feat(helm): update rook-ceph ( v1.16.2 → v1.17.0 ) #738

flowbie-bot · 2025-04-19T00:28:06Z

This PR contains the following updates:

Package	Update	Change
rook-ceph	minor	`v1.16.2` -> `v1.17.0`

Release Notes

rook/rook (rook-ceph)

`v1.17.0`

Compare Source

Upgrade Guide

To upgrade from previous versions of Rook, see the Rook upgrade guide.

Breaking Changes

Kubernetes v1.28 is now the minimum version supported by Rook through the soon-to-be K8s release v1.33.
Several ObjectBucketClaim options were added previously in Rook v1.16 that allowed more control over buckets. These controls allow users to self-serve their own S3 policies. Administrators may consider this flexibility a risk, depending on their environment. Rook now disables these options by default to ensure the safest off-the-shelf configurations. To enable the full range of OBC configurations, the new setting ROOK_OBC_ALLOW_ADDITIONAL_CONFIG_FIELDS must be set to enable users to set all of these options. For more details, see the OBC additionalConfig documentation.
First-class credential management added to CephObjectStoreUser resources, allowing multiple credentials and declarative credential rotation. For more details, see Managing User S3 Credentials. As a result, existing S3 users provisioned via CephObjectStoreUser resources no longer allow multiple credentials to exist on underlying S3 users, unless explicitly managed by Rook. Rook will purge all but one of the undeclared credentials. This could be a user observable regression for administrators who manually edited/rotated S3 user credentials for CephObjectStoreUsers, and affected users can make use of the new credential management feature as an alternative.
Kafka notifications configured via CephBucketTopic resources will now default to setting the Kafka authentication mechanism to PLAIN. Previously, no auth mechanism was specified by default. It was possible to set the auth mechanism via CephBucketTopic.spec.endpoint.kafka.opaqueData. However, setting &mechanism=<auth type> via opaqueData is no longer possible. If any auth mechanism other than PLAIN is in use, modification to CephBucketTopic resources is required.

Features

The name of a pre-existing Ceph RGW user account can be set as the bucket owner on an ObjectBucketClaim (OBC), rather than a unique RGW user being created for every bucket. A CephObjectStoreUser resource may be used to create the Ceph RGW user account which will be specified on the OBC. If the bucket owner is set on a bucket that already exists and is owned by a different user, the bucket will be re-linked to the specified user.
The Ceph CSI 3.14 release has a number of features and improvements for RBD and CephFS volumes, volume snapshots, and many more areas. See the Ceph CSI 3.14 release notes for more details.
External mons: In some two-datacenter clusters, there is no option to start an arbiter mon in an independent K8s node to configure a proper stretch cluster. The external mons now allow a mon to be configured outside the Kubernetes cluster, while Rook manages everything else inside the cluster. For more details, see the External Mon documentation. This feature is in currently in experimental mode.
DNS resolution for mons: Allows clients outside the K8s cluster to resolve mon endpoints via DNS without requiring manual updates to the list of mon endpoints. This helps in scenarios such as virtual machine live migration. The Ceph client can connect to rook-ceph-active-mons..svc.cluster.local to dynamically resolve mon endpoints and receive automatic updates when mon IPs change. To configure this DNS resolution, see Tracking Mon Endpoints.
Node-specific ceph.conf overrides: The ceph.conf overrides can now be customized per-node. This may be helpful for some ceph.conf settings that need to be unique per node depending on the hardware. This can be configured by creating a node-specific configmap that will be loaded for all OSDs and OSD prepare jobs on that node, instead of the default settings that are loaded from the rook-config-override configmap.

`v1.16.7`

Compare Source

Improvements

Rook v1.16.7 is a patch release limited in scope and focusing on feature additions and bug fixes to the Ceph operator.

core: Set default Ceph version to v19.2.2 (#15704, @travisn)
mon: Ensure mon canary pods are cleaned up for multicluster service (#15718, @sp98)
core: Print correct OSD ID in key rotation logs (#15727, @sp98)
helm: Add labels to ingress resource (#15719, @chkpwd)
core: Update cephstatus fsmap gid type to uint64 (#15690, @BlaineEXE)
pool: Retry status update on fail (#15593, @prazumovsky)
helm: Allow specifying an ingress object store port to override default (#15669, @travisn)
rbdmirror: Fix the rados namespace health checkup (#15677, @parth-gr)
osd: Stabilize oscillating maxUnavailable in pdbs in case of node drain (#15634, @sp98)
ci: Update x/net version to fix snyk report (#15659, @subhamkrai)
nfs: Set allow_set_io_flusher_fail=true in config (#15652, @BlaineEXE)

`v1.16.6`

Compare Source

Improvements

Rook v1.16.6 is a patch release limited in scope and focusing on feature additions and bug fixes to the Ceph operator.

ci: Publish the Helm charts to OCI repos (#15542, @a1994sc)
osd: Adjust OSD PDBs if they are down but PGs are clean (#15408, @sp98)
build: bump github.com/golang-jwt/jwt/v5 from 5.2.1 to 5.2.2 (#15561, @dependabot[bot])
csi: Update ceph csi release version to v3.13.1 (#15510, @yati1998)
object: All CephBucketTopic reconcile errors set .status.phase (#15562, @jhoblitt)
operator: Set dns policy for host network if needed (#15553, @travisn)
core: Improve error messages from ceph commands (#15528, @Madhu-1)
docs: Update commands for zapping devices during cluster cleanup (#15565, @puskunalis)

`v1.16.5`

Compare Source

Improvements

Rook v1.16.5 is a patch release limited in scope and focusing on feature additions and bug fixes to the Ceph operator.

ci: Push rook image to repositories quay.io and ghcr.io (#15274, @subhamkrai)
object: Allow overriding rgw config value from secret (#15426, @arttor)
exporter: Add missing rook-ceph-exporter container port definition (#15496, @patrostkowski)
mgr: Wait for builtin mgr pool to exist before enabling stretch (#15470, @travisn)
security: bump go-jose package from 4.0.4 to 4.0.5 (#15456, @dependabot)
mds: Correct parameters to mds liveness probe (#15424, @parth-gr)
docs: Add comprehensive Rook Ceph cluster maintenance guide (#15455, @patrostkowski)
core: Query env vars instead of polling the operator settings configmap (#15442, @travisn)
csi-addons: Bind cephfs and rbd provisioners on non-colliding ports (#15433, @SkalaNetworks)
helm: Quote object store ingress hostname (#15443, @FabianPonce)

`v1.16.4`

Compare Source

Improvements

Rook v1.16.4 is a patch release limited in scope and focusing on feature additions and bug fixes to the Ceph operator.

manifest: Update default Ceph version to v19.2.1 (#15392, @subhamkrai)
osd: Avoid lvm device scan deadlock in activate (#15377, @sfackler)
nfs: Workaround nfs-ganesha config parser for single quotes (#15393, @BlaineEXE)
osd: Enable osd ok-to-stop checks on single node where there are at least three OSDs (#15370, @travisn)
helm: Support for custom pod labels in operator deployment config (#15372, @hans-fischer)
helm: Fix hardcoded namespace in cephECBlockPool StorageClass (#15402, @KarolGongola)
helm: add support for ingress path type (#15385, @HoKim98)
helm: Fix deploy notes documentation link to CRDs (#15404, @jcookin)

`v1.16.3`

Compare Source

Improvements

Rook v1.16.3 is a patch release limited in scope and focusing on feature additions and bug fixes to the Ceph operator.

external: Allow rbd, cephfs, or rgw only deployments (#15358, @parth-gr)
csi: Update experimental csi-operator to v0.2.0 (#15344, @subhamkrai)
osd: Hostname topology label (#15255, @arttor)
core: Improve operator error logging for ok-to-stop failures (#15184, @OdedViner)
mon: Log mon db config values with trace lvl (#15309, @arttor)
rgw: Fix error handling for secret lookup (#15306, @sfackler)
object: add bucketLifecycle to OBCs (#15263, @jhoblitt)

Configuration

📅 Schedule: Branch creation - "every weekend" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

If you want to rebase/retry this PR, check this box

This PR has been generated by Renovate Bot.

github-actions · 2025-04-19T00:28:27Z

--- kubernetes/apps/rook-ceph/rook-ceph/app Kustomization: flux-system/rook-ceph HelmRelease: rook-ceph/rook-ceph-operator

+++ kubernetes/apps/rook-ceph/rook-ceph/app Kustomization: flux-system/rook-ceph HelmRelease: rook-ceph/rook-ceph-operator

@@ -13,13 +13,13 @@

     spec:
       chart: rook-ceph
       sourceRef:
         kind: HelmRepository
         name: rook-ceph
         namespace: flux-system
-      version: v1.16.2
+      version: v1.19.0
   dependsOn:
   - name: snapshot-controller
     namespace: storage
   install:
     remediation:
       retries: 3

github-actions · 2025-04-19T00:28:29Z

--- HelmRelease: rook-ceph/rook-ceph-operator ServiceAccount: rook-ceph/rook-ceph-osd

+++ HelmRelease: rook-ceph/rook-ceph-operator ServiceAccount: rook-ceph/rook-ceph-osd

@@ -1,13 +1,15 @@

 ---
+kind: ServiceAccount
 apiVersion: v1
-kind: ServiceAccount
 metadata:
   name: rook-ceph-osd
   namespace: rook-ceph
   labels:
     operator: rook
     storage-backend: ceph
+    app.kubernetes.io/name: rook-ceph
+    app.kubernetes.io/instance: rook-ceph-operator
     app.kubernetes.io/part-of: rook-ceph-operator
     app.kubernetes.io/managed-by: Helm
     app.kubernetes.io/created-by: helm
 
--- HelmRelease: rook-ceph/rook-ceph-operator ServiceAccount: rook-ceph/rook-ceph-mgr

+++ HelmRelease: rook-ceph/rook-ceph-operator ServiceAccount: rook-ceph/rook-ceph-mgr

@@ -1,13 +1,15 @@

 ---
+kind: ServiceAccount
 apiVersion: v1
-kind: ServiceAccount
 metadata:
   name: rook-ceph-mgr
   namespace: rook-ceph
   labels:
     operator: rook
     storage-backend: ceph
+    app.kubernetes.io/name: rook-ceph
+    app.kubernetes.io/instance: rook-ceph-operator
     app.kubernetes.io/part-of: rook-ceph-operator
     app.kubernetes.io/managed-by: Helm
     app.kubernetes.io/created-by: helm
 
--- HelmRelease: rook-ceph/rook-ceph-operator ServiceAccount: rook-ceph/rook-ceph-cmd-reporter

+++ HelmRelease: rook-ceph/rook-ceph-operator ServiceAccount: rook-ceph/rook-ceph-cmd-reporter

@@ -1,13 +1,15 @@

 ---
+kind: ServiceAccount
 apiVersion: v1
-kind: ServiceAccount
 metadata:
   name: rook-ceph-cmd-reporter
   namespace: rook-ceph
   labels:
     operator: rook
     storage-backend: ceph
+    app.kubernetes.io/name: rook-ceph
+    app.kubernetes.io/instance: rook-ceph-operator
     app.kubernetes.io/part-of: rook-ceph-operator
     app.kubernetes.io/managed-by: Helm
     app.kubernetes.io/created-by: helm
 
--- HelmRelease: rook-ceph/rook-ceph-operator ServiceAccount: rook-ceph/rook-ceph-purge-osd

+++ HelmRelease: rook-ceph/rook-ceph-operator ServiceAccount: rook-ceph/rook-ceph-purge-osd

@@ -1,7 +1,15 @@

 ---
+kind: ServiceAccount
 apiVersion: v1
-kind: ServiceAccount
 metadata:
   name: rook-ceph-purge-osd
   namespace: rook-ceph
+  labels:
+    operator: rook
+    storage-backend: ceph
+    app.kubernetes.io/name: rook-ceph
+    app.kubernetes.io/instance: rook-ceph-operator
+    app.kubernetes.io/part-of: rook-ceph-operator
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/created-by: helm
 
--- HelmRelease: rook-ceph/rook-ceph-operator ServiceAccount: rook-ceph/rook-ceph-rgw

+++ HelmRelease: rook-ceph/rook-ceph-operator ServiceAccount: rook-ceph/rook-ceph-rgw

@@ -1,13 +1,15 @@

 ---
+kind: ServiceAccount
 apiVersion: v1
-kind: ServiceAccount
 metadata:
   name: rook-ceph-rgw
   namespace: rook-ceph
   labels:
     operator: rook
     storage-backend: ceph
+    app.kubernetes.io/name: rook-ceph
+    app.kubernetes.io/instance: rook-ceph-operator
     app.kubernetes.io/part-of: rook-ceph-operator
     app.kubernetes.io/managed-by: Helm
     app.kubernetes.io/created-by: helm
 
--- HelmRelease: rook-ceph/rook-ceph-operator ServiceAccount: rook-ceph/rook-ceph-default

+++ HelmRelease: rook-ceph/rook-ceph-operator ServiceAccount: rook-ceph/rook-ceph-default

@@ -1,10 +1,15 @@

 ---
+kind: ServiceAccount
 apiVersion: v1
-kind: ServiceAccount
 metadata:
   name: rook-ceph-default
   namespace: rook-ceph
   labels:
     operator: rook
     storage-backend: ceph
+    app.kubernetes.io/name: rook-ceph
+    app.kubernetes.io/instance: rook-ceph-operator
+    app.kubernetes.io/part-of: rook-ceph-operator
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/created-by: helm
 
--- HelmRelease: rook-ceph/rook-ceph-operator ServiceAccount: rook-ceph/rook-ceph-system

+++ HelmRelease: rook-ceph/rook-ceph-operator ServiceAccount: rook-ceph/rook-ceph-system

@@ -1,13 +1,15 @@

 ---
+kind: ServiceAccount
 apiVersion: v1
-kind: ServiceAccount
 metadata:
   name: rook-ceph-system
   namespace: rook-ceph
   labels:
     operator: rook
     storage-backend: ceph
+    app.kubernetes.io/name: rook-ceph
+    app.kubernetes.io/instance: rook-ceph-operator
     app.kubernetes.io/part-of: rook-ceph-operator
     app.kubernetes.io/managed-by: Helm
     app.kubernetes.io/created-by: helm
 
--- HelmRelease: rook-ceph/rook-ceph-operator ServiceAccount: rook-ceph/rook-csi-cephfs-plugin-sa

+++ HelmRelease: rook-ceph/rook-ceph-operator ServiceAccount: rook-ceph/rook-csi-cephfs-plugin-sa

