From b0686db68fdc3b8d968d94fa132b1dd6183cfa67 Mon Sep 17 00:00:00 2001
From: Stefan Prodan <stefan.prodan@gmail.com>
Date: Wed, 10 Apr 2024 09:10:20 +0300
Subject: [PATCH] Add SA for apps impersonation

Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
---
 clusters/staging/tenants/podinfo.yaml | 12 ++----------
 clusters/staging/tenants/staging.yaml | 14 ++++++++++++++
 2 files changed, 16 insertions(+), 10 deletions(-)
 create mode 100644 clusters/staging/tenants/staging.yaml

diff --git a/clusters/staging/tenants/podinfo.yaml b/clusters/staging/tenants/podinfo.yaml
index b7b80e7..4f4f3e2 100644
--- a/clusters/staging/tenants/podinfo.yaml
+++ b/clusters/staging/tenants/podinfo.yaml
@@ -5,14 +5,6 @@ metadata:
   labels:
     toolkit.fluxcd.io/tenant: dev-team
 ---
-apiVersion: v1
-kind: ServiceAccount
-metadata:
-  labels:
-    toolkit.fluxcd.io/tenant: dev-team
-  name: flux
-  namespace: podinfo
----
 apiVersion: rbac.authorization.k8s.io/v1
 kind: RoleBinding
 metadata:
@@ -28,5 +20,5 @@ roleRef:
   name: cluster-admin
 subjects:
   - kind: ServiceAccount
-    name: flux
-    namespace: podinfo
+    name: flux-apps
+    namespace: staging
diff --git a/clusters/staging/tenants/staging.yaml b/clusters/staging/tenants/staging.yaml
new file mode 100644
index 0000000..3cb1e2f
--- /dev/null
+++ b/clusters/staging/tenants/staging.yaml
@@ -0,0 +1,14 @@
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: staging
+  labels:
+    toolkit.fluxcd.io/tenant: dev-team
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  labels:
+    toolkit.fluxcd.io/tenant: dev-team
+  name: flux-apps
+  namespace: staging