diff --git a/src/k8s_operations.ts b/src/k8s_operations.ts index b0dba884c..a086d766a 100644 --- a/src/k8s_operations.ts +++ b/src/k8s_operations.ts @@ -119,7 +119,7 @@ export async function k8sdelete({ emailNoSymbols, isAdmin, userTeams }: Cloudtty await k8sApi.deleteNamespacedPod(`tty-${resourceName}`, namespace) if (!isAdmin) { for (const team of userTeams!) - await rbacAuthorizationV1Api.deleteNamespacedRoleBinding(`tty-${team}-rolebinding`, team) + await rbacAuthorizationV1Api.deleteNamespacedRoleBinding(`tty-${team}-${resourceName}-rolebinding`, team) } else await rbacAuthorizationV1Api.deleteClusterRoleBinding('tty-admin-clusterrolebinding') await k8sApi.deleteNamespacedService(`tty-${resourceName}`, namespace) diff --git a/src/ttyManifests/adminTtyManifests/tty_05_Vs.yaml b/src/ttyManifests/adminTtyManifests/tty_05_Vs.yaml index 4bd595b6c..edf0633ca 100644 --- a/src/ttyManifests/adminTtyManifests/tty_05_Vs.yaml +++ b/src/ttyManifests/adminTtyManifests/tty_05_Vs.yaml @@ -14,7 +14,7 @@ spec: prefix: /logout-otomi redirect: authority: auth.$FQDN - uri: /oauth2/sign_out?rd=https://keycloak.$FQDN/realms/otomi/protocol/openid-connect/logout?redirect_uri=https://otomi.$FQDN + uri: /oauth2/sign_out?rd=https://keycloak.$FQDN/realms/otomi/protocol/openid-connect/logout?redirect_uri=https://console.$FQDN - match: - uri: prefix: /$EMAIL diff --git a/src/ttyManifests/tty_03_Rolebinding.yaml b/src/ttyManifests/tty_03_Rolebinding.yaml index d1c671db0..fd4f940a8 100644 --- a/src/ttyManifests/tty_03_Rolebinding.yaml +++ b/src/ttyManifests/tty_03_Rolebinding.yaml @@ -1,7 +1,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: - name: tty-$TARGET_TEAM-rolebinding + name: tty-$TARGET_TEAM-$EMAIL-rolebinding namespace: $TARGET_TEAM roleRef: apiGroup: rbac.authorization.k8s.io diff --git a/src/ttyManifests/tty_05_Vs.yaml b/src/ttyManifests/tty_05_Vs.yaml index 4bd595b6c..edf0633ca 100644 --- a/src/ttyManifests/tty_05_Vs.yaml +++ b/src/ttyManifests/tty_05_Vs.yaml @@ -14,7 +14,7 @@ spec: prefix: /logout-otomi redirect: authority: auth.$FQDN - uri: /oauth2/sign_out?rd=https://keycloak.$FQDN/realms/otomi/protocol/openid-connect/logout?redirect_uri=https://otomi.$FQDN + uri: /oauth2/sign_out?rd=https://keycloak.$FQDN/realms/otomi/protocol/openid-connect/logout?redirect_uri=https://console.$FQDN - match: - uri: prefix: /$EMAIL