我想使用多种服务进行系统测试。在测试过程中,我想阻止给定名称空间的部署,以实现稳定的环境。这样的锁有可能吗?
我的用例是CI / CD流:
我将拥有bitbucket / gitlab管道,部署服务。然后,我想在名称空间内的多个服务之间执行系统测试。在此系统测试期间,我想阻止部署以使测试更稳定。
答案 0 :(得分:2)
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: user
namespace: mynamespace
---
kind: Role
apiVersion: rbac.authorization.k8s.io/v1beta1
metadata:
name: user-full-access
namespace: mynamespace
rules:
- apiGroups: ["", "extensions", "apps"]
resources: ["*"]
verbs: ["*"]
- apiGroups: ["batch"]
resources:
- jobs
- cronjobs
verbs: ["*"]
---
kind: RoleBinding
apiVersion: rbac.authorization.k8s.io/v1beta1
metadata:
name: mynamespace-user-view
namespace: mynamespace
subjects:
- kind: ServiceAccount
name: user
namespace: mynamespace
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: user-full-access