@@ -1,7 +1,15 @@

 ---
+kind: ServiceAccount
 apiVersion: v1
-kind: ServiceAccount
 metadata:
   name: rook-csi-cephfs-plugin-sa
   namespace: rook-ceph
+  labels:
+    operator: rook
+    storage-backend: ceph
+    app.kubernetes.io/name: rook-ceph
+    app.kubernetes.io/instance: rook-ceph-operator
+    app.kubernetes.io/part-of: rook-ceph-operator
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/created-by: helm
 
--- HelmRelease: rook-ceph/rook-ceph-operator ServiceAccount: rook-ceph/rook-csi-cephfs-provisioner-sa

+++ HelmRelease: rook-ceph/rook-ceph-operator ServiceAccount: rook-ceph/rook-csi-cephfs-provisioner-sa

@@ -1,7 +1,15 @@

 ---
+kind: ServiceAccount
 apiVersion: v1
-kind: ServiceAccount
 metadata:
   name: rook-csi-cephfs-provisioner-sa
   namespace: rook-ceph
+  labels:
+    operator: rook
+    storage-backend: ceph
+    app.kubernetes.io/name: rook-ceph
+    app.kubernetes.io/instance: rook-ceph-operator
+    app.kubernetes.io/part-of: rook-ceph-operator
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/created-by: helm
 
--- HelmRelease: rook-ceph/rook-ceph-operator ServiceAccount: rook-ceph/rook-csi-rbd-plugin-sa

+++ HelmRelease: rook-ceph/rook-ceph-operator ServiceAccount: rook-ceph/rook-csi-rbd-plugin-sa

@@ -1,7 +1,15 @@

 ---
+kind: ServiceAccount
 apiVersion: v1
-kind: ServiceAccount
 metadata:
   name: rook-csi-rbd-plugin-sa
   namespace: rook-ceph
+  labels:
+    operator: rook
+    storage-backend: ceph
+    app.kubernetes.io/name: rook-ceph
+    app.kubernetes.io/instance: rook-ceph-operator
+    app.kubernetes.io/part-of: rook-ceph-operator
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/created-by: helm
 
--- HelmRelease: rook-ceph/rook-ceph-operator ServiceAccount: rook-ceph/rook-csi-rbd-provisioner-sa

+++ HelmRelease: rook-ceph/rook-ceph-operator ServiceAccount: rook-ceph/rook-csi-rbd-provisioner-sa

@@ -1,7 +1,15 @@

 ---
+kind: ServiceAccount
 apiVersion: v1
-kind: ServiceAccount
 metadata:
   name: rook-csi-rbd-provisioner-sa
   namespace: rook-ceph
+  labels:
+    operator: rook
+    storage-backend: ceph
+    app.kubernetes.io/name: rook-ceph
+    app.kubernetes.io/instance: rook-ceph-operator
+    app.kubernetes.io/part-of: rook-ceph-operator
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/created-by: helm
 
--- HelmRelease: rook-ceph/rook-ceph-operator ServiceAccount: rook-ceph/objectstorage-provisioner

+++ HelmRelease: rook-ceph/rook-ceph-operator ServiceAccount: rook-ceph/objectstorage-provisioner

@@ -1,9 +1,9 @@

 ---
+kind: ServiceAccount
 apiVersion: v1
-kind: ServiceAccount
 metadata:
   name: objectstorage-provisioner
   namespace: rook-ceph
   labels:
     app.kubernetes.io/part-of: container-object-storage-interface
     app.kubernetes.io/component: driver-ceph
--- HelmRelease: rook-ceph/rook-ceph-operator ConfigMap: rook-ceph/rook-ceph-operator-config

+++ HelmRelease: rook-ceph/rook-ceph-operator ConfigMap: rook-ceph/rook-ceph-operator-config

@@ -1,18 +1,28 @@

 ---
 kind: ConfigMap
 apiVersion: v1
 metadata:
   name: rook-ceph-operator-config
   namespace: rook-ceph
+  labels:
+    operator: rook
+    storage-backend: ceph
+    app.kubernetes.io/name: rook-ceph
+    app.kubernetes.io/instance: rook-ceph-operator
+    app.kubernetes.io/part-of: rook-ceph-operator
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/created-by: helm
 data:
   ROOK_LOG_LEVEL: INFO
   ROOK_CEPH_COMMANDS_TIMEOUT_SECONDS: '15'
   ROOK_OBC_WATCH_OPERATOR_NAMESPACE: 'true'
+  ROOK_OBC_ALLOW_ADDITIONAL_CONFIG_FIELDS: maxObjects,maxSize
   ROOK_CEPH_ALLOW_LOOP_DEVICES: 'false'
   ROOK_ENABLE_DISCOVERY_DAEMON: 'true'
+  ROOK_USE_CSI_OPERATOR: 'true'
   ROOK_CSI_ENABLE_RBD: 'true'
   ROOK_CSI_ENABLE_CEPHFS: 'true'
   ROOK_CSI_DISABLE_DRIVER: 'false'
   CSI_ENABLE_CEPHFS_SNAPSHOTTER: 'true'
   CSI_ENABLE_NFS_SNAPSHOTTER: 'true'
   CSI_ENABLE_RBD_SNAPSHOTTER: 'true'
@@ -25,21 +35,22 @@

   CSI_PLUGIN_PRIORITY_CLASSNAME: system-node-critical
   CSI_PROVISIONER_PRIORITY_CLASSNAME: system-cluster-critical
   CSI_RBD_FSGROUPPOLICY: File
   CSI_CEPHFS_FSGROUPPOLICY: File
   CSI_NFS_FSGROUPPOLICY: File
   CSI_CEPHFS_KERNEL_MOUNT_OPTIONS: ms_mode=prefer-crc
-  ROOK_CSI_CEPH_IMAGE: quay.io/cephcsi/cephcsi:v3.13.0
-  ROOK_CSI_REGISTRAR_IMAGE: registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.13.0
-  ROOK_CSI_PROVISIONER_IMAGE: registry.k8s.io/sig-storage/csi-provisioner:v5.1.0
-  ROOK_CSI_SNAPSHOTTER_IMAGE: registry.k8s.io/sig-storage/csi-snapshotter:v8.2.0
-  ROOK_CSI_ATTACHER_IMAGE: registry.k8s.io/sig-storage/csi-attacher:v4.8.0
-  ROOK_CSI_RESIZER_IMAGE: registry.k8s.io/sig-storage/csi-resizer:v1.13.1
+  ROOK_CSI_CEPH_IMAGE: quay.io/cephcsi/cephcsi:v3.16.0
+  ROOK_CSI_REGISTRAR_IMAGE: registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.15.0
+  ROOK_CSI_PROVISIONER_IMAGE: registry.k8s.io/sig-storage/csi-provisioner:v6.0.0
+  ROOK_CSI_SNAPSHOTTER_IMAGE: registry.k8s.io/sig-storage/csi-snapshotter:v8.4.0
+  ROOK_CSI_ATTACHER_IMAGE: registry.k8s.io/sig-storage/csi-attacher:v4.10.0
+  ROOK_CSI_RESIZER_IMAGE: registry.k8s.io/sig-storage/csi-resizer:v2.0.0
   ROOK_CSI_IMAGE_PULL_POLICY: IfNotPresent
   CSI_ENABLE_CSIADDONS: 'false'
-  ROOK_CSIADDONS_IMAGE: quay.io/csiaddons/k8s-sidecar:v0.11.0
+  ROOK_CSIADDONS_IMAGE: quay.io/csiaddons/k8s-sidecar:v0.14.0
+  CSI_ENABLE_CROSS_NAMESPACE_VOLUME_DATA_SOURCE: 'false'
   CSI_ENABLE_TOPOLOGY: 'false'
   ROOK_CSI_ENABLE_NFS: 'false'
   CSI_ENABLE_LIVENESS: 'true'
   CSI_FORCE_CEPHFS_KERNEL_CLIENT: 'true'
   CSI_GRPC_TIMEOUT_SECONDS: '150'
   CSI_PROVISIONER_REPLICAS: '2'
--- HelmRelease: rook-ceph/rook-ceph-operator ClusterRole: rook-ceph/rook-ceph-system

+++ HelmRelease: rook-ceph/rook-ceph-operator ClusterRole: rook-ceph/rook-ceph-system

@@ -3,12 +3,14 @@

 apiVersion: rbac.authorization.k8s.io/v1
 metadata:
   name: rook-ceph-system
   labels:
     operator: rook
     storage-backend: ceph
+    app.kubernetes.io/name: rook-ceph
+    app.kubernetes.io/instance: rook-ceph-operator
     app.kubernetes.io/part-of: rook-ceph-operator
     app.kubernetes.io/managed-by: Helm
     app.kubernetes.io/created-by: helm
 rules:
 - apiGroups:
   - ''
--- HelmRelease: rook-ceph/rook-ceph-operator ClusterRole: rook-ceph/rook-ceph-cluster-mgmt

+++ HelmRelease: rook-ceph/rook-ceph-operator ClusterRole: rook-ceph/rook-ceph-cluster-mgmt

@@ -1,14 +1,16 @@

 ---
+kind: ClusterRole
 apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
 metadata:
   name: rook-ceph-cluster-mgmt
   labels:
     operator: rook
     storage-backend: ceph
+    app.kubernetes.io/name: rook-ceph
+    app.kubernetes.io/instance: rook-ceph-operator
     app.kubernetes.io/part-of: rook-ceph-operator
     app.kubernetes.io/managed-by: Helm
     app.kubernetes.io/created-by: helm
 rules:
 - apiGroups:
   - ''
--- HelmRelease: rook-ceph/rook-ceph-operator ClusterRole: rook-ceph/rook-ceph-global

+++ HelmRelease: rook-ceph/rook-ceph-operator ClusterRole: rook-ceph/rook-ceph-global

@@ -1,14 +1,16 @@

 ---
+kind: ClusterRole
 apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
 metadata:
   name: rook-ceph-global
   labels:
     operator: rook
     storage-backend: ceph
+    app.kubernetes.io/name: rook-ceph
+    app.kubernetes.io/instance: rook-ceph-operator
     app.kubernetes.io/part-of: rook-ceph-operator
     app.kubernetes.io/managed-by: Helm
     app.kubernetes.io/created-by: helm
 rules:
 - apiGroups:
   - ''
@@ -21,18 +23,21 @@

   verbs:
   - get
   - list
   - watch
 - apiGroups:
   - ''
+  - discovery.k8s.io
   resources:
   - events
   - persistentvolumes
   - persistentvolumeclaims
   - endpoints
   - services
+  - endpointslices
+  - endpointslices/restricted
   verbs:
   - get
   - list
   - watch
   - patch
   - create
@@ -64,12 +69,13 @@

   resources:
   - cephclients
   - cephclusters
   - cephblockpools
   - cephfilesystems
   - cephnfses
+  - cephnvmeofgateways
   - cephobjectstores
   - cephobjectstoreusers
   - cephobjectrealms
   - cephobjectzonegroups
   - cephobjectzones
   - cephbuckettopics
@@ -89,12 +95,13 @@

   resources:
   - cephclients/status
   - cephclusters/status
   - cephblockpools/status
   - cephfilesystems/status
   - cephnfses/status
+  - cephnvmeofgateways/status
   - cephobjectstores/status
   - cephobjectstoreusers/status
   - cephobjectrealms/status
   - cephobjectzonegroups/status
   - cephobjectzones/status
   - cephbuckettopics/status
@@ -110,12 +117,13 @@

   resources:
   - cephclients/finalizers
   - cephclusters/finalizers
   - cephblockpools/finalizers
   - cephfilesystems/finalizers
   - cephnfses/finalizers
+  - cephnvmeofgateways/finalizers
   - cephobjectstores/finalizers
   - cephobjectstoreusers/finalizers
   - cephobjectrealms/finalizers
   - cephobjectzonegroups/finalizers
   - cephobjectzones/finalizers
   - cephbuckettopics/finalizers
--- HelmRelease: rook-ceph/rook-ceph-operator ClusterRole: rook-ceph/rook-ceph-mgr-cluster

+++ HelmRelease: rook-ceph/rook-ceph-operator ClusterRole: rook-ceph/rook-ceph-mgr-cluster

@@ -3,12 +3,14 @@

 apiVersion: rbac.authorization.k8s.io/v1
 metadata:
   name: rook-ceph-mgr-cluster
   labels:
     operator: rook
     storage-backend: ceph
+    app.kubernetes.io/name: rook-ceph
+    app.kubernetes.io/instance: rook-ceph-operator
     app.kubernetes.io/part-of: rook-ceph-operator
     app.kubernetes.io/managed-by: Helm
     app.kubernetes.io/created-by: helm
 rules:
 - apiGroups:
   - ''
--- HelmRelease: rook-ceph/rook-ceph-operator ClusterRole: rook-ceph/rook-ceph-mgr-system

+++ HelmRelease: rook-ceph/rook-ceph-operator ClusterRole: rook-ceph/rook-ceph-mgr-system

@@ -1,11 +1,19 @@

 ---
 kind: ClusterRole
 apiVersion: rbac.authorization.k8s.io/v1
 metadata:
   name: rook-ceph-mgr-system
+  labels:
+    operator: rook
+    storage-backend: ceph
+    app.kubernetes.io/name: rook-ceph
+    app.kubernetes.io/instance: rook-ceph-operator
+    app.kubernetes.io/part-of: rook-ceph-operator
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/created-by: helm
 rules:
 - apiGroups:
   - ''
   resources:
   - configmaps
   verbs:
--- HelmRelease: rook-ceph/rook-ceph-operator ClusterRole: rook-ceph/rook-ceph-object-bucket

+++ HelmRelease: rook-ceph/rook-ceph-operator ClusterRole: rook-ceph/rook-ceph-object-bucket

@@ -3,12 +3,14 @@

 apiVersion: rbac.authorization.k8s.io/v1
 metadata:
   name: rook-ceph-object-bucket
   labels:
     operator: rook
     storage-backend: ceph
+    app.kubernetes.io/name: rook-ceph
+    app.kubernetes.io/instance: rook-ceph-operator
     app.kubernetes.io/part-of: rook-ceph-operator
     app.kubernetes.io/managed-by: Helm
     app.kubernetes.io/created-by: helm
 rules:
 - apiGroups:
   - ''
--- HelmRelease: rook-ceph/rook-ceph-operator ClusterRole: rook-ceph/rook-ceph-osd

+++ HelmRelease: rook-ceph/rook-ceph-operator ClusterRole: rook-ceph/rook-ceph-osd

@@ -1,11 +1,19 @@

 ---
 kind: ClusterRole
 apiVersion: rbac.authorization.k8s.io/v1
 metadata:
   name: rook-ceph-osd
+  labels:
+    operator: rook
+    storage-backend: ceph
+    app.kubernetes.io/name: rook-ceph
+    app.kubernetes.io/instance: rook-ceph-operator
+    app.kubernetes.io/part-of: rook-ceph-operator
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/created-by: helm
 rules:
 - apiGroups:
   - ''
   resources:
   - nodes
   verbs:
--- HelmRelease: rook-ceph/rook-ceph-operator ClusterRole: rook-ceph/cephfs-csi-nodeplugin

