Role created when .Values.rbac.create == false
stgrace opened this issue · comments
A clear and concise description of what the bug is.
Expected Behavior
Expected roles not to be created when setting rbac.create to false
Actual Behavior
Roles are created.
Steps to Reproduce the Problem
- helm install --set rbac.create=false keda kedacore/keda --namespace keda --create-namespace
See https://github.com/kedacore/charts/blob/main/keda/templates/manager/role.yaml
{{- if or (and .Values.certificates.autoGenerated (not .Values.certificates.certManager.enabled)) (.Values.permissions.operator.restrict.secret) }}
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
{{- with .Values.additionalAnnotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
labels:
app.kubernetes.io/name: {{ .Values.operator.name }}
{{- include "keda.labels" . | indent 4 }}
name: {{ .Values.operator.name }}
namespace: {{ .Release.Namespace }}
rules:
- apiGroups:
- ""
resources:
- secrets
verbs:
{{- if and .Values.certificates.autoGenerated (not .Values.certificates.certManager.enabled) }}
- create
- delete
- patch
- update
{{- end }}
- watch
- get
- list
{{- end -}}
Willing to create a PR for this
@JorTurFer It looks like related to cert manager; any thoughts on why this is not respected?
Oversight or just to make sure they are always there?
We shouldn't add the role if rbac.create = false
let me open a PR quickly to fix it for incoming release, give me a sec