I have a kind: Role with the following rule
rules:
- apiGroups: [""]
resources: ["namespaces", "configmaps", "secrets", "pods", "replicationcontrollers", "services", "serviceaccounts"]
verbs: ["get", "watch", "list"]
This works fine just by itself, nothing wrong at all.
Now I also have another rule
rules:
- apiGroups: ["apps"]
resources: ["deployments", "daemonsets", "replicasets"]
verbs: ["get", "watch", "list"]
Perfectly fine also
My issue is if I try to merge them together like:
rules:
- apiGroups: [""]
resources: ["namespaces", "configmaps", "secrets", "pods", "replicationcontrollers", "services", "serviceaccounts"]
verbs: ["get", "watch", "list"]
- apiGroups: ["apps"]
resources: ["deployments", "daemonsets", "replicasets"]
verbs: ["get", "watch", "list"]
I get an error saying Error: INSTALLATION FAILED: YAML parse error on myproject/templates/rbac.yaml: error converting YAML to JSON: yaml: line 27: did not find expected key.
Am I missing a syntax error or how can you use multiple apiGroups under the same rules?
I know that I could do - apiGroups: ["", "apps"] but then Openshift with its infinite wisdom thinks there are namespaces under apps etc and gives a role error for the non cluster-admin user trying to get access to namespaces.apps etc.
