Setup build

2025-04-18 02:29:41 +02:00
parent 758b7cd760
commit 922291dd02
8 changed files with 204 additions and 0 deletions
--- a/manifests/cluster-role-binding.yaml
+++ b/manifests/cluster-role-binding.yaml
@@ -0,0 +1,11 @@
+kind: ClusterRoleBinding
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: authelia-controller
+subjects:
+  - kind: ServiceAccount
+    name: authelia-controller
+roleRef:
+  kind: ClusterRole
+  name: authelia-controller
+  apiGroup: rbac.authorization.k8s.io
--- a/manifests/cluster-role.yaml
+++ b/manifests/cluster-role.yaml
@@ -0,0 +1,20 @@
+kind: ClusterRole
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: authelia-controller
+rules:
+  - apiGroups:
+      - authelia.huizinga.dev
+    resources:
+      - accesscontrolrules
+      - accesscontrolrules/status
+      - accesscontrolrules/finalizers
+    verbs:
+      - "*"
+  - apiGroups:
+      - ""
+    resources:
+      - secrets
+      - deployments
+    verbs:
+      - "*"
--- a/manifests/deployment.yaml
+++ b/manifests/deployment.yaml
@@ -0,0 +1,36 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: authelia-controller
+  labels:
+    app: authelia-controller
+    app.kubernetes.io/name: authelia-controller
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: authelia-controller
+  template:
+    metadata:
+      labels:
+        app: authelia-controller
+      annotations:
+        kubectl.kubernetes.io/default-container: authelia-controller
+    spec:
+      serviceAccountName: authelia-controller
+      securityContext: {}
+      containers:
+        - name: authelia-controller
+          image: git.huizinga.dev/dreaded_x/authelia-controller@${DIGEST}
+          imagePullPolicy: IfNotPresent
+          securityContext: {}
+          resources:
+            limits:
+              cpu: 200m
+              memory: 256Mi
+            requests:
+              cpu: 50m
+              memory: 100Mi
+          env:
+            - name: RUST_LOG
+              value: info,authelia_controller=debug
--- a/manifests/kustomization.yaml
+++ b/manifests/kustomization.yaml
@@ -0,0 +1,9 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+namespace: lldap
+resources:
+  - ./crds.yaml
+  - ./service-account.yaml
+  - ./cluster-role.yaml
+  - ./cluster-role-binding.yaml
+  - ./deployment.yaml
--- a/manifests/service-account.yaml
+++ b/manifests/service-account.yaml
@@ -0,0 +1,8 @@
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: authelia-controller
+  labels:
+    app: authelia-controller
+    app.kubernetes.io/name: authelia-controller
+automountServiceAccountToken: true