+++ HelmRelease: rook-ceph/rook-ceph-operator ClusterRole: rook-ceph/cephfs-csi-nodeplugin

@@ -1,11 +1,19 @@

 ---
 kind: ClusterRole
 apiVersion: rbac.authorization.k8s.io/v1
 metadata:
   name: cephfs-csi-nodeplugin
+  labels:
+    operator: rook
+    storage-backend: ceph
+    app.kubernetes.io/name: rook-ceph
+    app.kubernetes.io/instance: rook-ceph-operator
+    app.kubernetes.io/part-of: rook-ceph-operator
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/created-by: helm
 rules:
 - apiGroups:
   - ''
   resources:
   - nodes
   verbs:
--- HelmRelease: rook-ceph/rook-ceph-operator ClusterRole: rook-ceph/cephfs-external-provisioner-runner

+++ HelmRelease: rook-ceph/rook-ceph-operator ClusterRole: rook-ceph/cephfs-external-provisioner-runner

@@ -1,11 +1,19 @@

 ---
 kind: ClusterRole
 apiVersion: rbac.authorization.k8s.io/v1
 metadata:
   name: cephfs-external-provisioner-runner
+  labels:
+    operator: rook
+    storage-backend: ceph
+    app.kubernetes.io/name: rook-ceph
+    app.kubernetes.io/instance: rook-ceph-operator
+    app.kubernetes.io/part-of: rook-ceph-operator
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/created-by: helm
 rules:
 - apiGroups:
   - ''
   resources:
   - secrets
   verbs:
@@ -161,7 +169,13 @@

 - apiGroups:
   - ''
   resources:
   - serviceaccounts/token
   verbs:
   - create
+- apiGroups:
+  - authentication.k8s.io
+  resources:
+  - tokenreviews
+  verbs:
+  - create
 
--- HelmRelease: rook-ceph/rook-ceph-operator ClusterRole: rook-ceph/rbd-csi-nodeplugin

+++ HelmRelease: rook-ceph/rook-ceph-operator ClusterRole: rook-ceph/rbd-csi-nodeplugin

@@ -3,12 +3,14 @@

 apiVersion: rbac.authorization.k8s.io/v1
 metadata:
   name: rbd-csi-nodeplugin
   labels:
     operator: rook
     storage-backend: ceph
+    app.kubernetes.io/name: rook-ceph
+    app.kubernetes.io/instance: rook-ceph-operator
     app.kubernetes.io/part-of: rook-ceph-operator
     app.kubernetes.io/managed-by: Helm
     app.kubernetes.io/created-by: helm
 rules:
 - apiGroups:
   - ''
@@ -52,7 +54,13 @@

 - apiGroups:
   - ''
   resources:
   - nodes
   verbs:
   - get
+- apiGroups:
+  - authentication.k8s.io
+  resources:
+  - tokenreviews
+  verbs:
+  - create
 
--- HelmRelease: rook-ceph/rook-ceph-operator ClusterRole: rook-ceph/rbd-external-provisioner-runner

+++ HelmRelease: rook-ceph/rook-ceph-operator ClusterRole: rook-ceph/rbd-external-provisioner-runner

@@ -1,11 +1,19 @@

 ---
 kind: ClusterRole
 apiVersion: rbac.authorization.k8s.io/v1
 metadata:
   name: rbd-external-provisioner-runner
+  labels:
+    operator: rook
+    storage-backend: ceph
+    app.kubernetes.io/name: rook-ceph
+    app.kubernetes.io/instance: rook-ceph-operator
+    app.kubernetes.io/part-of: rook-ceph-operator
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/created-by: helm
 rules:
 - apiGroups:
   - ''
   resources:
   - secrets
   verbs:
@@ -169,7 +177,37 @@

   resources:
   - nodes
   verbs:
   - get
   - list
   - watch
+- apiGroups:
+  - gateway.networking.k8s.io
+  resources:
+  - referencegrants
+  verbs:
+  - get
+  - list
+  - watch
+- apiGroups:
+  - replication.storage.openshift.io
+  resources:
+  - volumegroupreplicationcontents
+  verbs:
+  - get
+  - list
+  - watch
+- apiGroups:
+  - replication.storage.openshift.io
+  resources:
+  - volumegroupreplicationclasses
+  verbs:
+  - get
+  - list
+  - watch
+- apiGroups:
+  - authentication.k8s.io
+  resources:
+  - tokenreviews
+  verbs:
+  - create
 
--- HelmRelease: rook-ceph/rook-ceph-operator ClusterRoleBinding: rook-ceph/rook-ceph-mgr-cluster

+++ HelmRelease: rook-ceph/rook-ceph-operator ClusterRoleBinding: rook-ceph/rook-ceph-mgr-cluster

@@ -1,11 +1,19 @@

 ---
 kind: ClusterRoleBinding
 apiVersion: rbac.authorization.k8s.io/v1
 metadata:
   name: rook-ceph-mgr-cluster
+  labels:
+    operator: rook
+    storage-backend: ceph
+    app.kubernetes.io/name: rook-ceph
+    app.kubernetes.io/instance: rook-ceph-operator
+    app.kubernetes.io/part-of: rook-ceph-operator
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/created-by: helm
 roleRef:
   apiGroup: rbac.authorization.k8s.io
   kind: ClusterRole
   name: rook-ceph-mgr-cluster
 subjects:
 - kind: ServiceAccount
--- HelmRelease: rook-ceph/rook-ceph-operator ClusterRoleBinding: rook-ceph/rook-ceph-osd

+++ HelmRelease: rook-ceph/rook-ceph-operator ClusterRoleBinding: rook-ceph/rook-ceph-osd

@@ -1,11 +1,19 @@

 ---
 kind: ClusterRoleBinding
 apiVersion: rbac.authorization.k8s.io/v1
 metadata:
   name: rook-ceph-osd
+  labels:
+    operator: rook
+    storage-backend: ceph
+    app.kubernetes.io/name: rook-ceph
+    app.kubernetes.io/instance: rook-ceph-operator
+    app.kubernetes.io/part-of: rook-ceph-operator
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/created-by: helm
 roleRef:
   apiGroup: rbac.authorization.k8s.io
   kind: ClusterRole
   name: rook-ceph-osd
 subjects:
 - kind: ServiceAccount
--- HelmRelease: rook-ceph/rook-ceph-operator ClusterRoleBinding: rook-ceph/rook-ceph-system

+++ HelmRelease: rook-ceph/rook-ceph-operator ClusterRoleBinding: rook-ceph/rook-ceph-system

@@ -3,12 +3,14 @@

 apiVersion: rbac.authorization.k8s.io/v1
 metadata:
   name: rook-ceph-system
   labels:
     operator: rook
     storage-backend: ceph
+    app.kubernetes.io/name: rook-ceph
+    app.kubernetes.io/instance: rook-ceph-operator
     app.kubernetes.io/part-of: rook-ceph-operator
     app.kubernetes.io/managed-by: Helm
     app.kubernetes.io/created-by: helm
 roleRef:
   apiGroup: rbac.authorization.k8s.io
   kind: ClusterRole
--- HelmRelease: rook-ceph/rook-ceph-operator ClusterRoleBinding: rook-ceph/rook-ceph-global

+++ HelmRelease: rook-ceph/rook-ceph-operator ClusterRoleBinding: rook-ceph/rook-ceph-global

@@ -3,12 +3,14 @@

 apiVersion: rbac.authorization.k8s.io/v1
 metadata:
   name: rook-ceph-global
   labels:
     operator: rook
     storage-backend: ceph
+    app.kubernetes.io/name: rook-ceph
+    app.kubernetes.io/instance: rook-ceph-operator
     app.kubernetes.io/part-of: rook-ceph-operator
     app.kubernetes.io/managed-by: Helm
     app.kubernetes.io/created-by: helm
 roleRef:
   apiGroup: rbac.authorization.k8s.io
   kind: ClusterRole
--- HelmRelease: rook-ceph/rook-ceph-operator ClusterRoleBinding: rook-ceph/rook-ceph-object-bucket

+++ HelmRelease: rook-ceph/rook-ceph-operator ClusterRoleBinding: rook-ceph/rook-ceph-object-bucket

@@ -1,11 +1,19 @@

 ---
 kind: ClusterRoleBinding
 apiVersion: rbac.authorization.k8s.io/v1
 metadata:
   name: rook-ceph-object-bucket
+  labels:
+    operator: rook
+    storage-backend: ceph
+    app.kubernetes.io/name: rook-ceph
+    app.kubernetes.io/instance: rook-ceph-operator
+    app.kubernetes.io/part-of: rook-ceph-operator
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/created-by: helm
 roleRef:
   apiGroup: rbac.authorization.k8s.io
   kind: ClusterRole
   name: rook-ceph-object-bucket
 subjects:
 - kind: ServiceAccount
--- HelmRelease: rook-ceph/rook-ceph-operator ClusterRoleBinding: rook-ceph/rbd-csi-nodeplugin

+++ HelmRelease: rook-ceph/rook-ceph-operator ClusterRoleBinding: rook-ceph/rbd-csi-nodeplugin

@@ -1,11 +1,19 @@

 ---
 kind: ClusterRoleBinding
 apiVersion: rbac.authorization.k8s.io/v1
 metadata:
   name: rbd-csi-nodeplugin
+  labels:
+    operator: rook
+    storage-backend: ceph
+    app.kubernetes.io/name: rook-ceph
+    app.kubernetes.io/instance: rook-ceph-operator
+    app.kubernetes.io/part-of: rook-ceph-operator
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/created-by: helm
 subjects:
 - kind: ServiceAccount
   name: rook-csi-rbd-plugin-sa
   namespace: rook-ceph
 roleRef:
   kind: ClusterRole
--- HelmRelease: rook-ceph/rook-ceph-operator ClusterRoleBinding: rook-ceph/cephfs-csi-provisioner-role

+++ HelmRelease: rook-ceph/rook-ceph-operator ClusterRoleBinding: rook-ceph/cephfs-csi-provisioner-role

@@ -1,11 +1,19 @@

 ---
 kind: ClusterRoleBinding
 apiVersion: rbac.authorization.k8s.io/v1
 metadata:
   name: cephfs-csi-provisioner-role
+  labels:
+    operator: rook
+    storage-backend: ceph
+    app.kubernetes.io/name: rook-ceph
+    app.kubernetes.io/instance: rook-ceph-operator
+    app.kubernetes.io/part-of: rook-ceph-operator
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/created-by: helm
 subjects:
 - kind: ServiceAccount
   name: rook-csi-cephfs-provisioner-sa
   namespace: rook-ceph
 roleRef:
   kind: ClusterRole
--- HelmRelease: rook-ceph/rook-ceph-operator ClusterRoleBinding: rook-ceph/cephfs-csi-nodeplugin-role

+++ HelmRelease: rook-ceph/rook-ceph-operator ClusterRoleBinding: rook-ceph/cephfs-csi-nodeplugin-role

@@ -1,11 +1,19 @@

 ---
 kind: ClusterRoleBinding
 apiVersion: rbac.authorization.k8s.io/v1
 metadata:
   name: cephfs-csi-nodeplugin-role
+  labels:
+    operator: rook
+    storage-backend: ceph
+    app.kubernetes.io/name: rook-ceph
+    app.kubernetes.io/instance: rook-ceph-operator
+    app.kubernetes.io/part-of: rook-ceph-operator
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/created-by: helm
 subjects:
 - kind: ServiceAccount
   name: rook-csi-cephfs-plugin-sa
   namespace: rook-ceph
 roleRef:
   kind: ClusterRole
--- HelmRelease: rook-ceph/rook-ceph-operator ClusterRoleBinding: rook-ceph/rbd-csi-provisioner-role

+++ HelmRelease: rook-ceph/rook-ceph-operator ClusterRoleBinding: rook-ceph/rbd-csi-provisioner-role

@@ -1,11 +1,19 @@

 ---
 kind: ClusterRoleBinding
 apiVersion: rbac.authorization.k8s.io/v1
 metadata:
   name: rbd-csi-provisioner-role
+  labels:
+    operator: rook
+    storage-backend: ceph
+    app.kubernetes.io/name: rook-ceph
+    app.kubernetes.io/instance: rook-ceph-operator
+    app.kubernetes.io/part-of: rook-ceph-operator
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/created-by: helm
 subjects:
 - kind: ServiceAccount
   name: rook-csi-rbd-provisioner-sa
   namespace: rook-ceph
 roleRef:
   kind: ClusterRole
--- HelmRelease: rook-ceph/rook-ceph-operator Role: rook-ceph/rook-ceph-osd

+++ HelmRelease: rook-ceph/rook-ceph-operator Role: rook-ceph/rook-ceph-osd

@@ -1,12 +1,20 @@

 ---
 kind: Role
 apiVersion: rbac.authorization.k8s.io/v1
 metadata:
   name: rook-ceph-osd
   namespace: rook-ceph
+  labels:
+    operator: rook
+    storage-backend: ceph
+    app.kubernetes.io/name: rook-ceph
+    app.kubernetes.io/instance: rook-ceph-operator
+    app.kubernetes.io/part-of: rook-ceph-operator
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/created-by: helm
 rules:
 - apiGroups:
   - ''
   resources:
   - secrets
   verbs:
--- HelmRelease: rook-ceph/rook-ceph-operator Role: rook-ceph/rook-ceph-mgr

+++ HelmRelease: rook-ceph/rook-ceph-operator Role: rook-ceph/rook-ceph-mgr

@@ -1,12 +1,20 @@

 ---
 kind: Role
 apiVersion: rbac.authorization.k8s.io/v1
 metadata:
   name: rook-ceph-mgr
   namespace: rook-ceph
+  labels:
+    operator: rook
+    storage-backend: ceph
+    app.kubernetes.io/name: rook-ceph
+    app.kubernetes.io/instance: rook-ceph-operator
+    app.kubernetes.io/part-of: rook-ceph-operator
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/created-by: helm
 rules:
 - apiGroups:
   - ''
   resources:
   - pods
   - services
@@ -31,15 +39,17 @@

   - delete
 - apiGroups:
   - ceph.rook.io
   resources:
   - cephclients
   - cephclusters
+  - cephclusters/finalizers
   - cephblockpools
   - cephfilesystems
   - cephnfses
+  - cephnvmeofgateways
   - cephobjectstores
   - cephobjectstoreusers
   - cephobjectrealms
   - cephobjectzonegroups
   - cephobjectzones
   - cephbuckettopics
--- HelmRelease: rook-ceph/rook-ceph-operator Role: rook-ceph/rook-ceph-cmd-reporter

