|
|
|
|
|
|
by ljm
1077 days ago
|
|
|
I do similar with K8S and RBAC. The most common action in a repo is going to be to update a deployment with a new image or resource config, so that’s all it can do. Still need a more permissive role to manage the cluster in other ways but you can isolate that and limit access to its repo. |
|
|