From 81b8e236da729471050795a5ce52602648b163ac Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Zolt=C3=A1n=20Reegn?= Date: Mon, 15 Apr 2024 16:11:40 +0200 Subject: [PATCH] Fix secrets Role and ClusterRole namespace declaration Rendering the template in single namespace mode the Role should always have the namespace set. Rendering in cluster mode the ClusterRole shouldn't have any namespace set. --- .../templates/manager_role_binding_secrets.yaml | 2 ++ .../templates/manager_role_secrets.yaml | 5 ++++- 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/charts/actions-runner-controller/templates/manager_role_binding_secrets.yaml b/charts/actions-runner-controller/templates/manager_role_binding_secrets.yaml index 9b7132cf..99931538 100644 --- a/charts/actions-runner-controller/templates/manager_role_binding_secrets.yaml +++ b/charts/actions-runner-controller/templates/manager_role_binding_secrets.yaml @@ -6,7 +6,9 @@ kind: ClusterRoleBinding {{- end }} metadata: name: {{ include "actions-runner-controller.managerRoleName" . }}-secrets + {{- if .Values.scope.singleNamespace }} namespace: {{ .Release.Namespace }} + {{- end}} roleRef: apiGroup: rbac.authorization.k8s.io {{- if .Values.scope.singleNamespace }} diff --git a/charts/actions-runner-controller/templates/manager_role_secrets.yaml b/charts/actions-runner-controller/templates/manager_role_secrets.yaml index 38037c83..d0a6edf2 100644 --- a/charts/actions-runner-controller/templates/manager_role_secrets.yaml +++ b/charts/actions-runner-controller/templates/manager_role_secrets.yaml @@ -7,6 +7,9 @@ kind: ClusterRole metadata: creationTimestamp: null name: {{ include "actions-runner-controller.managerRoleName" . }}-secrets + {{- if .Values.scope.singleNamespace }} + namespace: {{ .Release.Namespace }} + {{- end }} rules: - apiGroups: - "" @@ -21,4 +24,4 @@ rules: {{/* See https://github.com/actions/actions-runner-controller/pull/1268/files#r917331632 */}} - create - delete -{{- end }} \ No newline at end of file +{{- end }}