From cf18cb3fb0a82a4c3ec4e005da1196b2f37952ca Mon Sep 17 00:00:00 2001 From: Timm Drevensek Date: Tue, 20 Jun 2023 17:35:53 +0200 Subject: [PATCH] Adapt role name to prevent namespace collision (#2617) --- .../templates/_helpers.tpl | 8 ++++++++ .../templates/manager_single_namespace_watch_role.yaml | 2 +- .../manager_single_namespace_watch_role_binding.yaml | 6 +++--- 3 files changed, 12 insertions(+), 4 deletions(-) diff --git a/charts/gha-runner-scale-set-controller/templates/_helpers.tpl b/charts/gha-runner-scale-set-controller/templates/_helpers.tpl index 468ddf6d..1500b460 100644 --- a/charts/gha-runner-scale-set-controller/templates/_helpers.tpl +++ b/charts/gha-runner-scale-set-controller/templates/_helpers.tpl @@ -88,6 +88,14 @@ Create the name of the service account to use {{- include "gha-runner-scale-set-controller.fullname" . }}-manager-single-namespace-rolebinding {{- end }} +{{- define "gha-runner-scale-set-controller.managerSingleNamespaceWatchRoleName" -}} +{{- include "gha-runner-scale-set-controller.fullname" . }}-manager-single-namespace-watch-role +{{- end }} + +{{- define "gha-runner-scale-set-controller.managerSingleNamespaceWatchRoleBinding" -}} +{{- include "gha-runner-scale-set-controller.fullname" . }}-manager-single-namespace-watch-rolebinding +{{- end }} + {{- define "gha-runner-scale-set-controller.managerListenerRoleName" -}} {{- include "gha-runner-scale-set-controller.fullname" . }}-manager-listener-role {{- end }} diff --git a/charts/gha-runner-scale-set-controller/templates/manager_single_namespace_watch_role.yaml b/charts/gha-runner-scale-set-controller/templates/manager_single_namespace_watch_role.yaml index f0f653d7..ac5a2d93 100644 --- a/charts/gha-runner-scale-set-controller/templates/manager_single_namespace_watch_role.yaml +++ b/charts/gha-runner-scale-set-controller/templates/manager_single_namespace_watch_role.yaml @@ -2,7 +2,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: - name: {{ include "gha-runner-scale-set-controller.managerSingleNamespaceRoleName" . }} + name: {{ include "gha-runner-scale-set-controller.managerSingleNamespaceWatchRoleName" . }} namespace: {{ .Values.flags.watchSingleNamespace }} rules: - apiGroups: diff --git a/charts/gha-runner-scale-set-controller/templates/manager_single_namespace_watch_role_binding.yaml b/charts/gha-runner-scale-set-controller/templates/manager_single_namespace_watch_role_binding.yaml index 3edd0c61..67923358 100644 --- a/charts/gha-runner-scale-set-controller/templates/manager_single_namespace_watch_role_binding.yaml +++ b/charts/gha-runner-scale-set-controller/templates/manager_single_namespace_watch_role_binding.yaml @@ -2,14 +2,14 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: - name: {{ include "gha-runner-scale-set-controller.managerSingleNamespaceRoleBinding" . }} + name: {{ include "gha-runner-scale-set-controller.managerSingleNamespaceWatchRoleBinding" . }} namespace: {{ .Values.flags.watchSingleNamespace }} roleRef: apiGroup: rbac.authorization.k8s.io kind: Role - name: {{ include "gha-runner-scale-set-controller.managerSingleNamespaceRoleName" . }} + name: {{ include "gha-runner-scale-set-controller.managerSingleNamespaceWatchRoleName" . }} subjects: - kind: ServiceAccount name: {{ include "gha-runner-scale-set-controller.serviceAccountName" . }} namespace: {{ .Release.Namespace }} -{{- end }} \ No newline at end of file +{{- end }}