Skip to content

Commit 6bfc9db

Browse files
hagaibarelhagaibarel
authored
Merge pull request #234 from JingmingGuo/jm-multicluster-rbac
Add kubernetes plugin multicluster required RBAC
2 parents 2739e56 + 14b9c89 commit 6bfc9db

File tree

3 files changed

+16
-3
lines changed

3 files changed

+16
-3
lines changed

charts/coredns/Chart.yaml

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
apiVersion: v2
22
name: coredns
3-
version: 1.43.3
3+
version: 1.44.3
44
appVersion: 1.12.3
55
home: https://coredns.io
66
icon: https://coredns.io/images/CoreDNS_Colour_Horizontal.png
@@ -21,3 +21,5 @@ annotations:
2121
artifacthub.io/changes: |
2222
- kind: changed
2323
description: Use tpl function for affinity values
24+
- kind: added
25+
description: Add kubernetes plugin multicluster required RBAC

charts/coredns/README.md

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -108,7 +108,7 @@ The command removes all the Kubernetes components associated with the chart and
108108
## Configuration
109109

110110
| Parameter | Description | Default |
111-
| :--------------------------------------------- | :---------------------------------------------------------------------------------------------------------------------------------------- | :----------------------------------------------------------- |
111+
| :--------------------------------------------- |:------------------------------------------------------------------------------------------------------------------------------------------| :----------------------------------------------------------- |
112112
| `image.repository` | The image repository to pull from | coredns/coredns |
113113
| `image.tag` | The image tag to pull from (derived from Chart.yaml) | `` |
114114
| `image.pullPolicy` | Image pull policy | IfNotPresent |
@@ -140,6 +140,7 @@ The command removes all the Kubernetes components associated with the chart and
140140
| `serviceAccount.name` | If not set & create is true, use template fullname | |
141141
| `rbac.create` | If true, create & use RBAC resources | true |
142142
| `rbac.pspEnable` | Specifies whether a PodSecurityPolicy should be created. | `false` |
143+
| `rbac.multiclusterEnable` | Specifies whether the kubernetes plugin multicluster RBAC should be created. | `false` |
143144
| `isClusterService` | Specifies whether chart should be deployed as cluster-service or normal k8s app. | true |
144145
| `priorityClassName` | Name of Priority Class to assign pods | `""` |
145146
| `securityContext` | securityContext definition for pods | capabilities.add.NET_BIND_SERVICE |
@@ -164,7 +165,7 @@ The command removes all the Kubernetes components associated with the chart and
164165
| `extraVolumes` | Optional array of volumes to create | [] |
165166
| `extraVolumeMounts` | Optional array of volumes to mount inside the CoreDNS container | [] |
166167
| `extraSecrets` | Optional array of secrets to mount inside the CoreDNS container | [] |
167-
| `env` | Optional array of environment variables for CoreDNS container | [] |
168+
| `env` | Optional array of environment variables for CoreDNS container | [] |
168169
| `customLabels` | Optional labels for Deployment(s), Pod, Service, ServiceMonitor objects | {} |
169170
| `customAnnotations` | Optional annotations for Deployment(s), Pod, Service, ServiceMonitor objects |
170171
| `rollingUpdate.maxUnavailable` | Maximum number of unavailable replicas during rolling update | `1` |

charts/coredns/templates/clusterrole.yaml

Lines changed: 10 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -33,4 +33,14 @@ rules:
3333
resourceNames:
3434
- {{ template "coredns.fullname" . }}
3535
{{- end }}
36+
{{- if .Values.rbac.multiclusterEnable }}
37+
- apiGroups:
38+
- multicluster.x-k8s.io
39+
resources:
40+
- serviceexports
41+
- serviceimports
42+
verbs:
43+
- list
44+
- watch
45+
{{- end }}
3646
{{- end }}

0 commit comments

Comments
 (0)