Create Values.frontend.createRoleBinding to allow it to be disabled

marcleblanc2 · marcleblanc2 · commit 737bd1053dda · 2025-06-26T16:05:55.000-06:00
diff --git a/charts/sourcegraph/templates/frontend/sourcegraph-frontend.RoleBinding.yaml b/charts/sourcegraph/templates/frontend/sourcegraph-frontend.RoleBinding.yaml
@@ -1,3 +1,4 @@
+{{- if .Values.frontend.createRoleBinding }}
 apiVersion: rbac.authorization.k8s.io/v1
 kind: RoleBinding
 metadata:
@@ -21,3 +22,4 @@ subjects:
 - kind: ServiceAccount
   name: {{ include "sourcegraph.serviceAccountName" (list . "frontend") }}
   namespace: {{ .Release.Namespace }}
+{{- end }}
diff --git a/charts/sourcegraph/values.yaml b/charts/sourcegraph/values.yaml
@@ -326,6 +326,8 @@ frontend:
     runAsUser: 100
     runAsGroup: 101
     readOnlyRootFilesystem: true
+  # -- Disable the roleBinding resource for deployment environments blocking RBAC, ex. OpenShift's default "secure" SCC
+  createRoleBinding: true
   # -- Security context for the `frontend` pod,
   # learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod)
   podSecurityContext: {}