+++ HelmRelease: rook-ceph/rook-ceph-operator Role: rook-ceph/rook-ceph-cmd-reporter

@@ -1,12 +1,20 @@

 ---
 kind: Role
 apiVersion: rbac.authorization.k8s.io/v1
 metadata:
   name: rook-ceph-cmd-reporter
   namespace: rook-ceph
+  labels:
+    operator: rook
+    storage-backend: ceph
+    app.kubernetes.io/name: rook-ceph
+    app.kubernetes.io/instance: rook-ceph-operator
+    app.kubernetes.io/part-of: rook-ceph-operator
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/created-by: helm
 rules:
 - apiGroups:
   - ''
   resources:
   - pods
   - configmaps
--- HelmRelease: rook-ceph/rook-ceph-operator Role: rook-ceph/rook-ceph-purge-osd

+++ HelmRelease: rook-ceph/rook-ceph-operator Role: rook-ceph/rook-ceph-purge-osd

@@ -1,12 +1,20 @@

 ---
 kind: Role
 apiVersion: rbac.authorization.k8s.io/v1
 metadata:
   name: rook-ceph-purge-osd
   namespace: rook-ceph
+  labels:
+    operator: rook
+    storage-backend: ceph
+    app.kubernetes.io/name: rook-ceph
+    app.kubernetes.io/instance: rook-ceph-operator
+    app.kubernetes.io/part-of: rook-ceph-operator
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/created-by: helm
 rules:
 - apiGroups:
   - ''
   resources:
   - configmaps
   verbs:
--- HelmRelease: rook-ceph/rook-ceph-operator Role: rook-ceph/rook-ceph-monitoring

+++ HelmRelease: rook-ceph/rook-ceph-operator Role: rook-ceph/rook-ceph-monitoring

@@ -1,12 +1,20 @@

 ---
 kind: Role
 apiVersion: rbac.authorization.k8s.io/v1
 metadata:
   name: rook-ceph-monitoring
   namespace: rook-ceph
+  labels:
+    operator: rook
+    storage-backend: ceph
+    app.kubernetes.io/name: rook-ceph
+    app.kubernetes.io/instance: rook-ceph-operator
+    app.kubernetes.io/part-of: rook-ceph-operator
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/created-by: helm
 rules:
 - apiGroups:
   - monitoring.coreos.com
   resources:
   - servicemonitors
   verbs:
--- HelmRelease: rook-ceph/rook-ceph-operator Role: rook-ceph/rook-ceph-monitoring-mgr

+++ HelmRelease: rook-ceph/rook-ceph-operator Role: rook-ceph/rook-ceph-monitoring-mgr

@@ -1,12 +1,20 @@

 ---
 kind: Role
 apiVersion: rbac.authorization.k8s.io/v1
 metadata:
   name: rook-ceph-monitoring-mgr
   namespace: rook-ceph
+  labels:
+    operator: rook
+    storage-backend: ceph
+    app.kubernetes.io/name: rook-ceph
+    app.kubernetes.io/instance: rook-ceph-operator
+    app.kubernetes.io/part-of: rook-ceph-operator
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/created-by: helm
 rules:
 - apiGroups:
   - monitoring.coreos.com
   resources:
   - servicemonitors
   verbs:
--- HelmRelease: rook-ceph/rook-ceph-operator Role: rook-ceph/rook-ceph-system

+++ HelmRelease: rook-ceph/rook-ceph-operator Role: rook-ceph/rook-ceph-system

@@ -1,15 +1,17 @@

 ---
+kind: Role
 apiVersion: rbac.authorization.k8s.io/v1
-kind: Role
 metadata:
   name: rook-ceph-system
   namespace: rook-ceph
   labels:
     operator: rook
     storage-backend: ceph
+    app.kubernetes.io/name: rook-ceph
+    app.kubernetes.io/instance: rook-ceph-operator
     app.kubernetes.io/part-of: rook-ceph-operator
     app.kubernetes.io/managed-by: Helm
     app.kubernetes.io/created-by: helm
 rules:
 - apiGroups:
   - ''
--- HelmRelease: rook-ceph/rook-ceph-operator Role: rook-ceph/cephfs-external-provisioner-cfg

+++ HelmRelease: rook-ceph/rook-ceph-operator Role: rook-ceph/cephfs-external-provisioner-cfg

@@ -1,12 +1,20 @@

 ---
 kind: Role
 apiVersion: rbac.authorization.k8s.io/v1
 metadata:
   name: cephfs-external-provisioner-cfg
   namespace: rook-ceph
+  labels:
+    operator: rook
+    storage-backend: ceph
+    app.kubernetes.io/name: rook-ceph
+    app.kubernetes.io/instance: rook-ceph-operator
+    app.kubernetes.io/part-of: rook-ceph-operator
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/created-by: helm
 rules:
 - apiGroups:
   - coordination.k8s.io
   resources:
   - leases
   verbs:
--- HelmRelease: rook-ceph/rook-ceph-operator Role: rook-ceph/rbd-external-provisioner-cfg

+++ HelmRelease: rook-ceph/rook-ceph-operator Role: rook-ceph/rbd-external-provisioner-cfg

@@ -1,12 +1,20 @@

 ---
 kind: Role
 apiVersion: rbac.authorization.k8s.io/v1
 metadata:
   name: rbd-external-provisioner-cfg
   namespace: rook-ceph
+  labels:
+    operator: rook
+    storage-backend: ceph
+    app.kubernetes.io/name: rook-ceph
+    app.kubernetes.io/instance: rook-ceph-operator
+    app.kubernetes.io/part-of: rook-ceph-operator
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/created-by: helm
 rules:
 - apiGroups:
   - coordination.k8s.io
   resources:
   - leases
   verbs:
--- HelmRelease: rook-ceph/rook-ceph-operator RoleBinding: rook-ceph/rook-ceph-cluster-mgmt

+++ HelmRelease: rook-ceph/rook-ceph-operator RoleBinding: rook-ceph/rook-ceph-cluster-mgmt

@@ -1,12 +1,20 @@

 ---
 kind: RoleBinding
 apiVersion: rbac.authorization.k8s.io/v1
 metadata:
   name: rook-ceph-cluster-mgmt
   namespace: rook-ceph
+  labels:
+    operator: rook
+    storage-backend: ceph
+    app.kubernetes.io/name: rook-ceph
+    app.kubernetes.io/instance: rook-ceph-operator
+    app.kubernetes.io/part-of: rook-ceph-operator
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/created-by: helm
 roleRef:
   apiGroup: rbac.authorization.k8s.io
   kind: ClusterRole
   name: rook-ceph-cluster-mgmt
 subjects:
 - kind: ServiceAccount
--- HelmRelease: rook-ceph/rook-ceph-operator RoleBinding: rook-ceph/rook-ceph-osd

+++ HelmRelease: rook-ceph/rook-ceph-operator RoleBinding: rook-ceph/rook-ceph-osd

@@ -1,12 +1,20 @@

 ---
 kind: RoleBinding
 apiVersion: rbac.authorization.k8s.io/v1
 metadata:
   name: rook-ceph-osd
   namespace: rook-ceph
+  labels:
+    operator: rook
+    storage-backend: ceph
+    app.kubernetes.io/name: rook-ceph
+    app.kubernetes.io/instance: rook-ceph-operator
+    app.kubernetes.io/part-of: rook-ceph-operator
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/created-by: helm
 roleRef:
   apiGroup: rbac.authorization.k8s.io
   kind: Role
   name: rook-ceph-osd
 subjects:
 - kind: ServiceAccount
--- HelmRelease: rook-ceph/rook-ceph-operator RoleBinding: rook-ceph/rook-ceph-mgr

+++ HelmRelease: rook-ceph/rook-ceph-operator RoleBinding: rook-ceph/rook-ceph-mgr

@@ -1,12 +1,20 @@

 ---
 kind: RoleBinding
 apiVersion: rbac.authorization.k8s.io/v1
 metadata:
   name: rook-ceph-mgr
   namespace: rook-ceph
+  labels:
+    operator: rook
+    storage-backend: ceph
+    app.kubernetes.io/name: rook-ceph
+    app.kubernetes.io/instance: rook-ceph-operator
+    app.kubernetes.io/part-of: rook-ceph-operator
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/created-by: helm
 roleRef:
   apiGroup: rbac.authorization.k8s.io
   kind: Role
   name: rook-ceph-mgr
 subjects:
 - kind: ServiceAccount
--- HelmRelease: rook-ceph/rook-ceph-operator RoleBinding: rook-ceph/rook-ceph-mgr-system

+++ HelmRelease: rook-ceph/rook-ceph-operator RoleBinding: rook-ceph/rook-ceph-mgr-system

@@ -1,12 +1,20 @@

 ---
 kind: RoleBinding
 apiVersion: rbac.authorization.k8s.io/v1
 metadata:
   name: rook-ceph-mgr-system
   namespace: rook-ceph
+  labels:
+    operator: rook
+    storage-backend: ceph
+    app.kubernetes.io/name: rook-ceph
+    app.kubernetes.io/instance: rook-ceph-operator
+    app.kubernetes.io/part-of: rook-ceph-operator
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/created-by: helm
 roleRef:
   apiGroup: rbac.authorization.k8s.io
   kind: ClusterRole
   name: rook-ceph-mgr-system
 subjects:
 - kind: ServiceAccount
--- HelmRelease: rook-ceph/rook-ceph-operator RoleBinding: rook-ceph/rook-ceph-cmd-reporter

+++ HelmRelease: rook-ceph/rook-ceph-operator RoleBinding: rook-ceph/rook-ceph-cmd-reporter

@@ -1,12 +1,20 @@

 ---
 kind: RoleBinding
 apiVersion: rbac.authorization.k8s.io/v1
 metadata:
   name: rook-ceph-cmd-reporter
   namespace: rook-ceph
+  labels:
+    operator: rook
+    storage-backend: ceph
+    app.kubernetes.io/name: rook-ceph
+    app.kubernetes.io/instance: rook-ceph-operator
+    app.kubernetes.io/part-of: rook-ceph-operator
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/created-by: helm
 roleRef:
   apiGroup: rbac.authorization.k8s.io
   kind: Role
   name: rook-ceph-cmd-reporter
 subjects:
 - kind: ServiceAccount
--- HelmRelease: rook-ceph/rook-ceph-operator RoleBinding: rook-ceph/rook-ceph-purge-osd

+++ HelmRelease: rook-ceph/rook-ceph-operator RoleBinding: rook-ceph/rook-ceph-purge-osd

@@ -1,12 +1,20 @@

 ---
 kind: RoleBinding
 apiVersion: rbac.authorization.k8s.io/v1
 metadata:
   name: rook-ceph-purge-osd
   namespace: rook-ceph
+  labels:
+    operator: rook
+    storage-backend: ceph
+    app.kubernetes.io/name: rook-ceph
+    app.kubernetes.io/instance: rook-ceph-operator
+    app.kubernetes.io/part-of: rook-ceph-operator
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/created-by: helm
 roleRef:
   apiGroup: rbac.authorization.k8s.io
   kind: Role
   name: rook-ceph-purge-osd
 subjects:
 - kind: ServiceAccount
--- HelmRelease: rook-ceph/rook-ceph-operator RoleBinding: rook-ceph/rook-ceph-monitoring

+++ HelmRelease: rook-ceph/rook-ceph-operator RoleBinding: rook-ceph/rook-ceph-monitoring

@@ -1,12 +1,20 @@

 ---
 kind: RoleBinding
 apiVersion: rbac.authorization.k8s.io/v1
 metadata:
   name: rook-ceph-monitoring
   namespace: rook-ceph
+  labels:
+    operator: rook
+    storage-backend: ceph
+    app.kubernetes.io/name: rook-ceph
+    app.kubernetes.io/instance: rook-ceph-operator
+    app.kubernetes.io/part-of: rook-ceph-operator
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/created-by: helm
 roleRef:
   apiGroup: rbac.authorization.k8s.io
   kind: Role
   name: rook-ceph-monitoring
 subjects:
 - kind: ServiceAccount
--- HelmRelease: rook-ceph/rook-ceph-operator RoleBinding: rook-ceph/rook-ceph-monitoring-mgr

+++ HelmRelease: rook-ceph/rook-ceph-operator RoleBinding: rook-ceph/rook-ceph-monitoring-mgr

@@ -1,12 +1,20 @@

 ---
 kind: RoleBinding
 apiVersion: rbac.authorization.k8s.io/v1
 metadata:
   name: rook-ceph-monitoring-mgr
   namespace: rook-ceph
+  labels:
+    operator: rook
+    storage-backend: ceph
+    app.kubernetes.io/name: rook-ceph
+    app.kubernetes.io/instance: rook-ceph-operator
+    app.kubernetes.io/part-of: rook-ceph-operator
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/created-by: helm
 roleRef:
   apiGroup: rbac.authorization.k8s.io
   kind: Role
   name: rook-ceph-monitoring-mgr
 subjects:
 - kind: ServiceAccount
--- HelmRelease: rook-ceph/rook-ceph-operator RoleBinding: rook-ceph/rook-ceph-system

+++ HelmRelease: rook-ceph/rook-ceph-operator RoleBinding: rook-ceph/rook-ceph-system

@@ -4,12 +4,14 @@

 metadata:
   name: rook-ceph-system
   namespace: rook-ceph
   labels:
     operator: rook
     storage-backend: ceph
+    app.kubernetes.io/name: rook-ceph
+    app.kubernetes.io/instance: rook-ceph-operator
     app.kubernetes.io/part-of: rook-ceph-operator
     app.kubernetes.io/managed-by: Helm
     app.kubernetes.io/created-by: helm
 roleRef:
   apiGroup: rbac.authorization.k8s.io
   kind: Role
--- HelmRelease: rook-ceph/rook-ceph-operator RoleBinding: rook-ceph/cephfs-csi-provisioner-role-cfg

+++ HelmRelease: rook-ceph/rook-ceph-operator RoleBinding: rook-ceph/cephfs-csi-provisioner-role-cfg

@@ -1,12 +1,20 @@

 ---
 kind: RoleBinding
 apiVersion: rbac.authorization.k8s.io/v1
 metadata:
   name: cephfs-csi-provisioner-role-cfg
   namespace: rook-ceph
+  labels:
+    operator: rook
+    storage-backend: ceph
+    app.kubernetes.io/name: rook-ceph
+    app.kubernetes.io/instance: rook-ceph-operator
+    app.kubernetes.io/part-of: rook-ceph-operator
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/created-by: helm
 subjects:
 - kind: ServiceAccount
   name: rook-csi-cephfs-provisioner-sa
   namespace: rook-ceph
 roleRef:
   kind: Role
--- HelmRelease: rook-ceph/rook-ceph-operator RoleBinding: rook-ceph/rbd-csi-provisioner-role-cfg

