forked from gardener/gardener
-
Notifications
You must be signed in to change notification settings - Fork 0
/
05-project-dev.yaml
38 lines (38 loc) · 1.23 KB
/
05-project-dev.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
# Project objects logically group team members, secrets, and Shoot clusters. They result in Kubernetes namespaces
# prefixed with "garden-".
---
apiVersion: core.gardener.cloud/v1beta1
kind: Project
metadata:
name: dev
spec:
owner:
apiGroup: rbac.authorization.k8s.io
kind: User
name: john.doe@example.com
members:
- apiGroup: rbac.authorization.k8s.io
kind: User
name: alice.doe@example.com
role: admin
# roles: # Additional roles go here
# - viewer
# - uam # User access manager
- apiGroup: rbac.authorization.k8s.io
kind: User
name: bob.doe@example.com
role: viewer
# roles: # Additional roles go here
# - extension:myrole
# description: "This is my first project"
# purpose: "Experimenting with Gardener"
# The `spec.namespace` field is optional and will be initialized if unset - the resulting
# namespace will be generated and look like "garden-dev-<random-chars>", e.g. "garden-dev-5z43z".
# If the namespace is set then the namespace must be labelled with `gardener.cloud/role: project`
# and `project.gardener.cloud/name: <project-name>` (<project-name>=dev in this case).
namespace: garden-dev
# tolerations:
# defaults:
# - key: <some-key>
# whitelist:
# - key: <some-key>