From d4f832dbaf2f190c5bed08aff3d56f9378a3d5f9 Mon Sep 17 00:00:00 2001
From: Andreas Geissler <andreas-geissler@telekom.de>
Date: Thu, 27 Jul 2023 19:07:08 +0200
Subject: [COMMON][SA] Add default role creation to ServiceAccount

Adds an option "createDefaultRoles" to create roles instead
of using the roles-wrapper

Issue-ID: OOM-3233

Change-Id: I03eb95b641034637fa218010025b2c452aba09d1
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
---
 kubernetes/common/serviceAccount/templates/role-binding.yaml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'kubernetes/common/serviceAccount/templates/role-binding.yaml')

diff --git a/kubernetes/common/serviceAccount/templates/role-binding.yaml b/kubernetes/common/serviceAccount/templates/role-binding.yaml
index 7c272aecda..11593ccccb 100644
--- a/kubernetes/common/serviceAccount/templates/role-binding.yaml
+++ b/kubernetes/common/serviceAccount/templates/role-binding.yaml
@@ -1,5 +1,6 @@
 {{/*
 # Copyright © 2020 Orange
+# Modifications Copyright © 2023 Deutsche Telekom AG
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -18,7 +19,7 @@
 {{- range $role_type := $dot.Values.roles }}
 {{/* retrieve the names for generic roles */}}
 {{ $name := printf "%s-%s" (include "common.release" $dot) $role_type }}
-{{- if not (has $role_type $dot.Values.defaultRoles) }}
+{{- if or (not (has $role_type $dot.Values.defaultRoles)) ($dot.Values.global.createDefaultRoles) ($dot.Values.createDefaultRoles) }}
 {{ $name = include "common.fullname" (dict "suffix" $role_type "dot" $dot ) }}
 {{- end }}
 ---
@@ -36,4 +37,3 @@ roleRef:
   name: {{ $name }}
   apiGroup: rbac.authorization.k8s.io
 {{- end }}
-
-- 
cgit 1.2.3-korg