# RBAC for lifecycle sidecar - allows self-deletion only
# Each agent pod gets this ServiceAccount and can only delete its own deployment
---
apiVersion: v1
kind: ServiceAccount
metadata:
  name: agent-lifecycle
  namespace: dexorder-agents
---
# Role allowing deletion of deployments and PVCs
# This is scoped to the dexorder-agents namespace
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
  name: agent-self-delete
  namespace: dexorder-agents
rules:
  # Allow getting and deleting deployments
  - apiGroups: ["apps"]
    resources: ["deployments"]
    verbs: ["get", "delete"]
  
  # Allow getting and deleting PVCs (for anonymous users)
  - apiGroups: [""]
    resources: ["persistentvolumeclaims"]
    verbs: ["get", "delete"]
  
  # Read-only access to pods (for status checking)
  - apiGroups: [""]
    resources: ["pods"]
    verbs: ["get", "list"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
  name: agent-self-delete
  namespace: dexorder-agents
subjects:
  - kind: ServiceAccount
    name: agent-lifecycle
    namespace: dexorder-agents
roleRef:
  kind: Role
  name: agent-self-delete
  apiGroup: rbac.authorization.k8s.io
---
# Additional security: ValidatingWebhookConfiguration to restrict deletion
# This ensures sidecars can only delete their own deployment
# Requires a validating webhook server (can be added later)
# For now, we rely on:
# 1. Sidecar only knowing its own deployment name (from env)
# 2. RBAC limiting to dexorder-agents namespace
# 3. Admission policy restricting deployment creation (already defined)