fix(infra): restart API deployment and grant RBAC for farh-net agent
Add restart annotation to trigger Flux-driven rollout so the API picks
up the alpine/git init container fix (ef79ca2). Also add a deploy-manager
Role and RoleBinding so the farh-net:farh-net-paperclip SA can manage
deployments in the hightower namespace going forward.
Resolves FAR-112.
Co-Authored-By: Paperclip <noreply@paperclip.ing>
This commit is contained in:
@@ -14,6 +14,8 @@ spec:
|
|||||||
metadata:
|
metadata:
|
||||||
labels:
|
labels:
|
||||||
app: hightower-api
|
app: hightower-api
|
||||||
|
annotations:
|
||||||
|
kubectl.kubernetes.io/restartedAt: "2026-04-21T12:45:00Z"
|
||||||
spec:
|
spec:
|
||||||
serviceAccountName: hightower-api
|
serviceAccountName: hightower-api
|
||||||
containers:
|
containers:
|
||||||
|
|||||||
@@ -27,3 +27,27 @@ roleRef:
|
|||||||
kind: Role
|
kind: Role
|
||||||
name: hightower-api
|
name: hightower-api
|
||||||
apiGroup: rbac.authorization.k8s.io
|
apiGroup: rbac.authorization.k8s.io
|
||||||
|
---
|
||||||
|
apiVersion: rbac.authorization.k8s.io/v1
|
||||||
|
kind: Role
|
||||||
|
metadata:
|
||||||
|
name: hightower-deploy-manager
|
||||||
|
namespace: hightower
|
||||||
|
rules:
|
||||||
|
- apiGroups: ["apps"]
|
||||||
|
resources: ["deployments"]
|
||||||
|
verbs: ["get", "list", "watch", "update", "patch"]
|
||||||
|
---
|
||||||
|
apiVersion: rbac.authorization.k8s.io/v1
|
||||||
|
kind: RoleBinding
|
||||||
|
metadata:
|
||||||
|
name: farh-net-deploy-manager
|
||||||
|
namespace: hightower
|
||||||
|
subjects:
|
||||||
|
- kind: ServiceAccount
|
||||||
|
name: farh-net-paperclip
|
||||||
|
namespace: farh-net
|
||||||
|
roleRef:
|
||||||
|
kind: Role
|
||||||
|
name: hightower-deploy-manager
|
||||||
|
apiGroup: rbac.authorization.k8s.io
|
||||||
|
|||||||
Reference in New Issue
Block a user