apiVersion: apps/v1
kind: Deployment
metadata:
  name: backup-service
spec:
  replicas: 1
  selector:
    matchLabels:
      app: backup-service
  template:
    metadata:
      labels:
        app: backup-service
    spec:
      serviceAccount: backup-service
      containers:
        - name: backup-service
          image: harbor.k-space.ee/k-space/backup-service
          ports:
           - name: backup-service
             containerPort: 5000
          env:
            - name: TOKEN
              value: CYdCDFIvGX
---
apiVersion: v1
kind: ServiceAccount
metadata:
  name: backup-service
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  name: backup-service
rules:
- apiGroups:
  - ""
  resources:
  - namespaces
  verbs:
  - list
- apiGroups:
  - ""
  resources:
  - secrets
  verbs:
  - get
- apiGroups:
  - mongodbcommunity.mongodb.com
  resources:
  - mongodbcommunity
  verbs:
  - get
  - list
  - watch
- apiGroups:
  - mysql.oracle.com
  resources:
  - innodbclusters
  verbs:
  - get
  - list
  - watch
---
kind:  ClusterRoleBinding 
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: backup-service
  namespace: shared
subjects:
- kind: ServiceAccount
  name: backup-service
  namespace: shared
roleRef:
  kind:  ClusterRole 
  name: backup-service
  apiGroup: rbac.authorization.k8s.io