+++ HelmRelease: rook-ceph/rook-ceph-operator RoleBinding: rook-ceph/rbd-csi-provisioner-role-cfg

@@ -1,12 +1,20 @@

 ---
 kind: RoleBinding
 apiVersion: rbac.authorization.k8s.io/v1
 metadata:
   name: rbd-csi-provisioner-role-cfg
   namespace: rook-ceph
+  labels:
+    operator: rook
+    storage-backend: ceph
+    app.kubernetes.io/name: rook-ceph
+    app.kubernetes.io/instance: rook-ceph-operator
+    app.kubernetes.io/part-of: rook-ceph-operator
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/created-by: helm
 subjects:
 - kind: ServiceAccount
   name: rook-csi-rbd-provisioner-sa
   namespace: rook-ceph
 roleRef:
   kind: Role
--- HelmRelease: rook-ceph/rook-ceph-operator Deployment: rook-ceph/rook-ceph-operator

+++ HelmRelease: rook-ceph/rook-ceph-operator Deployment: rook-ceph/rook-ceph-operator

@@ -1,15 +1,17 @@

 ---
+kind: Deployment
 apiVersion: apps/v1
-kind: Deployment
 metadata:
   name: rook-ceph-operator
   namespace: rook-ceph
   labels:
     operator: rook
     storage-backend: ceph
+    app.kubernetes.io/name: rook-ceph
+    app.kubernetes.io/instance: rook-ceph-operator
     app.kubernetes.io/part-of: rook-ceph-operator
     app.kubernetes.io/managed-by: Helm
     app.kubernetes.io/created-by: helm
 spec:
   replicas: 1
   selector:
@@ -26,13 +28,13 @@

       - effect: NoExecute
         key: node.kubernetes.io/unreachable
         operator: Exists
         tolerationSeconds: 5
       containers:
       - name: rook-ceph-operator
-        image: docker.io/rook/ceph:v1.16.2
+        image: docker.io/rook/ceph:v1.19.0
         imagePullPolicy: IfNotPresent
         args:
         - ceph
         - operator
         securityContext:
           capabilities:
@@ -46,12 +48,14 @@

           name: rook-config
         - mountPath: /etc/ceph
           name: default-config-dir
         env:
         - name: ROOK_CURRENT_NAMESPACE_ONLY
           value: 'false'
+        - name: ROOK_RECONCILE_CONCURRENT_CLUSTERS
+          value: '1'
         - name: ROOK_HOSTPATH_REQUIRES_PRIVILEGED
           value: 'false'
         - name: ROOK_DISABLE_DEVICE_HOTPLUG
           value: 'false'
         - name: ROOK_DISCOVER_DEVICES_INTERVAL
           value: 60m
--- HelmRelease: rook-ceph/rook-ceph-operator ServiceMonitor: rook-ceph/csi-metrics

+++ HelmRelease: rook-ceph/rook-ceph-operator ServiceMonitor: rook-ceph/csi-metrics

@@ -1,13 +1,17 @@

 ---
+kind: ServiceMonitor
 apiVersion: monitoring.coreos.com/v1
-kind: ServiceMonitor
 metadata:
   name: csi-metrics
   namespace: rook-ceph
   labels:
+    operator: rook
+    storage-backend: ceph
+    app.kubernetes.io/name: rook-ceph
+    app.kubernetes.io/instance: rook-ceph-operator
     app.kubernetes.io/part-of: rook-ceph-operator
     app.kubernetes.io/managed-by: Helm
     app.kubernetes.io/created-by: helm
 spec:
   namespaceSelector:
     matchNames:
--- HelmRelease: rook-ceph/rook-ceph-operator ServiceAccount: rook-ceph/ceph-csi-cephfs-ctrlplugin-sa

+++ HelmRelease: rook-ceph/rook-ceph-operator ServiceAccount: rook-ceph/ceph-csi-cephfs-ctrlplugin-sa

@@ -0,0 +1,10 @@

+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: ceph-csi-cephfs-ctrlplugin-sa
+  labels:
+    app.kubernetes.io/name: ceph-csi
+    app.kubernetes.io/instance: rook-ceph-operator
+    app.kubernetes.io/managed-by: Helm
+
--- HelmRelease: rook-ceph/rook-ceph-operator ServiceAccount: rook-ceph/ceph-csi-cephfs-nodeplugin-sa

+++ HelmRelease: rook-ceph/rook-ceph-operator ServiceAccount: rook-ceph/ceph-csi-cephfs-nodeplugin-sa

@@ -0,0 +1,10 @@

+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: ceph-csi-cephfs-nodeplugin-sa
+  labels:
+    app.kubernetes.io/name: ceph-csi
+    app.kubernetes.io/instance: rook-ceph-operator
+    app.kubernetes.io/managed-by: Helm
+
--- HelmRelease: rook-ceph/rook-ceph-operator ServiceAccount: rook-ceph/ceph-csi-controller-manager

+++ HelmRelease: rook-ceph/rook-ceph-operator ServiceAccount: rook-ceph/ceph-csi-controller-manager

@@ -0,0 +1,10 @@

+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: ceph-csi-controller-manager
+  labels:
+    app.kubernetes.io/name: ceph-csi
+    app.kubernetes.io/instance: rook-ceph-operator
+    app.kubernetes.io/managed-by: Helm
+
--- HelmRelease: rook-ceph/rook-ceph-operator ServiceAccount: rook-ceph/ceph-csi-nfs-ctrlplugin-sa

+++ HelmRelease: rook-ceph/rook-ceph-operator ServiceAccount: rook-ceph/ceph-csi-nfs-ctrlplugin-sa

@@ -0,0 +1,10 @@

+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: ceph-csi-nfs-ctrlplugin-sa
+  labels:
+    app.kubernetes.io/name: ceph-csi
+    app.kubernetes.io/instance: rook-ceph-operator
+    app.kubernetes.io/managed-by: Helm
+
--- HelmRelease: rook-ceph/rook-ceph-operator ServiceAccount: rook-ceph/ceph-csi-nfs-nodeplugin-sa

+++ HelmRelease: rook-ceph/rook-ceph-operator ServiceAccount: rook-ceph/ceph-csi-nfs-nodeplugin-sa

@@ -0,0 +1,10 @@

+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: ceph-csi-nfs-nodeplugin-sa
+  labels:
+    app.kubernetes.io/name: ceph-csi
+    app.kubernetes.io/instance: rook-ceph-operator
+    app.kubernetes.io/managed-by: Helm
+
--- HelmRelease: rook-ceph/rook-ceph-operator ServiceAccount: rook-ceph/ceph-csi-rbd-ctrlplugin-sa

+++ HelmRelease: rook-ceph/rook-ceph-operator ServiceAccount: rook-ceph/ceph-csi-rbd-ctrlplugin-sa

@@ -0,0 +1,10 @@

+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: ceph-csi-rbd-ctrlplugin-sa
+  labels:
+    app.kubernetes.io/name: ceph-csi
+    app.kubernetes.io/instance: rook-ceph-operator
+    app.kubernetes.io/managed-by: Helm
+
--- HelmRelease: rook-ceph/rook-ceph-operator ServiceAccount: rook-ceph/ceph-csi-rbd-nodeplugin-sa

+++ HelmRelease: rook-ceph/rook-ceph-operator ServiceAccount: rook-ceph/ceph-csi-rbd-nodeplugin-sa

@@ -0,0 +1,10 @@

+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: ceph-csi-rbd-nodeplugin-sa
+  labels:
+    app.kubernetes.io/name: ceph-csi
+    app.kubernetes.io/instance: rook-ceph-operator
+    app.kubernetes.io/managed-by: Helm
+
--- HelmRelease: rook-ceph/rook-ceph-operator ServiceAccount: rook-ceph/rook-ceph-nvmeof

+++ HelmRelease: rook-ceph/rook-ceph-operator ServiceAccount: rook-ceph/rook-ceph-nvmeof

@@ -0,0 +1,15 @@

+---
+kind: ServiceAccount
+apiVersion: v1
+metadata:
+  name: rook-ceph-nvmeof
+  namespace: rook-ceph
+  labels:
+    operator: rook
+    storage-backend: ceph
+    app.kubernetes.io/name: rook-ceph
+    app.kubernetes.io/instance: rook-ceph-operator
+    app.kubernetes.io/part-of: rook-ceph-operator
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/created-by: helm
+
--- HelmRelease: rook-ceph/rook-ceph-operator ClusterRole: rook-ceph/ceph-csi-cephconnection-viewer-role

+++ HelmRelease: rook-ceph/rook-ceph-operator ClusterRole: rook-ceph/ceph-csi-cephconnection-viewer-role

@@ -0,0 +1,25 @@

+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: ceph-csi-cephconnection-viewer-role
+  labels:
+    app.kubernetes.io/name: ceph-csi
+    app.kubernetes.io/instance: rook-ceph-operator
+    app.kubernetes.io/managed-by: Helm
+rules:
+- apiGroups:
+  - csi.ceph.io
+  resources:
+  - cephconnections
+  verbs:
+  - get
+  - list
+  - watch
+- apiGroups:
+  - csi.ceph.io
+  resources:
+  - cephconnections/status
+  verbs:
+  - get
+
--- HelmRelease: rook-ceph/rook-ceph-operator ClusterRole: rook-ceph/ceph-csi-cephconnections-editor-role

+++ HelmRelease: rook-ceph/rook-ceph-operator ClusterRole: rook-ceph/ceph-csi-cephconnections-editor-role

@@ -0,0 +1,29 @@

+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: ceph-csi-cephconnections-editor-role
+  labels:
+    app.kubernetes.io/name: ceph-csi
+    app.kubernetes.io/instance: rook-ceph-operator
+    app.kubernetes.io/managed-by: Helm
+rules:
+- apiGroups:
+  - csi.ceph.io
+  resources:
+  - cephconnections
+  verbs:
+  - create
+  - delete
+  - get
+  - list
+  - patch
+  - update
+  - watch
+- apiGroups:
+  - csi.ceph.io
+  resources:
+  - cephconnections/status
+  verbs:
+  - get
+
--- HelmRelease: rook-ceph/rook-ceph-operator ClusterRole: rook-ceph/ceph-csi-cephfs-ctrlplugin-cr

+++ HelmRelease: rook-ceph/rook-ceph-operator ClusterRole: rook-ceph/ceph-csi-cephfs-ctrlplugin-cr

@@ -0,0 +1,202 @@

+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: ceph-csi-cephfs-ctrlplugin-cr
+  labels:
+    app.kubernetes.io/name: ceph-csi
+    app.kubernetes.io/instance: rook-ceph-operator
+    app.kubernetes.io/managed-by: Helm
+rules:
+- apiGroups:
+  - ''
+  resources:
+  - secrets
+  verbs:
+  - get
+  - list
+  - watch
+- apiGroups:
+  - ''
+  resources:
+  - configmaps
+  verbs:
+  - get
+- apiGroups:
+  - ''
+  resources:
+  - nodes
+  verbs:
+  - get
+  - list
+  - watch
+- apiGroups:
+  - storage.k8s.io
+  resources:
+  - csinodes
+  verbs:
+  - get
+  - list
+  - watch
+- apiGroups:
+  - ''
+  resources:
+  - persistentvolumes
+  verbs:
+  - get
+  - list
+  - watch
+  - create
+  - delete
+  - patch
+  - update
+- apiGroups:
+  - ''
+  resources:
+  - persistentvolumeclaims
+  verbs:
+  - get
+  - list
+  - watch
+  - patch
+  - update
+- apiGroups:
+  - storage.k8s.io
+  resources:
+  - storageclasses
+  verbs:
+  - get
+  - list
+  - watch
+- apiGroups:
+  - ''
+  resources:
+  - events
+  verbs:
+  - list
+  - watch
+  - create
+  - update
+  - patch
+- apiGroups:
+  - storage.k8s.io
+  resources:
+  - volumeattachments
+  verbs:
+  - get
+  - list
+  - watch
+  - patch
+- apiGroups:
+  - storage.k8s.io
+  resources:
+  - volumeattachments/status
+  verbs:
+  - patch
+- apiGroups:
+  - ''
+  resources:
+  - persistentvolumeclaims/status
+  verbs:
+  - patch
+- apiGroups:
+  - snapshot.storage.k8s.io
+  resources:
+  - volumesnapshots
+  verbs:
+  - get
+  - list
+- apiGroups:
+  - snapshot.storage.k8s.io
+  resources:
+  - volumesnapshotclasses
+  verbs:
+  - get
+  - list
+  - watch
+- apiGroups:
+  - snapshot.storage.k8s.io
+  resources:
+  - volumesnapshotcontents
+  verbs:
+  - get
+  - list
+  - watch
+  - patch
+  - update
+- apiGroups:
+  - snapshot.storage.k8s.io
+  resources:
+  - volumesnapshotcontents/status
+  verbs:
+  - update
+  - patch
+- apiGroups:
+  - groupsnapshot.storage.k8s.io
+  resources:
+  - volumegroupsnapshotclasses
+  verbs:
+  - get
+  - list
+  - watch
+- apiGroups:
+  - groupsnapshot.storage.k8s.io
+  resources:
+  - volumegroupsnapshotcontents
+  verbs:
+  - get
+  - list
+  - watch
+  - update
+  - patch
+- apiGroups:
+  - groupsnapshot.storage.k8s.io
+  resources:
+  - volumegroupsnapshotcontents/status
+  verbs:
+  - update
+  - patch
+- apiGroups:
+  - groupsnapshot.storage.openshift.io
+  resources:
+  - volumegroupsnapshotclasses
+  verbs:
+  - get
+  - list
+  - watch
+- apiGroups:
+  - groupsnapshot.storage.openshift.io
+  resources:
+  - volumegroupsnapshotcontents
+  verbs:
+  - get
+  - list
+  - watch
+  - update
+  - patch
+- apiGroups:
+  - groupsnapshot.storage.openshift.io
+  resources:
+  - volumegroupsnapshotcontents/status
+  verbs:
+  - update
+  - patch
+- apiGroups:
+  - ''
+  resources:
+  - serviceaccounts
+  verbs:
+  - get
+- apiGroups:
+  - ''
+  resources:
+  - serviceaccounts/token
+  verbs:
+  - create
+- apiGroups:
+  - authentication.k8s.io
+  resources:
+  - tokenreviews
+  verbs:
+  - create
+
--- HelmRelease: rook-ceph/rook-ceph-operator ClusterRole: rook-ceph/ceph-csi-cephfs-nodeplugin-cr

+++ HelmRelease: rook-ceph/rook-ceph-operator ClusterRole: rook-ceph/ceph-csi-cephfs-nodeplugin-cr

