Skip to content

[Helm] - disable cluster wide rbac resource creation #98

@Allex1

Description

@Allex1

Company or project name

Adobe multi-tenant kubernetes clusters

Use case

In some multi-tenant Kubernetes environments the user cannot load the ClusterRoles and ClusterRoleBindings during normal deployment. In this case we sideload them via a different process before the actual helm deployment. For this to be possible we should have a feature flag (enabled by default) that allow the use to choose whether to load these resources while deploying the helm release.
For allowing the operator to still be able to manage resources at namespace level a local rb should bind the operator serviceaccount to the clusterRole deployed outside of this chart (by a cluster admin) with then name being configurable. I'm happy to add that as a separate pr or we can use the extra-manifest from this pr.

Describe the solution you'd like

Will open a pr shortly

Describe alternatives you've considered

No response

Additional context

No response

Metadata

Metadata

Assignees

No one assigned

    Labels

    featureFeature request

    Type

    No type
    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions