Kh add roles example (#10)

* add test service account

Author: Kaizhe

test-yaml/busy-box.yaml

@@ -2,7 +2,7 @@ apiVersion: v1
 kind: Pod
 metadata:
   name: my-busybox
-  namespace: default 
+  namespace: psp-test 
 spec:
   containers:
   - name: my-busybox-container

test-yaml/roles.yaml

@@ -0,0 +1,56 @@
+kind: ServiceAccount
+apiVersion: v1
+metadata:
+  name: psp-test-sa
+  namespace: psp-test
+---
+kind: Role
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: pod-creator-role
+  namespace: psp-test
+rules:
+- apiGroups: [""] 
+  resources: ["pods"]
+  verbs: ["get", "list", "watch", "create", "update", "patch", "delete"]
+---
+kind: RoleBinding
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: pod-creator-rolebinding
+  namespace: psp-test
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: Role
+  name: pod-creator-role 
+subjects:
+# Example: A specific service account in my-namespace
+- kind: ServiceAccount # Omit apiGroup
+  name: psp-test-sa
+  namespace: psp-test
+---
+kind: Role
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: psp-adopter-role
+  namespace: psp-test
+rules:
+- apiGroups: ['policy']
+  resources: ['podsecuritypolicies']
+  resourceNames: ['pod-security-policy-test']
+  verbs: ['use']
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+  name: psp-adopter-rolebinding
+  namespace: psp-test
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: Role
+  name: psp-adopter-role
+subjects:
+# Example: A specific service account in my-namespace
+- kind: ServiceAccount # Omit apiGroup
+  name: psp-test-sa
+  namespace: psp-test