New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Read-only service accounts for automation and CI/CD #1899
Conversation
…atform/cloud-foundation-fabric into ludo/fast-cicd-permissions
…atform/cloud-foundation-fabric into ludo/fast-cicd-permissions
This is now ready, barring some IAM tweaks for the stage 2 and 3 CI/CD read-only service accounts, which I will test today. It can be reviewed, additional roles will be added before merging but won't change the PR structure. |
This is now ready for review. The second set of service accounts is still missing from multitenant stages, but I will add it once the approach has been validated. CI/CD tested with actual repositories for stages 0, 1, and 2 networking. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
lgtm 🧑🎄
Left a couple of small comments
WIP, design document in this PR has the rationale and explanation of changes.
This PR also
custom_role_names
variable from FAST stage 0Test errors will be expected until this has been completed.