@@ -0,0 +1,58 @@

+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: ceph-csi-cephfs-nodeplugin-cr
+  labels:
+    app.kubernetes.io/name: ceph-csi
+    app.kubernetes.io/instance: rook-ceph-operator
+    app.kubernetes.io/managed-by: Helm
+rules:
+- apiGroups:
+  - ''
+  resources:
+  - nodes
+  verbs:
+  - get
+- apiGroups:
+  - ''
+  resources:
+  - secrets
+  verbs:
+  - get
+- apiGroups:
+  - ''
+  resources:
+  - configmaps
+  verbs:
+  - get
+- apiGroups:
+  - ''
+  resources:
+  - serviceaccounts
+  verbs:
+  - get
+- apiGroups:
+  - ''
+  resources:
+  - serviceaccounts/token
+  verbs:
+  - create
+- apiGroups:
+  - ''
+  resources:
+  - events
+  verbs:
+  - list
+  - watch
+  - create
+  - update
+  - patch
+- apiGroups:
+  - ''
+  resources:
+  - persistentvolumes
+  - persistentvolumeclaims
+  verbs:
+  - get
+
--- HelmRelease: rook-ceph/rook-ceph-operator ClusterRole: rook-ceph/ceph-csi-clientprofile-viewer-role

+++ HelmRelease: rook-ceph/rook-ceph-operator ClusterRole: rook-ceph/ceph-csi-clientprofile-viewer-role

@@ -0,0 +1,25 @@

+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: ceph-csi-clientprofile-viewer-role
+  labels:
+    app.kubernetes.io/name: ceph-csi
+    app.kubernetes.io/instance: rook-ceph-operator
+    app.kubernetes.io/managed-by: Helm
+rules:
+- apiGroups:
+  - csi.ceph.io
+  resources:
+  - clientprofiles
+  verbs:
+  - get
+  - list
+  - watch
+- apiGroups:
+  - csi.ceph.io
+  resources:
+  - clientprofiles/status
+  verbs:
+  - get
+
--- HelmRelease: rook-ceph/rook-ceph-operator ClusterRole: rook-ceph/ceph-csi-clientprofilemapping-editor-role

+++ HelmRelease: rook-ceph/rook-ceph-operator ClusterRole: rook-ceph/ceph-csi-clientprofilemapping-editor-role

@@ -0,0 +1,29 @@

+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: ceph-csi-clientprofilemapping-editor-role
+  labels:
+    app.kubernetes.io/name: ceph-csi
+    app.kubernetes.io/instance: rook-ceph-operator
+    app.kubernetes.io/managed-by: Helm
+rules:
+- apiGroups:
+  - csi.ceph.io
+  resources:
+  - clientprofilemappings
+  verbs:
+  - create
+  - delete
+  - get
+  - list
+  - patch
+  - update
+  - watch
+- apiGroups:
+  - csi.ceph.io
+  resources:
+  - clientprofilemappings/status
+  verbs:
+  - get
+
--- HelmRelease: rook-ceph/rook-ceph-operator ClusterRole: rook-ceph/ceph-csi-clientprofilemapping-viewer-role

+++ HelmRelease: rook-ceph/rook-ceph-operator ClusterRole: rook-ceph/ceph-csi-clientprofilemapping-viewer-role

@@ -0,0 +1,25 @@

+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: ceph-csi-clientprofilemapping-viewer-role
+  labels:
+    app.kubernetes.io/name: ceph-csi
+    app.kubernetes.io/instance: rook-ceph-operator
+    app.kubernetes.io/managed-by: Helm
+rules:
+- apiGroups:
+  - csi.ceph.io
+  resources:
+  - clientprofilemappings
+  verbs:
+  - get
+  - list
+  - watch
+- apiGroups:
+  - csi.ceph.io
+  resources:
+  - clientprofilemappings/status
+  verbs:
+  - get
+
--- HelmRelease: rook-ceph/rook-ceph-operator ClusterRole: rook-ceph/ceph-csi-clientprofiles-editor-role

+++ HelmRelease: rook-ceph/rook-ceph-operator ClusterRole: rook-ceph/ceph-csi-clientprofiles-editor-role

@@ -0,0 +1,29 @@

+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: ceph-csi-clientprofiles-editor-role
+  labels:
+    app.kubernetes.io/name: ceph-csi
+    app.kubernetes.io/instance: rook-ceph-operator
+    app.kubernetes.io/managed-by: Helm
+rules:
+- apiGroups:
+  - csi.ceph.io
+  resources:
+  - clientprofiles
+  verbs:
+  - create
+  - delete
+  - get
+  - list
+  - patch
+  - update
+  - watch
+- apiGroups:
+  - csi.ceph.io
+  resources:
+  - clientprofiles/status
+  verbs:
+  - get
+
--- HelmRelease: rook-ceph/rook-ceph-operator ClusterRole: rook-ceph/ceph-csi-driver-editor-role

+++ HelmRelease: rook-ceph/rook-ceph-operator ClusterRole: rook-ceph/ceph-csi-driver-editor-role

@@ -0,0 +1,29 @@

+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: ceph-csi-driver-editor-role
+  labels:
+    app.kubernetes.io/name: ceph-csi
+    app.kubernetes.io/instance: rook-ceph-operator
+    app.kubernetes.io/managed-by: Helm
+rules:
+- apiGroups:
+  - csi.ceph.io
+  resources:
+  - drivers
+  verbs:
+  - create
+  - delete
+  - get
+  - list
+  - patch
+  - update
+  - watch
+- apiGroups:
+  - csi.ceph.io
+  resources:
+  - drivers/status
+  verbs:
+  - get
+
--- HelmRelease: rook-ceph/rook-ceph-operator ClusterRole: rook-ceph/ceph-csi-driver-viewer-role

+++ HelmRelease: rook-ceph/rook-ceph-operator ClusterRole: rook-ceph/ceph-csi-driver-viewer-role

@@ -0,0 +1,25 @@

+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: ceph-csi-driver-viewer-role
+  labels:
+    app.kubernetes.io/name: ceph-csi
+    app.kubernetes.io/instance: rook-ceph-operator
+    app.kubernetes.io/managed-by: Helm
+rules:
+- apiGroups:
+  - csi.ceph.io
+  resources:
+  - drivers
+  verbs:
+  - get
+  - list
+  - watch
+- apiGroups:
+  - csi.ceph.io
+  resources:
+  - drivers/status
+  verbs:
+  - get
+
--- HelmRelease: rook-ceph/rook-ceph-operator ClusterRole: rook-ceph/ceph-csi-manager-role

+++ HelmRelease: rook-ceph/rook-ceph-operator ClusterRole: rook-ceph/ceph-csi-manager-role

@@ -0,0 +1,107 @@

+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: ceph-csi-manager-role
+  labels:
+    app.kubernetes.io/name: ceph-csi
+    app.kubernetes.io/instance: rook-ceph-operator
+    app.kubernetes.io/managed-by: Helm
+rules:
+- apiGroups:
+  - ''
+  resources:
+  - configmaps
+  - services
+  verbs:
+  - create
+  - delete
+  - get
+  - list
+  - patch
+  - update
+  - watch
+- apiGroups:
+  - apps
+  resources:
+  - daemonsets
+  - deployments
+  verbs:
+  - create
+  - delete
+  - get
+  - list
+  - patch
+  - update
+  - watch
+- apiGroups:
+  - cbt.storage.k8s.io
+  resources:
+  - snapshotmetadataservices
+  verbs:
+  - get
+  - list
+  - watch
+- apiGroups:
+  - csi.ceph.io
+  resources:
+  - cephconnections
+  verbs:
+  - delete
+  - get
+  - list
+  - update
+  - watch
+- apiGroups:
+  - csi.ceph.io
+  resources:
+  - clientprofilemappings
+  - clientprofiles
+  - drivers
+  verbs:
+  - create
+  - delete
+  - get
+  - list
+  - patch
+  - update
+  - watch
+- apiGroups:
+  - csi.ceph.io
+  resources:
+  - clientprofilemappings/finalizers
+  - clientprofiles/finalizers
+  - drivers/finalizers
+  verbs:
+  - update
+- apiGroups:
+  - csi.ceph.io
+  resources:
+  - clientprofilemappings/status
+  - clientprofiles/status
+  - drivers/status
+  verbs:
+  - get
+  - patch
+  - update
+- apiGroups:
+  - csi.ceph.io
+  resources:
+  - operatorconfigs
+  verbs:
+  - get
+  - list
+  - watch
+- apiGroups:
+  - storage.k8s.io
+  resources:
+  - csidrivers
+  verbs:
+  - create
+  - delete
+  - get
+  - list
+  - patch
+  - update
+  - watch
+
--- HelmRelease: rook-ceph/rook-ceph-operator ClusterRole: rook-ceph/ceph-csi-metrics-auth-role

+++ HelmRelease: rook-ceph/rook-ceph-operator ClusterRole: rook-ceph/ceph-csi-metrics-auth-role

@@ -0,0 +1,23 @@

+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: ceph-csi-metrics-auth-role
+  labels:
+    app.kubernetes.io/name: ceph-csi
+    app.kubernetes.io/instance: rook-ceph-operator
+    app.kubernetes.io/managed-by: Helm
+rules:
+- apiGroups:
+  - authentication.k8s.io
+  resources:
+  - tokenreviews
+  verbs:
+  - create
+- apiGroups:
+  - authorization.k8s.io
+  resources:
+  - subjectaccessreviews
+  verbs:
+  - create
+
--- HelmRelease: rook-ceph/rook-ceph-operator ClusterRole: rook-ceph/ceph-csi-metrics-reader

+++ HelmRelease: rook-ceph/rook-ceph-operator ClusterRole: rook-ceph/ceph-csi-metrics-reader

@@ -0,0 +1,15 @@

+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: ceph-csi-metrics-reader
+  labels:
+    app.kubernetes.io/name: ceph-csi
+    app.kubernetes.io/instance: rook-ceph-operator
+    app.kubernetes.io/managed-by: Helm
+rules:
+- nonResourceURLs:
+  - /metrics
+  verbs:
+  - get
+
--- HelmRelease: rook-ceph/rook-ceph-operator ClusterRole: rook-ceph/ceph-csi-nfs-ctrlplugin-cr

+++ HelmRelease: rook-ceph/rook-ceph-operator ClusterRole: rook-ceph/ceph-csi-nfs-ctrlplugin-cr

@@ -0,0 +1,138 @@

+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: ceph-csi-nfs-ctrlplugin-cr
+  labels:
+    app.kubernetes.io/name: ceph-csi
+    app.kubernetes.io/instance: rook-ceph-operator
+    app.kubernetes.io/managed-by: Helm
+rules:
+- apiGroups:
+  - ''
+  resources:
+  - persistentvolumes
+  verbs:
+  - get
+  - list
+  - watch
+  - create
+  - update
+  - delete
+  - patch
+- apiGroups:
+  - ''
+  resources:
+  - persistentvolumeclaims
+  verbs:
+  - get
+  - list
+  - watch
+  - patch
+  - update
+- apiGroups:
+  - storage.k8s.io
+  resources:
+  - storageclasses
+  verbs:
+  - get
+  - list
+  - watch
+- apiGroups:
+  - ''
+  resources:
+  - events
+  verbs:
+  - get
+  - list
+  - watch
+  - create
+  - update
+  - patch
+- apiGroups:
+  - storage.k8s.io
+  resources:
+  - csinodes
+  verbs:
+  - get
+  - list
+  - watch
+- apiGroups:
+  - ''
+  resources:
+  - nodes
+  verbs:
+  - get
+  - list
+  - watch
+- apiGroups:
+  - coordination.k8s.io
+  resources:
+  - leases
+  verbs:
+  - get
+  - list
+  - watch
+  - create
+  - update
+  - patch
+- apiGroups:
+  - ''
+  resources:
+  - secrets
+  verbs:
+  - get
+- apiGroups:
+  - snapshot.storage.k8s.io
+  resources:
+  - volumesnapshotclasses
+  verbs:
+  - get
+  - list
+  - watch
+- apiGroups:
+  - snapshot.storage.k8s.io
+  resources:
+  - volumesnapshotcontents
+  verbs:
+  - get
+  - list
+  - watch
+  - update
+  - patch
+- apiGroups:
+  - snapshot.storage.k8s.io
+  resources:
+  - volumesnapshotcontents/status
+  verbs:
+  - update
+  - patch
+- apiGroups:
+  - snapshot.storage.k8s.io
+  resources:
+  - volumesnapshots
+  verbs:
+  - get
+  - list
+- apiGroups:
+  - ''
+  resources:
+  - persistentvolumeclaims/status
+  verbs:
+  - patch
+- apiGroups:
+  - storage.k8s.io
+  resources:
+  - volumeattachments
+  verbs:
+  - get
+  - list
+  - watch
+  - patch
+- apiGroups:
+  - storage.k8s.io
+  resources:
+  - volumeattachments/status
+  verbs:
+  - patch
+
--- HelmRelease: rook-ceph/rook-ceph-operator ClusterRole: rook-ceph/ceph-csi-nfs-nodeplugin-cr

+++ HelmRelease: rook-ceph/rook-ceph-operator ClusterRole: rook-ceph/ceph-csi-nfs-nodeplugin-cr

@@ -0,0 +1,17 @@

+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: ceph-csi-nfs-nodeplugin-cr
+  labels:
+    app.kubernetes.io/name: ceph-csi
+    app.kubernetes.io/instance: rook-ceph-operator
+    app.kubernetes.io/managed-by: Helm
+rules:
+- apiGroups:
+  - ''
+  resources:
+  - nodes
+  verbs:
+  - get
+
--- HelmRelease: rook-ceph/rook-ceph-operator ClusterRole: rook-ceph/ceph-csi-operatorconfig-editor-role

+++ HelmRelease: rook-ceph/rook-ceph-operator ClusterRole: rook-ceph/ceph-csi-operatorconfig-editor-role

@@ -0,0 +1,29 @@

+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: ceph-csi-operatorconfig-editor-role
+  labels:
+    app.kubernetes.io/name: ceph-csi
+    app.kubernetes.io/instance: rook-ceph-operator
+    app.kubernetes.io/managed-by: Helm
+rules:
+- apiGroups:
+  - csi.ceph.io
+  resources:
+  - operatorconfigs
+  verbs:
+  - create
+  - delete
+  - get
+  - list
+  - patch
+  - update
+  - watch
+- apiGroups:
+  - csi.ceph.io
+  resources:
+  - operatorconfigs/status
+  verbs:
+  - get
+
--- HelmRelease: rook-ceph/rook-ceph-operator ClusterRole: rook-ceph/ceph-csi-operatorconfig-viewer-role

+++ HelmRelease: rook-ceph/rook-ceph-operator ClusterRole: rook-ceph/ceph-csi-operatorconfig-viewer-role

