kubernetes.io/part-of: tekton-dashboard + name: tekton-dashboard-info + namespace: tekton-pipelines +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: tekton-dashboard-info +subjects: + - apiGroup: rbac.authorization.k8s.io + kind: Group + name: system:authenticated +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + labels: + app.kubernetes.io/component: dashboard + app.kubernetes.io/instance: default + app.kubernetes.io/part-of: tekton-dashboard + rbac.dashboard.tekton.dev/subject: tekton-dashboard + name: tekton-dashboard-backend +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: tekton-dashboard-backend +subjects: + - kind: ServiceAccount + name: tekton-dashboard + namespace: tekton-pipelines +--- +apiVersion: v1 +data: + version: v0.36.0 +kind: ConfigMap +metadata: + labels: + app.kubernetes.io/instance: default + app.kubernetes.io/part-of: tekton-dashboard + name: dashboard-info + namespace: tekton-pipelines +--- +apiVersion: v1 +kind: Service +metadata: + labels: + app: tekton-dashboard + app.kubernetes.io/component: dashboard + app.kubernetes.io/instance: default + app.kubernetes.io/name: dashboard + app.kubernetes.io/part-of: tekton-dashboard + app.kubernetes.io/version: v0.36.0 + dashboard.tekton.dev/release: v0.36.0 + version: v0.36.0 + name: tekton-dashboard + namespace: tekton-pipelines +spec: + ports: + - name: http + port: 9097 + protocol: TCP + targetPort: 9097 + selector: + app.kubernetes.io/component: dashboard + app.kubernetes.io/instance: default + app.kubernetes.io/name: dashboard + app.kubernetes.io/part-of: tekton-dashboard +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app: tekton-dashboard + app.kubernetes.io/component: dashboard + app.kubernetes.io/instance: default + app.kubernetes.io/name: dashboard + app.kubernetes.io/part-of: tekton-dashboard + app.kubernetes.io/version: v0.36.0 + dashboard.tekton.dev/release: v0.36.0 + version: v0.36.0 + name: tekton-dashboard + namespace: tekton-pipelines +spec: + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/component: dashboard + app.kubernetes.io/instance: default + app.kubernetes.io/name: dashboard + app.kubernetes.io/part-of: tekton-dashboard + template: + metadata: + labels: + app: tekton-dashboard + app.kubernetes.io/component: dashboard + app.kubernetes.io/instance: default + app.kubernetes.io/name: dashboard + app.kubernetes.io/part-of: tekton-dashboard + app.kubernetes.io/version: v0.36.0 + name: tekton-dashboard + spec: + containers: + - args: + - --port=9097 + - --logout-url= + - --pipelines-namespace=tekton-pipelines + - --triggers-namespace=tekton-pipelines + - --read-only=no + - --log-level=info + - --log-format=json + - --namespace= + - --stream-logs=true + - --external-logs= + env: + - name: INSTALLED_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + image: gcr.io/tekton-releases/github.com/tektoncd/dashboard/cmd/dashboard:v0.36.0@sha256:e7058eabec6bc53bfb3505b637ea6208e6e81ff71a29a5f47a32fa0ed03cb5e4 + livenessProbe: + httpGet: + path: /health + port: 9097 + name: tekton-dashboard + ports: + - containerPort: 9097 + readinessProbe: + httpGet: + path: /readiness + port: 9097 + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + runAsGroup: 65532 + runAsNonRoot: true + runAsUser: 65532 + seccompProfile: + type: RuntimeDefault + nodeSelector: + kubernetes.io/os: linux + serviceAccountName: tekton-dashboard + volumes: [] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + labels: + app.kubernetes.io/component: dashboard + app.kubernetes.io/instance: default + app.kubernetes.io/part-of: tekton-dashboard + rbac.dashboard.tekton.dev/subject: tekton-dashboard + name: tekton-dashboard-tenant +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: tekton-dashboard-tenant +subjects: + - kind: ServiceAccount + name: tekton-dashboard + namespace: tekton-pipelines