argoproj
/
argo-helm
mirror of https://github.com/argoproj/argo-helm.git
1
0
Fork 1
Code Issues Packages Projects Releases Wiki Activity

feat(argo-workflows): add value to avoid creating RBAC related to ClusterWorkflowTemplates (#657) 

* Argo Workflows: avoid creating ClusterRoles and CRBs if singleNamespace is true

Signed-off-by: g-linville <53102776+g-linville@users.noreply.github.com>

* Argo Workflows: bumped chart version

Signed-off-by: g-linville <53102776+g-linville@users.noreply.github.com>

* Argo: remove clusterworkflowtemplates from WorkflowController role

Signed-off-by: g-linville <53102776+g-linville@users.noreply.github.com>

* feat(argo-workflows): add value to disable creation of RBAC relating to ClusterWorkflowTemplates

Signed-off-by: g-linville <53102776+g-linville@users.noreply.github.com>

* Bumped chart version

Signed-off-by: g-linville <53102776+g-linville@users.noreply.github.com>
pull/757/head argo-workflows-0.1.3
g-linville 2021-05-25 02:06:31 -04:00 committed by GitHub
parent 162e10b6d5
commit 7a06415d83
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
6 changed files with 18 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
charts/argo-workflows/Chart.yaml
View File

@ -2,7 +2,7 @@ apiVersion: v2
name: argo-workflows
description: A Helm chart for Argo Workflows
type: application
version: 0.1.2
version: 0.1.3
appVersion: "v3.0.2"
icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png
home: https://github.com/argoproj/argo-helm

5
charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml
View File

@ -55,8 +55,6 @@ rules:
resources:
- workflowtemplates
- workflowtemplates/finalizers
- clusterworkflowtemplates
- clusterworkflowtemplates/finalizers
verbs:
- get
- list
@ -131,6 +129,8 @@ rules:
- update
- patch
- delete
{{- if .Values.controller.clusterWorkflowTemplates.enabled }}
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
@ -146,3 +146,4 @@ rules:
- get
- list
- watch
{{- end }}

3
charts/argo-workflows/templates/controller/workflow-controller-crb.yaml
View File

@ -31,6 +31,8 @@ subjects:
{{- end }}
{{- end }}
{{- end }}
{{- if .Values.controller.clusterWorkflowTemplates.enabled }}
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
@ -46,3 +48,4 @@ subjects:
- kind: ServiceAccount
name: {{ template "argo-workflows.controllerServiceAccountName" . }}
namespace: {{ .Release.Namespace }}
{{- end }}

3
charts/argo-workflows/templates/server/server-cluster-roles.yaml
View File

@ -111,6 +111,8 @@ rules:
- update
- patch
- delete
{{- if .Values.server.clusterWorkflowTemplates.enabled }}
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
@ -134,3 +136,4 @@ rules:
- delete
{{- end }}
{{- end }}
{{- end }}

3
charts/argo-workflows/templates/server/server-crb.yaml
View File

@ -21,6 +21,8 @@ subjects:
- kind: ServiceAccount
name: {{ template "argo-workflows.serverServiceAccountName" . }}
namespace: {{ .Release.Namespace }}
{{- if .Values.server.clusterWorkflowTemplates.enabled }}
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
@ -37,3 +39,4 @@ subjects:
name: {{ template "argo-workflows.serverServiceAccountName" . }}
namespace: {{ .Release.Namespace }}
{{- end -}}
{{- end -}}

5
charts/argo-workflows/values.yaml
View File

@ -143,6 +143,9 @@ controller:
priorityClassName: ""
# https://argoproj.github.io/argo-workflows/links/
links: []
clusterWorkflowTemplates:
# Create a ClusterRole and CRB for the controller to access ClusterWorkflowTemplates.
enabled: true
# executor controls how the init and wait container should be customized
executor:
@ -262,6 +265,8 @@ server:
https: false
clusterWorkflowTemplates:
# Create a ClusterRole and CRB for the server to access ClusterWorkflowTemplates.
enabled: true
# Give the server permissions to edit ClusterWorkflowTemplates.
enableEditing: true
sso: