Skip to content

Commit

Permalink
Merge pull request #437 from fidelity-contributions/feat/capecpi-2422…
Browse files Browse the repository at this point in the history 
…-expose-admin-cr

November Maintenence, expose admin clusterrole
  • Loading branch information
@padraigmc
padraigmc authored Dec 12, 2024
2 parents c20c696 + 74f9427 commit 5f2bcc5
Show file tree
Hide file tree
Showing 7 changed files with 41 additions and 11 deletions.
2 changes: 1 addition & 1 deletion VERSION
View file
Original file line number Diff line number Diff line change
@@ -1 +1 @@
v0.3.44
v0.3.45
4 changes: 2 additions & 2 deletions chart/Chart.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,5 +2,5 @@ apiVersion: v2
description: A Helm chart for kraan controller
name: kraan-controller
type: application
appVersion: v0.3.44
version: v0.3.44
appVersion: v0.3.45
version: v0.3.45
11 changes: 10 additions & 1 deletion chart/templates/gotk/rbac.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -153,8 +153,17 @@ metadata:
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cluster-admin
name: {{ .Values.gotk.rbac.adminClusterRole.name }}
subjects:
- kind: ServiceAccount
name: fluxcd
namespace: "{{ .Release.Namespace }}"
{{ if .Values.gotk.rbac.adminClusterRole.rules }}
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: {{ .Values.gotk.rbac.adminClusterRole.name }}
rules:
{{ .Values.gotk.rbac.adminClusterRole.rules | toYaml }}
{{- end }}
11 changes: 10 additions & 1 deletion chart/templates/kraan/rbac.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -156,9 +156,18 @@ metadata:
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cluster-admin
name: {{ .Values.kraan.rbac.adminClusterRole.name }}
subjects:
- kind: ServiceAccount
name: kraan
namespace: {{.Release.Namespace}}
{{ if .Values.kraan.rbac.adminClusterRole.rules }}
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: {{ .Values.kraan.rbac.adminClusterRole.name }}
rules:
{{ .Values.kraan.rbac.adminClusterRole.rules | toYaml }}
{{- end }}
{{- end }}
12 changes: 12 additions & 0 deletions chart/values.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,12 @@ kraan:
enabled: true
rbac:
enabled: true
adminClusterRole:
# admin ClusterRole to be used by the controller, default is cluster-admin
name: "cluster-admin"
# specify rules to create a ClusterRole
# https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#policyrule-v1-rbac-authorization-k8s-io
rules: []
netpolicy:
enabled: true
kraanController:
Expand Down Expand Up @@ -81,6 +87,12 @@ kraan:
gotk:
rbac:
enabled: true
adminClusterRole:
# admin ClusterRole to be used by the controller, default is cluster-admin
name: "cluster-admin"
# specify rules to create a ClusterRole
# https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#policyrule-v1-rbac-authorization-k8s-io
rules: []
netpolicy:
enabled: true

Expand Down
4 changes: 2 additions & 2 deletions go.mod
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,9 +14,9 @@ require (
github.com/google/go-cmp v0.6.0
github.com/paulcarlton-ww/goutils/pkg/testutils v0.1.42
github.com/pkg/errors v0.9.1
github.com/prometheus/client_golang v1.20.4
github.com/prometheus/client_golang v1.20.5
go.uber.org/zap v1.27.0
golang.org/x/mod v0.21.0
golang.org/x/mod v0.22.0
k8s.io/api v0.31.1
k8s.io/apiextensions-apiserver v0.31.1
k8s.io/apimachinery v0.31.1
Expand Down
8 changes: 4 additions & 4 deletions go.sum
View file
Original file line number Diff line number Diff line change
Expand Up @@ -180,8 +180,8 @@ github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINE
github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 h1:Jamvg5psRIccs7FGNTlIRMkT8wgtp5eCXdBlqhYGL6U=
github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
github.com/prometheus/client_golang v1.20.4 h1:Tgh3Yr67PaOv/uTqloMsCEdeuFTatm5zIq5+qNN23vI=
github.com/prometheus/client_golang v1.20.4/go.mod h1:PIEt8X02hGcP8JWbeHyeZ53Y/jReSnHgO035n//V5WE=
github.com/prometheus/client_golang v1.20.5 h1:cxppBPuYhUnsO6yo/aoRol4L7q7UFfdm+bR9r+8l63Y=
github.com/prometheus/client_golang v1.20.5/go.mod h1:PIEt8X02hGcP8JWbeHyeZ53Y/jReSnHgO035n//V5WE=
github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA=
github.com/prometheus/client_model v0.6.1 h1:ZKSh/rekM+n3CeS952MLRAdFwIKqeY8b62p8ais2e9E=
github.com/prometheus/client_model v0.6.1/go.mod h1:OrxVMOVHjw3lKMa8+x6HeMGkHMQyHDk9E3jmP2AmGiY=
Expand Down Expand Up @@ -229,8 +229,8 @@ golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHl
golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
golang.org/x/mod v0.21.0 h1:vvrHzRwRfVKSiLrG+d4FMl/Qi4ukBCE6kZlTUkDYRT0=
golang.org/x/mod v0.21.0/go.mod h1:6SkKJ3Xj0I0BrPOZoBy3bdMptDDU9oJrpohJ3eWZ1fY=
golang.org/x/mod v0.22.0 h1:D4nJWe9zXqHOmWqj4VMOJhvzj7bEZg4wEYa759z1pH4=
golang.org/x/mod v0.22.0/go.mod h1:6SkKJ3Xj0I0BrPOZoBy3bdMptDDU9oJrpohJ3eWZ1fY=
golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
Expand Down

0 comments on commit 5f2bcc5

Please sign in to comment.