juwan/juwan-backend
1
0
Fork 0
Code Issues Pull Requests Actions 3 Packages Projects Releases Wiki Activity

normalize line endings to LF and add envoy dockerfile in deploy/dev

Browse Source
This commit is contained in:
wwweww
2026-04-06 05:26:41 +08:00
parent 7ec8b2a8f0
commit c7a33d4174
39 changed files with 12916 additions and 12246 deletions
Download Patch File Download Diff File Expand all files Collapse all files
deploy/k8s/secrets/jwt-secret.yaml
+67 -67
View File
@@ -1,67 +1,67 @@
apiVersion: v1
kind: Secret
metadata:
name: jwt-secret
namespace: juwan
type: Opaque
data:
secret-key: MGUyMWE3ZDhjMTQ5ZDg1MWViOWU0MGM3OTE2NWVkYTBlOTE5ZWRkZDU1YjYzOGJjOWRiNzM0NTc4NDIyMjlkZQ==
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: user-rpc
namespace: juwan
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: envoy-gateway
namespace: juwan
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: jwt-secret-reader
namespace: juwan
rules:
# JWT Secret 读取权限
- apiGroups: [""]
resources: ["secrets"]
resourceNames: ["jwt-secret"]
verbs: ["get"]
# 服务发现权限
- apiGroups: [""]
resources: ["endpoints"]
verbs: ["get", "list", "watch"]
- apiGroups: ["discovery.k8s.io"]
resources: ["endpointslices"]
verbs: ["get", "list", "watch"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: user-rpc-jwt-secret-reader
namespace: juwan
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: jwt-secret-reader
subjects:
- kind: ServiceAccount
name: user-rpc
namespace: juwan
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: envoy-gateway-jwt-secret-reader
namespace: juwan
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: jwt-secret-reader
subjects:
- kind: ServiceAccount
name: envoy-gateway
namespace: juwan
apiVersion: v1
kind: Secret
metadata:
name: jwt-secret
namespace: juwan
type: Opaque
data:
secret-key: MGUyMWE3ZDhjMTQ5ZDg1MWViOWU0MGM3OTE2NWVkYTBlOTE5ZWRkZDU1YjYzOGJjOWRiNzM0NTc4NDIyMjlkZQ==
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: user-rpc
namespace: juwan
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: envoy-gateway
namespace: juwan
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: jwt-secret-reader
namespace: juwan
rules:
# JWT Secret 读取权限
- apiGroups: [""]
resources: ["secrets"]
resourceNames: ["jwt-secret"]
verbs: ["get"]
# 服务发现权限
- apiGroups: [""]
resources: ["endpoints"]
verbs: ["get", "list", "watch"]
- apiGroups: ["discovery.k8s.io"]
resources: ["endpointslices"]
verbs: ["get", "list", "watch"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: user-rpc-jwt-secret-reader
namespace: juwan
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: jwt-secret-reader
subjects:
- kind: ServiceAccount
name: user-rpc
namespace: juwan
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: envoy-gateway-jwt-secret-reader
namespace: juwan
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: jwt-secret-reader
subjects:
- kind: ServiceAccount
name: envoy-gateway
namespace: juwan