Role created when .Values.rbac.create == false
stgrace opened this issue · comments
Stef Graces commented
A clear and concise description of what the bug is.
Expected Behavior
Expected roles not to be created when setting rbac.create to false
Actual Behavior
Roles are created.
Steps to Reproduce the Problem
- helm install --set rbac.create=false keda kedacore/keda --namespace keda --create-namespace
See https://github.com/kedacore/charts/blob/main/keda/templates/manager/role.yaml
{{- if or (and .Values.certificates.autoGenerated (not .Values.certificates.certManager.enabled)) (.Values.permissions.operator.restrict.secret) }}
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
{{- with .Values.additionalAnnotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
labels:
app.kubernetes.io/name: {{ .Values.operator.name }}
{{- include "keda.labels" . | indent 4 }}
name: {{ .Values.operator.name }}
namespace: {{ .Release.Namespace }}
rules:
- apiGroups:
- ""
resources:
- secrets
verbs:
{{- if and .Values.certificates.autoGenerated (not .Values.certificates.certManager.enabled) }}
- create
- delete
- patch
- update
{{- end }}
- watch
- get
- list
{{- end -}}
Willing to create a PR for this
Tom Kerkhove commented
@JorTurFer It looks like related to cert manager; any thoughts on why this is not respected?
Oversight or just to make sure they are always there?
Jorge Turrado Ferrero commented
We shouldn't add the role if rbac.create = false
Jorge Turrado Ferrero commented
let me open a PR quickly to fix it for incoming release, give me a sec