Skip to content

temp: sample dynamic names for helm clusterrolebinding #79

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

temp: sample dynamic names for helm clusterrolebinding #79

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 4 additions & 4 deletions apis/v1alpha1/ack-generate-metadata.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,8 +1,8 @@
ack_generate_info:
build_date: "2025-05-24T00:16:13Z"
build_hash: 66a58d259146834e61b211a9a01609beaa58ef77
go_version: go1.24.2
version: v0.47.1
build_date: "2025-05-30T19:18:58Z"
build_hash: da78c1859faff7de93d1094ce8f26dc8b1fa5690
go_version: go1.24.3
version: v0.46.2-4-gda78c18
api_directory_checksum: 2627dc306e3a83c86c04050c6c4336451459e728
api_version: v1alpha1
aws_sdk_go_version: v1.32.6
Expand Down
22 changes: 18 additions & 4 deletions helm/templates/caches-role-binding.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,11 +1,18 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: ack-namespaces-cache-sqs-controller
name: {{ include "ack-sqs-controller.app.fullname" . }}-namespace-caches
labels:
app.kubernetes.io/name: {{ include "ack-sqs-controller.app.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
k8s-app: {{ include "ack-sqs-controller.app.name" . }}
helm.sh/chart: {{ include "ack-sqs-controller.chart.name-version" . }}
roleRef:
kind: ClusterRole
apiGroup: rbac.authorization.k8s.io
name: ack-namespaces-cache-sqs-controller
name: {{ include "ack-sqs-controller.app.fullname" . }}-namespace-caches
subjects:
- kind: ServiceAccount
name: {{ include "ack-sqs-controller.service-account.name" . }}
Expand All @@ -14,12 +21,19 @@ subjects:
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: ack-configmaps-cache-sqs-controller
name: {{ include "ack-sqs-controller.app.fullname" . }}-configmaps-cache
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: {{ include "ack-sqs-controller.app.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
k8s-app: {{ include "ack-sqs-controller.app.name" . }}
helm.sh/chart: {{ include "ack-sqs-controller.chart.name-version" . }}
roleRef:
kind: Role
apiGroup: rbac.authorization.k8s.io
name: ack-configmaps-cache-sqs-controller
name: {{ include "ack-sqs-controller.app.fullname" . }}-configmaps-cache
subjects:
- kind: ServiceAccount
name: {{ include "ack-sqs-controller.service-account.name" . }}
Expand Down
18 changes: 16 additions & 2 deletions helm/templates/caches-role.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,7 +1,14 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: ack-namespaces-cache-sqs-controller
name: {{ include "ack-sqs-controller.app.fullname" . }}-namespaces-cache
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Q: Would this change apply to every controller? And if yes, should this be applied done through the code-generator?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is a code-gen feature..just wanted to show the generated output..
Here's the code-gen PR: aws-controllers-k8s/code-generator#593