@@ -0,0 +1,25 @@

+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: ceph-csi-operatorconfig-viewer-role
+  labels:
+    app.kubernetes.io/name: ceph-csi
+    app.kubernetes.io/instance: rook-ceph-operator
+    app.kubernetes.io/managed-by: Helm
+rules:
+- apiGroups:
+  - csi.ceph.io
+  resources:
+  - operatorconfigs
+  verbs:
+  - get
+  - list
+  - watch
+- apiGroups:
+  - csi.ceph.io
+  resources:
+  - operatorconfigs/status
+  verbs:
+  - get
+
--- HelmRelease: rook-ceph/rook-ceph-operator ClusterRole: rook-ceph/ceph-csi-rbd-ctrlplugin-cr

+++ HelmRelease: rook-ceph/rook-ceph-operator ClusterRole: rook-ceph/ceph-csi-rbd-ctrlplugin-cr

@@ -0,0 +1,231 @@

+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: ceph-csi-rbd-ctrlplugin-cr
+  labels:
+    app.kubernetes.io/name: ceph-csi
+    app.kubernetes.io/instance: rook-ceph-operator
+    app.kubernetes.io/managed-by: Helm
+rules:
+- apiGroups:
+  - ''
+  resources:
+  - secrets
+  verbs:
+  - get
+  - list
+  - watch
+- apiGroups:
+  - ''
+  resources:
+  - persistentvolumes
+  verbs:
+  - get
+  - list
+  - watch
+  - create
+  - delete
+  - patch
+  - update
+- apiGroups:
+  - ''
+  resources:
+  - persistentvolumeclaims
+  verbs:
+  - get
+  - list
+  - watch
+  - update
+- apiGroups:
+  - storage.k8s.io
+  resources:
+  - storageclasses
+  verbs:
+  - get
+  - list
+  - watch
+- apiGroups:
+  - ''
+  resources:
+  - events
+  verbs:
+  - list
+  - watch
+  - create
+  - update
+  - patch
+- apiGroups:
+  - storage.k8s.io
+  resources:
+  - volumeattachments
+  verbs:
+  - get
+  - list
+  - watch
+  - patch
+- apiGroups:
+  - storage.k8s.io
+  resources:
+  - volumeattachments/status
+  verbs:
+  - patch
+- apiGroups:
+  - ''
+  resources:
+  - nodes
+  verbs:
+  - get
+  - list
+  - watch
+- apiGroups:
+  - storage.k8s.io
+  resources:
+  - csinodes
+  verbs:
+  - get
+  - list
+  - watch
+- apiGroups:
+  - ''
+  resources:
+  - persistentvolumeclaims/status
+  verbs:
+  - patch
+- apiGroups:
+  - snapshot.storage.k8s.io
+  resources:
+  - volumesnapshots
+  verbs:
+  - get
+  - list
+  - watch
+- apiGroups:
+  - snapshot.storage.k8s.io
+  resources:
+  - volumesnapshotclasses
+  verbs:
+  - get
+  - list
+  - watch
+- apiGroups:
+  - snapshot.storage.k8s.io
+  resources:
+  - volumesnapshotcontents
+  verbs:
+  - get
+  - list
+  - watch
+  - patch
+  - update
+- apiGroups:
+  - snapshot.storage.k8s.io
+  resources:
+  - volumesnapshotcontents/status
+  verbs:
+  - update
+  - patch
+- apiGroups:
+  - ''
+  resources:
+  - configmaps
+  verbs:
+  - get
+- apiGroups:
+  - ''
+  resources:
+  - serviceaccounts
+  verbs:
+  - get
+- apiGroups:
+  - ''
+  resources:
+  - serviceaccounts/token
+  verbs:
+  - create
+- apiGroups:
+  - groupsnapshot.storage.k8s.io
+  resources:
+  - volumegroupsnapshotclasses
+  verbs:
+  - get
+  - list
+  - watch
+- apiGroups:
+  - groupsnapshot.storage.k8s.io
+  resources:
+  - volumegroupsnapshotcontents
+  verbs:
+  - get
+  - list
+  - watch
+  - update
+  - patch
+- apiGroups:
+  - groupsnapshot.storage.k8s.io
+  resources:
+  - volumegroupsnapshotcontents/status
+  verbs:
+  - update
+  - patch
+- apiGroups:
+  - groupsnapshot.storage.openshift.io
+  resources:
+  - volumegroupsnapshotclasses
+  verbs:
+  - get
+  - list
+  - watch
+- apiGroups:
+  - groupsnapshot.storage.openshift.io
+  resources:
+  - volumegroupsnapshotcontents
+  verbs:
+  - get
+  - list
+  - watch
+  - update
+  - patch
+- apiGroups:
+  - groupsnapshot.storage.openshift.io
+  resources:
+  - volumegroupsnapshotcontents/status
+  verbs:
+  - update
+  - patch
+- apiGroups:
+  - replication.storage.openshift.io
+  resources:
+  - volumegroupreplicationcontents
+  verbs:
+  - get
+  - list
+  - watch
+- apiGroups:
+  - replication.storage.openshift.io
+  resources:
+  - volumegroupreplicationclasses
+  verbs:
+  - get
+  - list
+  - watch
+- apiGroups:
+  - authentication.k8s.io
+  resources:
+  - tokenreviews
+  verbs:
+  - create
+- apiGroups:
+  - authorization.k8s.io
+  resources:
+  - subjectaccessreviews
+  verbs:
+  - create
+- apiGroups:
+  - cbt.storage.k8s.io
+  resources:
+  - snapshotmetadataservices
+  verbs:
+  - get
+  - list
+
--- HelmRelease: rook-ceph/rook-ceph-operator ClusterRole: rook-ceph/ceph-csi-rbd-nodeplugin-cr

+++ HelmRelease: rook-ceph/rook-ceph-operator ClusterRole: rook-ceph/ceph-csi-rbd-nodeplugin-cr

@@ -0,0 +1,78 @@

+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: ceph-csi-rbd-nodeplugin-cr
+  labels:
+    app.kubernetes.io/name: ceph-csi
+    app.kubernetes.io/instance: rook-ceph-operator
+    app.kubernetes.io/managed-by: Helm
+rules:
+- apiGroups:
+  - ''
+  resources:
+  - secrets
+  verbs:
+  - get
+  - list
+- apiGroups:
+  - ''
+  resources:
+  - persistentvolumes
+  verbs:
+  - get
+  - list
+- apiGroups:
+  - storage.k8s.io
+  resources:
+  - volumeattachments
+  verbs:
+  - get
+  - list
+- apiGroups:
+  - ''
+  resources:
+  - configmaps
+  verbs:
+  - get
+- apiGroups:
+  - ''
+  resources:
+  - serviceaccounts
+  verbs:
+  - get
+- apiGroups:
+  - ''
+  resources:
+  - serviceaccounts/token
+  verbs:
+  - create
+- apiGroups:
+  - ''
+  resources:
+  - nodes
+  verbs:
+  - get
+- apiGroups:
+  - authentication.k8s.io
+  resources:
+  - tokenreviews
+  verbs:
+  - create
+- apiGroups:
+  - ''
+  resources:
+  - events
+  verbs:
+  - list
+  - watch
+  - create
+  - update
+  - patch
+- apiGroups:
+  - ''
+  resources:
+  - persistentvolumeclaims
+  verbs:
+  - get
+
--- HelmRelease: rook-ceph/rook-ceph-operator ClusterRoleBinding: rook-ceph/ceph-csi-cephfs-ctrlplugin-crb

+++ HelmRelease: rook-ceph/rook-ceph-operator ClusterRoleBinding: rook-ceph/ceph-csi-cephfs-ctrlplugin-crb

@@ -0,0 +1,18 @@

+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: ceph-csi-cephfs-ctrlplugin-crb
+  labels:
+    app.kubernetes.io/name: ceph-csi
+    app.kubernetes.io/instance: rook-ceph-operator
+    app.kubernetes.io/managed-by: Helm
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: ceph-csi-cephfs-ctrlplugin-cr
+subjects:
+- kind: ServiceAccount
+  name: ceph-csi-cephfs-ctrlplugin-sa
+  namespace: rook-ceph
+
--- HelmRelease: rook-ceph/rook-ceph-operator ClusterRoleBinding: rook-ceph/ceph-csi-cephfs-nodeplugin-crb

+++ HelmRelease: rook-ceph/rook-ceph-operator ClusterRoleBinding: rook-ceph/ceph-csi-cephfs-nodeplugin-crb

@@ -0,0 +1,18 @@

+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: ceph-csi-cephfs-nodeplugin-crb
+  labels:
+    app.kubernetes.io/name: ceph-csi
+    app.kubernetes.io/instance: rook-ceph-operator
+    app.kubernetes.io/managed-by: Helm
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: ceph-csi-cephfs-nodeplugin-cr
+subjects:
+- kind: ServiceAccount
+  name: ceph-csi-cephfs-nodeplugin-sa
+  namespace: rook-ceph
+
--- HelmRelease: rook-ceph/rook-ceph-operator ClusterRoleBinding: rook-ceph/ceph-csi-manager-rolebinding

+++ HelmRelease: rook-ceph/rook-ceph-operator ClusterRoleBinding: rook-ceph/ceph-csi-manager-rolebinding

@@ -0,0 +1,18 @@

+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: ceph-csi-manager-rolebinding
+  labels:
+    app.kubernetes.io/name: ceph-csi
+    app.kubernetes.io/instance: rook-ceph-operator
+    app.kubernetes.io/managed-by: Helm
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: ceph-csi-manager-role
+subjects:
+- kind: ServiceAccount
+  name: ceph-csi-controller-manager
+  namespace: rook-ceph
+
--- HelmRelease: rook-ceph/rook-ceph-operator ClusterRoleBinding: rook-ceph/ceph-csi-metrics-auth-rolebinding

+++ HelmRelease: rook-ceph/rook-ceph-operator ClusterRoleBinding: rook-ceph/ceph-csi-metrics-auth-rolebinding

@@ -0,0 +1,18 @@

+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: ceph-csi-metrics-auth-rolebinding
+  labels:
+    app.kubernetes.io/name: ceph-csi
+    app.kubernetes.io/instance: rook-ceph-operator
+    app.kubernetes.io/managed-by: Helm
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: ceph-csi-metrics-auth-role
+subjects:
+- kind: ServiceAccount
+  name: ceph-csi-controller-manager
+  namespace: rook-ceph
+
--- HelmRelease: rook-ceph/rook-ceph-operator ClusterRoleBinding: rook-ceph/ceph-csi-nfs-ctrlplugin-crb

+++ HelmRelease: rook-ceph/rook-ceph-operator ClusterRoleBinding: rook-ceph/ceph-csi-nfs-ctrlplugin-crb

@@ -0,0 +1,18 @@

+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: ceph-csi-nfs-ctrlplugin-crb
+  labels:
+    app.kubernetes.io/name: ceph-csi
+    app.kubernetes.io/instance: rook-ceph-operator
+    app.kubernetes.io/managed-by: Helm
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: ceph-csi-nfs-ctrlplugin-cr
+subjects:
+- kind: ServiceAccount
+  name: ceph-csi-nfs-ctrlplugin-sa
+  namespace: rook-ceph
+
--- HelmRelease: rook-ceph/rook-ceph-operator ClusterRoleBinding: rook-ceph/ceph-csi-nfs-nodeplugin-crb

+++ HelmRelease: rook-ceph/rook-ceph-operator ClusterRoleBinding: rook-ceph/ceph-csi-nfs-nodeplugin-crb

@@ -0,0 +1,18 @@

+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: ceph-csi-nfs-nodeplugin-crb
+  labels:
+    app.kubernetes.io/name: ceph-csi
+    app.kubernetes.io/instance: rook-ceph-operator
+    app.kubernetes.io/managed-by: Helm
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: ceph-csi-nfs-nodeplugin-cr
+subjects:
+- kind: ServiceAccount
+  name: ceph-csi-nfs-nodeplugin-sa
+  namespace: rook-ceph
+
--- HelmRelease: rook-ceph/rook-ceph-operator ClusterRoleBinding: rook-ceph/ceph-csi-rbd-ctrlplugin-crb

+++ HelmRelease: rook-ceph/rook-ceph-operator ClusterRoleBinding: rook-ceph/ceph-csi-rbd-ctrlplugin-crb

@@ -0,0 +1,18 @@

+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: ceph-csi-rbd-ctrlplugin-crb
+  labels:
+    app.kubernetes.io/name: ceph-csi
+    app.kubernetes.io/instance: rook-ceph-operator
+    app.kubernetes.io/managed-by: Helm
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: ceph-csi-rbd-ctrlplugin-cr
+subjects:
+- kind: ServiceAccount
+  name: ceph-csi-rbd-ctrlplugin-sa
+  namespace: rook-ceph
+
--- HelmRelease: rook-ceph/rook-ceph-operator ClusterRoleBinding: rook-ceph/ceph-csi-rbd-nodeplugin-crb

+++ HelmRelease: rook-ceph/rook-ceph-operator ClusterRoleBinding: rook-ceph/ceph-csi-rbd-nodeplugin-crb

@@ -0,0 +1,18 @@

+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: ceph-csi-rbd-nodeplugin-crb
+  labels:
+    app.kubernetes.io/name: ceph-csi
+    app.kubernetes.io/instance: rook-ceph-operator
+    app.kubernetes.io/managed-by: Helm
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: ceph-csi-rbd-nodeplugin-cr
+subjects:
+- kind: ServiceAccount
+  name: ceph-csi-rbd-nodeplugin-sa
+  namespace: rook-ceph
+
--- HelmRelease: rook-ceph/rook-ceph-operator Role: rook-ceph/ceph-csi-cephfs-ctrlplugin-r

+++ HelmRelease: rook-ceph/rook-ceph-operator Role: rook-ceph/ceph-csi-cephfs-ctrlplugin-r

@@ -0,0 +1,52 @@

+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+  name: ceph-csi-cephfs-ctrlplugin-r
+  labels:
+    app.kubernetes.io/name: ceph-csi
+    app.kubernetes.io/instance: rook-ceph-operator
+    app.kubernetes.io/managed-by: Helm
+rules:
+- apiGroups:
+  - coordination.k8s.io
+  resources:
+  - leases
+  verbs:
+  - get
+  - watch
+  - list
+  - delete
+  - update
+  - create
+- apiGroups:
+  - csiaddons.openshift.io
+  resources:
+  - csiaddonsnodes
+  verbs:
+  - get
+  - watch
+  - list
+  - create
+  - update
+  - delete
+- apiGroups:
+  - ''
+  resources:
+  - pods
+  verbs:
+  - get
+- apiGroups:
+  - apps
+  resources:
+  - replicasets
+  verbs:
+  - get
+- apiGroups:
+  - apps
+  resources:
+  - deployments/finalizers
+  - daemonsets/finalizers
+  verbs:
+  - update
+
--- HelmRelease: rook-ceph/rook-ceph-operator Role: rook-ceph/ceph-csi-cephfs-nodeplugin-r

