Closed day1118 closed 3 years ago
There has not been any activity to this issue in the last 30 days. It will automatically be closed after 7 more days. Remove the stale
label to prevent this.
Are you able to review the PR please @YannikBramkamp ?
There has not been any activity to this issue in the last 30 days. It will automatically be closed after 7 more days. Remove the stale
label to prevent this.
@YannikBramkamp @martin-helmich Can you please cut a release with this change included? Thanks
Done @day1118
Thanks @YannikBramkamp - there was no helm release generated for v3.3.0
- Can you please trigger this?
@day1118 Sorry for the delay, Should be available now
Is your feature request related to a problem? Please describe. I want to limit the scope of secrets-generator to a single namespace & remove the need to create a cluster role
Describe the solution you'd like Add a variable such as
rbac.create
&rbac.clusterRole
which disable therole
andclusterRole
respectively. Both would default totrue
for backwards compatibility.If
rbac.clusterRole
isfalse
, thenwatchNamespace
should default to{{ .Release.Namespace }}
as the generator will not have permissions to access other namespaces.Describe alternatives you've considered
WATCH_NAMESPACE
could be updated to include thetpl
function so that it can be set to{{ .Release.Namespace }}
via the values file, but this doesn't remove theclusterRole
Additional context I can raise a PR for these changes if you are happy with the variable names. Concept modelled from bitnami/external-dns