labels:
app.kubernetes.io/name: {{ include "ack-sqs-controller.app.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
k8s-app: {{ include "ack-sqs-controller.app.name" . }}
helm.sh/chart: {{ include "ack-sqs-controller.chart.name-version" . }}
rules:
- apiGroups:
- ""
Expand All @@ -15,8 +22,15 @@ rules:
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: ack-configmaps-cache-sqs-controller
name: {{ include "ack-sqs-controller.app.fullname" . }}-configmaps-cache
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: {{ include "ack-sqs-controller.app.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
k8s-app: {{ include "ack-sqs-controller.app.name" . }}
helm.sh/chart: {{ include "ack-sqs-controller.chart.name-version" . }}
rules:
- apiGroups:
- ""
Expand Down
24 changes: 20 additions & 4 deletions helm/templates/cluster-role-binding.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,11 +2,18 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: {{ include "ack-sqs-controller.app.fullname" . }}
name: {{ include "ack-sqs-controller.app.fullname" . }}-rolebinding
labels:
app.kubernetes.io/name: {{ include "ack-sqs-controller.app.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
k8s-app: {{ include "ack-sqs-controller.app.name" . }}
helm.sh/chart: {{ include "ack-sqs-controller.chart.name-version" . }}
roleRef:
kind: ClusterRole
apiGroup: rbac.authorization.k8s.io
name: ack-sqs-controller
name: {{ include "ack-sqs-controller.app.fullname" . }}
subjects:
- kind: ServiceAccount
name: {{ include "ack-sqs-controller.service-account.name" . }}
Expand All @@ -17,17 +24,26 @@ subjects:
{{ $fullname := include "ack-sqs-controller.app.fullname" . }}
{{ $releaseNamespace := .Release.Namespace }}
{{ $serviceAccountName := include "ack-sqs-controller.service-account.name" . }}
{{ $chartVersion := include "ack-sqs-controller.chart.name-version" . }}
{{ $appVersion := .Chart.AppVersion | quote }}
{{ range $namespaces }}
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: {{ $fullname }}
name: {{ $fullname }}-{{ . }}
namespace: {{ . }}
labels:
app.kubernetes.io/name: {{ $fullname }}
app.kubernetes.io/instance: {{ $.Release.Name }}
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/version: {{ $appVersion }}
k8s-app: {{ $fullname }}
helm.sh/chart: {{ $chartVersion }}
roleRef:
kind: Role
apiGroup: rbac.authorization.k8s.io
name: ack-sqs-controller
name: {{ $fullname }}-{{ . }}
subjects:
- kind: ServiceAccount
name: {{ $serviceAccountName }}
Expand Down
19 changes: 17 additions & 2 deletions helm/templates/cluster-role-controller.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,11 +1,20 @@
{{ $labels := .Values.role.labels }}
{{ $appVersion := .Chart.AppVersion | quote }}
{{ $rbacRules := include "ack-sqs-controller.rbac-rules" . }}
{{ $fullname := include "ack-sqs-controller.app.fullname" . }}
{{ $chartVersion := include "ack-sqs-controller.chart.name-version" . }}
{{ if eq .Values.installScope "cluster" }}
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: ack-sqs-controller
name: {{ include "ack-sqs-controller.app.fullname" . }}
labels:
app.kubernetes.io/name: {{ include "ack-sqs-controller.app.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
k8s-app: {{ include "ack-sqs-controller.app.name" . }}
helm.sh/chart: {{ include "ack-sqs-controller.chart.name-version" . }}
{{- range $key, $value := $labels }}
{{ $key }}: {{ $value | quote }}
{{- end }}
Expand All @@ -18,9 +27,15 @@ metadata:
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: ack-sqs-controller
name: {{ $fullname }}-{{ . }}
namespace: {{ . }}
labels:
app.kubernetes.io/name: {{ $fullname }}
app.kubernetes.io/instance: {{ $.Release.Name }}
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/version: {{ $appVersion }}
k8s-app: {{ $fullname }}
helm.sh/chart: {{ $chartVersion }}
{{- range $key, $value := $labels }}
{{ $key }}: {{ $value | quote }}
{{- end }}
Expand Down
11 changes: 9 additions & 2 deletions helm/templates/leader-election-role-binding.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,16 +2,23 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: sqs-leader-election-rolebinding
name: {{ include "ack-sqs-controller.app.fullname" . }}-leaderelection
{{ if .Values.leaderElection.namespace }}
namespace: {{ .Values.leaderElection.namespace }}
{{ else }}
namespace: {{ .Release.Namespace }}
{{ end }}
labels:
app.kubernetes.io/name: {{ include "ack-sqs-controller.app.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
k8s-app: {{ include "ack-sqs-controller.app.name" . }}
helm.sh/chart: {{ include "ack-sqs-controller.chart.name-version" . }}
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: sqs-leader-election-role
name: {{ include "ack-sqs-controller.app.fullname" . }}-leaderelection
subjects:
- kind: ServiceAccount
name: {{ include "ack-sqs-controller.service-account.name" . }}
Expand Down
9 changes: 8 additions & 1 deletion helm/templates/leader-election-role.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,12 +2,19 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: sqs-leader-election-role
name: {{ include "ack-sqs-controller.app.fullname" . }}-leaderelection
{{ if .Values.leaderElection.namespace }}
namespace: {{ .Values.leaderElection.namespace }}
{{ else }}
namespace: {{ .Release.Namespace }}
{{ end }}
labels:
app.kubernetes.io/name: {{ include "ack-sqs-controller.app.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
k8s-app: {{ include "ack-sqs-controller.app.name" . }}
helm.sh/chart: {{ include "ack-sqs-controller.chart.name-version" . }}
rules:
- apiGroups:
- coordination.k8s.io
Expand Down
9 changes: 8 additions & 1 deletion helm/templates/role-reader.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,8 +3,15 @@ apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
creationTimestamp: null
name: ack-sqs-reader
name: {{ include "ack-sqs-controller.app.fullname" . }}-reader
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: {{ include "ack-sqs-controller.app.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
k8s-app: {{ include "ack-sqs-controller.app.name" . }}
helm.sh/chart: {{ include "ack-sqs-controller.chart.name-version" . }}
rules:
- apiGroups:
- sqs.services.k8s.aws
Expand Down
9 changes: 8 additions & 1 deletion helm/templates/role-writer.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,8 +3,15 @@ apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
creationTimestamp: null
name: ack-sqs-writer
name: {{ include "ack-sqs-controller.app.fullname" . }}-writer
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: {{ include "ack-sqs-controller.app.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
k8s-app: {{ include "ack-sqs-controller.app.name" . }}
helm.sh/chart: {{ include "ack-sqs-controller.chart.name-version" . }}
rules:
- apiGroups:
- sqs.services.k8s.aws
Expand Down