From 4b90809ade33d2cec63a4a1a312cfaef5e376f99 Mon Sep 17 00:00:00 2001
From: Enno Boland <g@s01.de>
Date: Wed, 16 Dec 2020 10:44:25 +0100
Subject: [PATCH] =?UTF-8?q?helm-chart:=20allow=20configmaps=20instead=20of?=
 =?UTF-8?q?=20endpoints=20for=20leader=20elections=E2=80=A6=20(#1037)?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

* helm-chart: allow configmaps instead of endpoints if leader elections uses the configmaps method

* helm-chart: allow endpoints get even if config maps are used

* helm-chart: allow configmaps instead of endpoints on the operator role too.

Co-authored-by: Enno Boland <mail@eboland.de>
---
 .../templates/clusterrole-postgres-pod.yaml   | 22 +++++++++++++++++++
 .../templates/clusterrole.yaml                |  6 ++++-
 2 files changed, 27 insertions(+), 1 deletion(-)

diff --git a/charts/postgres-operator/templates/clusterrole-postgres-pod.yaml b/charts/postgres-operator/templates/clusterrole-postgres-pod.yaml
index ef607ae3c..b3f9f08f5 100644
--- a/charts/postgres-operator/templates/clusterrole-postgres-pod.yaml
+++ b/charts/postgres-operator/templates/clusterrole-postgres-pod.yaml
@@ -10,6 +10,27 @@ metadata:
     app.kubernetes.io/instance: {{ .Release.Name }}
 rules:
 # Patroni needs to watch and manage endpoints
+{{- if toString .Values.configGeneral.kubernetes_use_configmaps | eq "true" }}
+- apiGroups:
+  - ""
+  resources:
+  - configmaps
+  verbs:
+  - create
+  - delete
+  - deletecollection
+  - get
+  - list
+  - patch
+  - update
+  - watch
+- apiGroups:
+  - ""
+  resources:
+  - endpoints
+  verbs:
+  - get
+{{- else }}
 - apiGroups:
   - ""
   resources:
@@ -23,6 +44,7 @@ rules:
   - patch
   - update
   - watch
+{{- end }}
 # Patroni needs to watch pods
 - apiGroups:
   - ""
diff --git a/charts/postgres-operator/templates/clusterrole.yaml b/charts/postgres-operator/templates/clusterrole.yaml
index 00ee776f5..46113c4f1 100644
--- a/charts/postgres-operator/templates/clusterrole.yaml
+++ b/charts/postgres-operator/templates/clusterrole.yaml
@@ -63,11 +63,15 @@ rules:
   - patch
   - update
   - watch
-# to manage endpoints which are also used by Patroni
+# to manage endpoints/configmaps which are also used by Patroni
 - apiGroups:
   - ""
   resources:
+{{- if toString .Values.configGeneral.kubernetes_use_configmaps | eq "true" }}
+  - configmaps
+{{- else }}
   - endpoints
+{{- end }}
   verbs:
   - create
   - delete