Skip to content

Commit

Permalink
added boilerplate for the change in values
Browse files Browse the repository at this point in the history
  • Loading branch information
@Maven35
Maven35 committed May 18, 2024
1 parent 67e796b commit 846dea6
Show file tree
Hide file tree
Showing 5 changed files with 21 additions and 5 deletions.
12 changes: 12 additions & 0 deletions charts/kube-state-metrics/templates/_helpers.tpl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -35,6 +35,18 @@ Create the name of the service account to use
{{- end -}}
{{- end -}}

{{/*
Create a fully qualified ClusterRole name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
*/}}
{{- define "kube-state-metrics.clusterRoleName" -}}
{{- if .Values.rbac.clusterRoleNameOverride -}}
{{ .Values.rbac.clusterRoleNameOverride | trunc 63 | trimSuffix "-" }}
{{- else -}}
{{ include "kube-state-metrics.fullname" . }}
{{- end -}}
{{- end -}}

{{/*
Allow the release namespace to be overridden for multi-namespace deployments in combined charts
*/}}
Expand Down
4 changes: 2 additions & 2 deletions charts/kube-state-metrics/templates/clusterrolebinding.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,14 +4,14 @@ kind: ClusterRoleBinding
metadata:
labels:
{{- include "kube-state-metrics.labels" . | indent 4 }}
name: {{ template "kube-state-metrics.fullname" . }}
name: {{ include "kube-state-metrics.clusterRoleName" . }}
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
{{- if .Values.rbac.useExistingRole }}
name: {{ .Values.rbac.useExistingRole }}
{{- else }}
name: {{ template "kube-state-metrics.fullname" . }}
name: {{ include "kube-state-metrics.clusterRoleName" . }}
{{- end }}
subjects:
- kind: ServiceAccount
Expand Down
2 changes: 1 addition & 1 deletion charts/kube-state-metrics/templates/psp-clusterrole.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ kind: ClusterRole
metadata:
labels:
{{- include "kube-state-metrics.labels" . | indent 4 }}
name: psp-{{ template "kube-state-metrics.fullname" . }}
name: psp-{{ include "kube-state-metrics.clusterRoleName" . }}
rules:
{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
{{- if semverCompare "> 1.15.0-0" $kubeTargetVersion }}
Expand Down
4 changes: 2 additions & 2 deletions charts/kube-state-metrics/templates/psp-clusterrolebinding.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,11 +4,11 @@ kind: ClusterRoleBinding
metadata:
labels:
{{- include "kube-state-metrics.labels" . | indent 4 }}
name: psp-{{ template "kube-state-metrics.fullname" . }}
name: psp-{{ include "kube-state-metrics.clusterRoleName" . }}
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: psp-{{ template "kube-state-metrics.fullname" . }}
name: psp-{{ include "kube-state-metrics.clusterRoleName" . }}
subjects:
- kind: ServiceAccount
name: {{ template "kube-state-metrics.serviceAccountName" . }}
Expand Down
4 changes: 4 additions & 0 deletions charts/kube-state-metrics/values.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -89,6 +89,10 @@ rbac:
# If set to false - Run without Cluteradmin privs needed - ONLY works if namespace is also set (if useExistingRole is set this name is used as ClusterRole or Role to bind to)
useClusterRole: true

## If set it will override prometheus.server.fullname value for ClusterRole and ClusterRoleBinding
##
clusterRoleNameOverride: ""

# Add permissions for CustomResources' apiGroups in Role/ClusterRole. Should be used in conjunction with Custom Resource State Metrics configuration
# Example:
# - apiGroups: ["monitoring.coreos.com"]
Expand Down

0 comments on commit 846dea6

Please sign in to comment.