+++ HelmRelease: rook-ceph/rook-ceph-operator Role: rook-ceph/ceph-csi-cephfs-nodeplugin-r

@@ -0,0 +1,41 @@

+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+  name: ceph-csi-cephfs-nodeplugin-r
+  labels:
+    app.kubernetes.io/name: ceph-csi
+    app.kubernetes.io/instance: rook-ceph-operator
+    app.kubernetes.io/managed-by: Helm
+rules:
+- apiGroups:
+  - csiaddons.openshift.io
+  resources:
+  - csiaddonsnodes
+  verbs:
+  - get
+  - watch
+  - list
+  - create
+  - update
+  - delete
+- apiGroups:
+  - ''
+  resources:
+  - pods
+  verbs:
+  - get
+- apiGroups:
+  - apps
+  resources:
+  - replicasets
+  verbs:
+  - get
+- apiGroups:
+  - apps
+  resources:
+  - deployments/finalizers
+  - daemonsets/finalizers
+  verbs:
+  - update
+
--- HelmRelease: rook-ceph/rook-ceph-operator Role: rook-ceph/ceph-csi-leader-election-role

+++ HelmRelease: rook-ceph/rook-ceph-operator Role: rook-ceph/ceph-csi-leader-election-role

@@ -0,0 +1,42 @@

+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+  name: ceph-csi-leader-election-role
+  labels:
+    app.kubernetes.io/name: ceph-csi
+    app.kubernetes.io/instance: rook-ceph-operator
+    app.kubernetes.io/managed-by: Helm
+rules:
+- apiGroups:
+  - ''
+  resources:
+  - configmaps
+  verbs:
+  - get
+  - list
+  - watch
+  - create
+  - update
+  - patch
+  - delete
+- apiGroups:
+  - coordination.k8s.io
+  resources:
+  - leases
+  verbs:
+  - get
+  - list
+  - watch
+  - create
+  - update
+  - patch
+  - delete
+- apiGroups:
+  - ''
+  resources:
+  - events
+  verbs:
+  - create
+  - patch
+
--- HelmRelease: rook-ceph/rook-ceph-operator Role: rook-ceph/ceph-csi-rbd-ctrlplugin-r

+++ HelmRelease: rook-ceph/rook-ceph-operator Role: rook-ceph/ceph-csi-rbd-ctrlplugin-r

@@ -0,0 +1,52 @@

+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+  name: ceph-csi-rbd-ctrlplugin-r
+  labels:
+    app.kubernetes.io/name: ceph-csi
+    app.kubernetes.io/instance: rook-ceph-operator
+    app.kubernetes.io/managed-by: Helm
+rules:
+- apiGroups:
+  - coordination.k8s.io
+  resources:
+  - leases
+  verbs:
+  - get
+  - watch
+  - list
+  - delete
+  - update
+  - create
+- apiGroups:
+  - csiaddons.openshift.io
+  resources:
+  - csiaddonsnodes
+  verbs:
+  - get
+  - watch
+  - list
+  - create
+  - update
+  - delete
+- apiGroups:
+  - ''
+  resources:
+  - pods
+  verbs:
+  - get
+- apiGroups:
+  - apps
+  resources:
+  - replicasets
+  verbs:
+  - get
+- apiGroups:
+  - apps
+  resources:
+  - deployments/finalizers
+  - daemonsets/finalizers
+  verbs:
+  - update
+
--- HelmRelease: rook-ceph/rook-ceph-operator Role: rook-ceph/ceph-csi-rbd-nodeplugin-r

+++ HelmRelease: rook-ceph/rook-ceph-operator Role: rook-ceph/ceph-csi-rbd-nodeplugin-r

@@ -0,0 +1,41 @@

+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+  name: ceph-csi-rbd-nodeplugin-r
+  labels:
+    app.kubernetes.io/name: ceph-csi
+    app.kubernetes.io/instance: rook-ceph-operator
+    app.kubernetes.io/managed-by: Helm
+rules:
+- apiGroups:
+  - csiaddons.openshift.io
+  resources:
+  - csiaddonsnodes
+  verbs:
+  - get
+  - watch
+  - list
+  - create
+  - update
+  - delete
+- apiGroups:
+  - ''
+  resources:
+  - pods
+  verbs:
+  - get
+- apiGroups:
+  - apps
+  resources:
+  - replicasets
+  verbs:
+  - get
+- apiGroups:
+  - apps
+  resources:
+  - deployments/finalizers
+  - daemonsets/finalizers
+  verbs:
+  - update
+
--- HelmRelease: rook-ceph/rook-ceph-operator RoleBinding: rook-ceph/ceph-csi-cephfs-ctrlplugin-rb

+++ HelmRelease: rook-ceph/rook-ceph-operator RoleBinding: rook-ceph/ceph-csi-cephfs-ctrlplugin-rb

@@ -0,0 +1,18 @@

+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+  name: ceph-csi-cephfs-ctrlplugin-rb
+  labels:
+    app.kubernetes.io/name: ceph-csi
+    app.kubernetes.io/instance: rook-ceph-operator
+    app.kubernetes.io/managed-by: Helm
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: Role
+  name: ceph-csi-cephfs-ctrlplugin-r
+subjects:
+- kind: ServiceAccount
+  name: ceph-csi-cephfs-ctrlplugin-sa
+  namespace: rook-ceph
+
--- HelmRelease: rook-ceph/rook-ceph-operator RoleBinding: rook-ceph/ceph-csi-cephfs-nodeplugin-rb

+++ HelmRelease: rook-ceph/rook-ceph-operator RoleBinding: rook-ceph/ceph-csi-cephfs-nodeplugin-rb

@@ -0,0 +1,18 @@

+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+  name: ceph-csi-cephfs-nodeplugin-rb
+  labels:
+    app.kubernetes.io/name: ceph-csi
+    app.kubernetes.io/instance: rook-ceph-operator
+    app.kubernetes.io/managed-by: Helm
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: Role
+  name: ceph-csi-cephfs-nodeplugin-r
+subjects:
+- kind: ServiceAccount
+  name: ceph-csi-cephfs-nodeplugin-sa
+  namespace: rook-ceph
+
--- HelmRelease: rook-ceph/rook-ceph-operator RoleBinding: rook-ceph/ceph-csi-leader-election-rolebinding

+++ HelmRelease: rook-ceph/rook-ceph-operator RoleBinding: rook-ceph/ceph-csi-leader-election-rolebinding

@@ -0,0 +1,18 @@

+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+  name: ceph-csi-leader-election-rolebinding
+  labels:
+    app.kubernetes.io/name: ceph-csi
+    app.kubernetes.io/instance: rook-ceph-operator
+    app.kubernetes.io/managed-by: Helm
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: Role
+  name: ceph-csi-leader-election-role
+subjects:
+- kind: ServiceAccount
+  name: ceph-csi-controller-manager
+  namespace: rook-ceph
+
--- HelmRelease: rook-ceph/rook-ceph-operator RoleBinding: rook-ceph/ceph-csi-rbd-ctrlplugin-rb

+++ HelmRelease: rook-ceph/rook-ceph-operator RoleBinding: rook-ceph/ceph-csi-rbd-ctrlplugin-rb

@@ -0,0 +1,18 @@

+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+  name: ceph-csi-rbd-ctrlplugin-rb
+  labels:
+    app.kubernetes.io/name: ceph-csi
+    app.kubernetes.io/instance: rook-ceph-operator
+    app.kubernetes.io/managed-by: Helm
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: Role
+  name: ceph-csi-rbd-ctrlplugin-r
+subjects:
+- kind: ServiceAccount
+  name: ceph-csi-rbd-ctrlplugin-sa
+  namespace: rook-ceph
+
--- HelmRelease: rook-ceph/rook-ceph-operator RoleBinding: rook-ceph/ceph-csi-rbd-nodeplugin-rb

+++ HelmRelease: rook-ceph/rook-ceph-operator RoleBinding: rook-ceph/ceph-csi-rbd-nodeplugin-rb

@@ -0,0 +1,18 @@

+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+  name: ceph-csi-rbd-nodeplugin-rb
+  labels:
+    app.kubernetes.io/name: ceph-csi
+    app.kubernetes.io/instance: rook-ceph-operator
+    app.kubernetes.io/managed-by: Helm
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: Role
+  name: ceph-csi-rbd-nodeplugin-r
+subjects:
+- kind: ServiceAccount
+  name: ceph-csi-rbd-nodeplugin-sa
+  namespace: rook-ceph
+
--- HelmRelease: rook-ceph/rook-ceph-operator Deployment: rook-ceph/ceph-csi-controller-manager

+++ HelmRelease: rook-ceph/rook-ceph-operator Deployment: rook-ceph/ceph-csi-controller-manager

@@ -0,0 +1,75 @@

+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: ceph-csi-controller-manager
+  labels:
+    control-plane: controller-manager
+    app.kubernetes.io/name: ceph-csi
+    app.kubernetes.io/instance: rook-ceph-operator
+    app.kubernetes.io/managed-by: Helm
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      control-plane: ceph-csi-op-controller-manager
+      app.kubernetes.io/name: ceph-csi
+      app.kubernetes.io/instance: rook-ceph-operator
+  template:
+    metadata:
+      labels:
+        control-plane: ceph-csi-op-controller-manager
+        app.kubernetes.io/name: ceph-csi
+        app.kubernetes.io/instance: rook-ceph-operator
+      annotations:
+        kubectl.kubernetes.io/default-container: manager
+    spec:
+      containers:
+      - args:
+        - --leader-elect
+        command:
+        - /manager
+        env:
+        - name: OPERATOR_NAMESPACE
+          valueFrom:
+            fieldRef:
+              fieldPath: metadata.namespace
+        - name: CSI_SERVICE_ACCOUNT_PREFIX
+          value: ceph-csi-
+        - name: WATCH_NAMESPACE
+          value: ''
+        - name: KUBERNETES_CLUSTER_DOMAIN
+          value: cluster.local
+        image: quay.io/cephcsi/ceph-csi-operator:v0.4.1
+        livenessProbe:
+          httpGet:
+            path: /healthz
+            port: 8081
+          initialDelaySeconds: 15
+          periodSeconds: 20
+        name: manager
+        readinessProbe:
+          httpGet:
+            path: /readyz
+            port: 8081
+          initialDelaySeconds: 5
+          periodSeconds: 10
+        resources:
+          limits:
+            cpu: 500m
+            memory: 128Mi
+          requests:
+            cpu: 10m
+            memory: 64Mi
+        securityContext:
+          allowPrivilegeEscalation: false
+          capabilities:
+            drop:
+            - ALL
+          readOnlyRootFilesystem: true
+      imagePullSecrets: []
+      securityContext:
+        runAsNonRoot: true
+      serviceAccountName: ceph-csi-controller-manager
+      terminationGracePeriodSeconds: 10
+

flowbie-bot bot added renovate/helm type/minor labels Apr 19, 2025

github-actions bot added the area/kubernetes label Apr 19, 2025

renovate bot force-pushed the renovate/rook-ceph-1.x branch from aa5ffc1 to 6938aca Compare April 19, 2025 00:28

renovate bot force-pushed the renovate/rook-ceph-1.x branch from 6938aca to 95e758b Compare April 26, 2025 00:30

renovate bot force-pushed the renovate/rook-ceph-1.x branch from 95e758b to db48ea6 Compare May 10, 2025 00:29

renovate bot force-pushed the renovate/rook-ceph-1.x branch from db48ea6 to 3e52012 Compare May 31, 2025 00:31

renovate bot force-pushed the renovate/rook-ceph-1.x branch from 3e52012 to 3340412 Compare June 7, 2025 00:31

renovate bot force-pushed the renovate/rook-ceph-1.x branch from 3340412 to 8105a18 Compare June 21, 2025 00:33

renovate bot force-pushed the renovate/rook-ceph-1.x branch from 8105a18 to 3f549ac Compare July 12, 2025 00:33

renovate bot force-pushed the renovate/rook-ceph-1.x branch from 3f549ac to b56bc10 Compare August 2, 2025 00:33

renovate bot force-pushed the renovate/rook-ceph-1.x branch 2 times, most recently from 0f4804a to 702116d Compare August 30, 2025 00:28

renovate bot force-pushed the renovate/rook-ceph-1.x branch from 702116d to 5b13bd5 Compare September 13, 2025 15:59

renovate bot force-pushed the renovate/rook-ceph-1.x branch 2 times, most recently from 285cf7d to f2b9817 Compare October 11, 2025 00:29

renovate bot force-pushed the renovate/rook-ceph-1.x branch from f2b9817 to fe56d99 Compare October 25, 2025 00:31

renovate bot force-pushed the renovate/rook-ceph-1.x branch from fe56d99 to 2848c43 Compare November 1, 2025 01:13

renovate bot force-pushed the renovate/rook-ceph-1.x branch from 2848c43 to d9ac331 Compare November 15, 2025 00:33

renovate bot force-pushed the renovate/rook-ceph-1.x branch from d9ac331 to ef4c3a5 Compare December 6, 2025 02:54

renovate bot force-pushed the renovate/rook-ceph-1.x branch from ef4c3a5 to b699196 Compare January 17, 2026 00:34

feat(helm): update rook-ceph ( v1.16.2 → v1.19.0 )

d6f23a1

renovate bot force-pushed the renovate/rook-ceph-1.x branch from b699196 to d6f23a1 Compare January 24, 2026 00:35

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

feat(helm): update rook-ceph ( v1.16.2 → v1.17.0 ) #738

feat(helm): update rook-ceph ( v1.16.2 → v1.17.0 ) #738

Uh oh!

flowbie-bot bot commented Apr 19, 2025

Uh oh!

github-actions bot commented Apr 19, 2025 •

edited

Loading

Uh oh!

github-actions bot commented Apr 19, 2025 •

edited

Loading

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

feat(helm): update rook-ceph ( v1.16.2 → v1.17.0 ) #738

Are you sure you want to change the base?

feat(helm): update rook-ceph ( v1.16.2 → v1.17.0 ) #738

Uh oh!

Conversation

flowbie-bot bot commented Apr 19, 2025

Release Notes

v1.17.0

Upgrade Guide

Breaking Changes

Features

v1.16.7

Improvements

v1.16.6

Improvements

v1.16.5

Improvements

v1.16.4

Improvements

v1.16.3

Improvements

Configuration

Uh oh!

github-actions bot commented Apr 19, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

github-actions bot commented Apr 19, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

`v1.17.0`

`v1.16.7`

`v1.16.6`

`v1.16.5`

`v1.16.4`

`v1.16.3`

github-actions bot commented Apr 19, 2025 •

edited

Loading

github-actions bot commented Apr 19, 2025 •

edited

Loading