From fd96b245f20674223be160fcc70ad9f231a9d616 Mon Sep 17 00:00:00 2001 From: Matthias Klein Date: Mon, 26 Feb 2024 10:51:49 +0100 Subject: [PATCH] feat: Added value to suppress creation of ClusterRole and ClusterRoleBindung. If the value is not set, cluster roles will be created as before --- charts/eks/templates/_helpers.tpl | 2 +- charts/eks/values.yaml | 4 ++++ charts/k0s/templates/_helpers.tpl | 2 +- charts/k0s/values.yaml | 4 ++++ charts/k3s/templates/_helpers.tpl | 2 +- charts/k3s/values.yaml | 4 ++++ charts/k8s/templates/_helpers.tpl | 2 +- charts/k8s/values.yaml | 4 ++++ 8 files changed, 20 insertions(+), 4 deletions(-) diff --git a/charts/eks/templates/_helpers.tpl b/charts/eks/templates/_helpers.tpl index 50f08d6f93..fa306fa1d2 100644 --- a/charts/eks/templates/_helpers.tpl +++ b/charts/eks/templates/_helpers.tpl @@ -55,7 +55,7 @@ Whether to create a cluster role or not .Values.proxy.metricsServer.nodes.enabled .Values.multiNamespaceMode.enabled .Values.coredns.plugin.enabled -}} -{{- true -}} +{{- .Values.suppressClusterRoleCreation | ternary "" "true" -}} {{- end -}} {{- end -}} diff --git a/charts/eks/values.yaml b/charts/eks/values.yaml index f883075108..8b5192d5d7 100644 --- a/charts/eks/values.yaml +++ b/charts/eks/values.yaml @@ -333,6 +333,10 @@ serviceAccount: # imagePullSecrets: # - name: my-pull-secret +# Prevent Creation of ClusterRole and ClusterRoleBinding by setting this to true. If +# not set or false, a ClusterRole and ClsterRoleBinding will be created if needed +suppressClusterRoleCreation: false + # Service account that should be used by the pods synced by vcluster workloadServiceAccount: # This is not supported in multi-namespace mode diff --git a/charts/k0s/templates/_helpers.tpl b/charts/k0s/templates/_helpers.tpl index 50f08d6f93..fa306fa1d2 100644 --- a/charts/k0s/templates/_helpers.tpl +++ b/charts/k0s/templates/_helpers.tpl @@ -55,7 +55,7 @@ Whether to create a cluster role or not .Values.proxy.metricsServer.nodes.enabled .Values.multiNamespaceMode.enabled .Values.coredns.plugin.enabled -}} -{{- true -}} +{{- .Values.suppressClusterRoleCreation | ternary "" "true" -}} {{- end -}} {{- end -}} diff --git a/charts/k0s/values.yaml b/charts/k0s/values.yaml index 04f4ae4f93..df8b6b327b 100644 --- a/charts/k0s/values.yaml +++ b/charts/k0s/values.yaml @@ -215,6 +215,10 @@ serviceAccount: # imagePullSecrets: # - name: my-pull-secret +# Prevent Creation of ClusterRole and ClusterRoleBinding by setting this to true. If +# not set or false, a ClusterRole and ClusterRoleBinding will be created if needed +suppressClusterRoleCreation: false + # Service account that should be used by the pods synced by vcluster workloadServiceAccount: # This is not supported in multi-namespace mode diff --git a/charts/k3s/templates/_helpers.tpl b/charts/k3s/templates/_helpers.tpl index 50f08d6f93..fa306fa1d2 100644 --- a/charts/k3s/templates/_helpers.tpl +++ b/charts/k3s/templates/_helpers.tpl @@ -55,7 +55,7 @@ Whether to create a cluster role or not .Values.proxy.metricsServer.nodes.enabled .Values.multiNamespaceMode.enabled .Values.coredns.plugin.enabled -}} -{{- true -}} +{{- .Values.suppressClusterRoleCreation | ternary "" "true" -}} {{- end -}} {{- end -}} diff --git a/charts/k3s/values.yaml b/charts/k3s/values.yaml index 70bdbf2b5d..2cb3b2d4a0 100644 --- a/charts/k3s/values.yaml +++ b/charts/k3s/values.yaml @@ -235,6 +235,10 @@ serviceAccount: # imagePullSecrets: # - name: my-pull-secret +# Prevent Creation of ClusterRole and ClusterRoleBinding by setting this to true. If +# not set or false, a ClusterRole and ClusterRoleBinding will be created if needed +suppressClusterRoleCreation: false + # Service account that should be used by the pods synced by vcluster workloadServiceAccount: # This is not supported in multi-namespace mode diff --git a/charts/k8s/templates/_helpers.tpl b/charts/k8s/templates/_helpers.tpl index 50f08d6f93..fa306fa1d2 100644 --- a/charts/k8s/templates/_helpers.tpl +++ b/charts/k8s/templates/_helpers.tpl @@ -55,7 +55,7 @@ Whether to create a cluster role or not .Values.proxy.metricsServer.nodes.enabled .Values.multiNamespaceMode.enabled .Values.coredns.plugin.enabled -}} -{{- true -}} +{{- .Values.suppressClusterRoleCreation | ternary "" "true" -}} {{- end -}} {{- end -}} diff --git a/charts/k8s/values.yaml b/charts/k8s/values.yaml index 1e9c15547f..01411a439e 100644 --- a/charts/k8s/values.yaml +++ b/charts/k8s/values.yaml @@ -271,6 +271,10 @@ serviceAccount: # imagePullSecrets: # - name: my-pull-secret +# Prevent Creation of ClusterRole and ClusterRoleBinding by setting this to true. If +# not set or false, a ClusterRole and ClsterRoleBinding will be created if needed +suppressClusterRoleCreation: false + # Service account that should be used by the pods synced by vcluster workloadServiceAccount: # This is not supported in multi-namespace mode