fix

share/gitea-tekton-org/rbac.tf

@@ -0,0 +1,46 @@
+
+resource "kubectl_manifest" "sa" {
+  yaml_body  = <<-EOF
+    apiVersion: v1
+    kind: ServiceAccount
+    metadata:
+      name: "${var.instance}-${var.component}"
+      namespace: "${var.namespace}"
+      labels: ${jsonencode(local.common-labels)}
+  EOF
+}
+resource "kubectl_manifest" "rb" {
+  yaml_body  = <<-EOF
+    apiVersion: rbac.authorization.k8s.io/v1
+    kind: RoleBinding
+    metadata:
+      name: "${var.instance}-${var.component}"
+      namespace: "${var.namespace}"
+      labels: ${jsonencode(local.common-labels)}
+    subjects:
+    - kind: ServiceAccount
+      name: "${var.instance}-${var.component}"
+    roleRef:
+      apiGroup: rbac.authorization.k8s.io
+      kind: ClusterRole
+      name: tekton-triggers-eventlistener-roles
+  EOF
+}
+resource "kubectl_manifest" "crb" {
+  yaml_body  = <<-EOF
+    apiVersion: rbac.authorization.k8s.io/v1
+    kind: ClusterRoleBinding
+    metadata:
+      name: "${var.namespace}-${var.instance}-${var.component}"
+      namespace: "${var.namespace}"
+      labels: ${jsonencode(local.common-labels)}
+    subjects:
+    - kind: ServiceAccount
+      name: "${var.instance}-${var.component}"
+      namespace: "${var.namespace}"
+    roleRef:
+      apiGroup: rbac.authorization.k8s.io
+      kind: ClusterRole
+      name: tekton-triggers-eventlistener-clusterroles
+  EOF
+}