service account privileges required

[mingsterism]

Hi,
How can i create the service account with the right privileges. What sort of privileges would they be?

Can I use the default service account? It seems that drone is using it by default.
My Logs below

1 | + kubectl apply -f deployment.yaml
-- | --
2 | User "default" set.
3 | Cluster "default" set.
4 | Context "default" created.
5 | Switched to context "default".
6 | unable to recognize "deployment.yaml": Unauthorized
7 | unable to recognize "deployment.yaml": Unauthorized

Thanks for the clarifications
Ming

[ynilu]

You can create service account with an yaml file just like other Kubernetes objects.
What privileges are required depends on what you would like to do with drone-kubectl
e.g. If you want to change the replicas of a deployment, it's required to give the service account you used for drone-kubectl the permission to write deployment.

[mingsterism]

how come in the code init-kubectl, it seems to hardcode the context and cluster to default. But my drone-runner is running in a different context. is there a way to change it?
Also the env PLUGIN_NAMESPACE does not seem to be used. Any ideas?