From cc8c2664dd4e7ac300772384c41358077887198b Mon Sep 17 00:00:00 2001 From: Steve Pentland Date: Wed, 28 Feb 2024 20:35:57 -0500 Subject: [PATCH] chore(charts): provide more config options Includes dynamic service account names and some missing roles --- charts/nx-agents/Chart.yaml | 2 +- charts/nx-agents/templates/deployment.yaml | 2 +- charts/nx-agents/templates/rolebinding.yaml | 20 +++++++++++++++++-- charts/nx-agents/templates/roles.yaml | 16 ++++++++++++++- .../nx-agents/templates/serviceaccounts.yaml | 6 ++++-- charts/nx-agents/values.yaml | 2 ++ 6 files changed, 41 insertions(+), 7 deletions(-) diff --git a/charts/nx-agents/Chart.yaml b/charts/nx-agents/Chart.yaml index 5d2cc49..399415b 100644 --- a/charts/nx-agents/Chart.yaml +++ b/charts/nx-agents/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: nx-agents description: Nx Cloud Agents Helm Chart type: application -version: 1.0.0-rc.2 +version: 1.0.0-rc.3 maintainers: - name: nx url: "https://nx.app/" diff --git a/charts/nx-agents/templates/deployment.yaml b/charts/nx-agents/templates/deployment.yaml index 37b312f..15845b3 100644 --- a/charts/nx-agents/templates/deployment.yaml +++ b/charts/nx-agents/templates/deployment.yaml @@ -101,5 +101,5 @@ spec: {{- end }} {{- end }} {{- end }} - serviceAccountName: nx-cloud-workflow-controller + serviceAccountName: {{ .Values.serviceAccounts.controller.name }} terminationGracePeriodSeconds: 10 diff --git a/charts/nx-agents/templates/rolebinding.yaml b/charts/nx-agents/templates/rolebinding.yaml index ad9d30e..c635a71 100644 --- a/charts/nx-agents/templates/rolebinding.yaml +++ b/charts/nx-agents/templates/rolebinding.yaml @@ -12,5 +12,21 @@ roleRef: name: nx-cloud-workflow-controller-role subjects: - kind: ServiceAccount - name: nx-cloud-workflow-controller - namespace: {{ .Values.global.namespace }} \ No newline at end of file + name: {{ .Values.serviceAccounts.controller.name }} + namespace: {{ .Values.global.namespace }} +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + labels: + {{- include "nxCloud.app.labels" . | indent 4 }} + name: nx-cloud-workflow-runner-rolebinding + namespace: {{ .Values.global.namespace }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: nx-cloud-workflow-runner-role +subjects: +- kind: ServiceAccount + name: {{ .Values.serviceAccounts.runner.name }} + namespace: {{ .Values.global.namespace }} \ No newline at end of file diff --git a/charts/nx-agents/templates/roles.yaml b/charts/nx-agents/templates/roles.yaml index 759ab89..30fcb57 100644 --- a/charts/nx-agents/templates/roles.yaml +++ b/charts/nx-agents/templates/roles.yaml @@ -59,4 +59,18 @@ rules: resources: - jobs/status verbs: - - get \ No newline at end of file + - get +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: nx-cloud-workflow-runner-role + namespace: {{ .Values.global.namespace }} +rules: +- apiGroups: + - "" + resources: + - services + verbs: + - get + - list \ No newline at end of file diff --git a/charts/nx-agents/templates/serviceaccounts.yaml b/charts/nx-agents/templates/serviceaccounts.yaml index 044adb6..56a136a 100644 --- a/charts/nx-agents/templates/serviceaccounts.yaml +++ b/charts/nx-agents/templates/serviceaccounts.yaml @@ -2,7 +2,9 @@ apiVersion: v1 kind: ServiceAccount metadata: - name: nx-cloud-workflow-runner + labels: + {{- include "nxCloud.app.labels" . | indent 4 }} + name: {{ .Values.serviceAccounts.runner.name }} namespace: {{ .Values.global.namespace }} {{- if .Values.serviceAccounts.runner.annotations }} annotations: @@ -15,7 +17,7 @@ kind: ServiceAccount metadata: labels: {{- include "nxCloud.app.labels" . | indent 4 }} - name: nx-cloud-workflow-controller + name: {{ .Values.serviceAccounts.controller.name }} namespace: {{ .Values.global.namespace }} {{- if .Values.serviceAccounts.controller.annotations }} annotations: diff --git a/charts/nx-agents/values.yaml b/charts/nx-agents/values.yaml index cdcddeb..f6b547b 100644 --- a/charts/nx-agents/values.yaml +++ b/charts/nx-agents/values.yaml @@ -10,8 +10,10 @@ naming: serviceAccounts: controller: + name: nx-cloud-workflow-controller annotations: {} runner: + name: nx-cloud-workflow-runner annotations: {} controller: