helm: update node plugin cluster role

added permission to get nodes for rbd and cephfs nodeplugin daemonset

Signed-off-by: Jan Nemcik <jan.nemcik@solargis.com>
This commit is contained in:
Jan Nemcik 2023-12-05 18:05:11 +01:00 committed by mergify[bot]
parent 60c65d4196
commit 1fb6d8f891
2 changed files with 0 additions and 4 deletions

View File

@ -11,9 +11,7 @@ metadata:
heritage: {{ .Release.Service }} heritage: {{ .Release.Service }}
{{- with .Values.commonLabels }}{{ toYaml . | trim | nindent 4 }}{{- end }} {{- with .Values.commonLabels }}{{ toYaml . | trim | nindent 4 }}{{- end }}
rules: rules:
{{- if and .Values.readAffinity .Values.readAffinity.enabled }}
- apiGroups: [""] - apiGroups: [""]
resources: ["nodes"] resources: ["nodes"]
verbs: ["get"] verbs: ["get"]
{{- end }}
{{- end -}} {{- end -}}

View File

@ -11,11 +11,9 @@ metadata:
heritage: {{ .Release.Service }} heritage: {{ .Release.Service }}
{{- with .Values.commonLabels }}{{ toYaml . | trim | nindent 4 }}{{- end }} {{- with .Values.commonLabels }}{{ toYaml . | trim | nindent 4 }}{{- end }}
rules: rules:
{{- if .Values.topology.enabled }}
- apiGroups: [""] - apiGroups: [""]
resources: ["nodes"] resources: ["nodes"]
verbs: ["get"] verbs: ["get"]
{{- end }}
# allow to read Vault Token and connection options from the Tenants namespace # allow to read Vault Token and connection options from the Tenants namespace
- apiGroups: [""] - apiGroups: [""]
resources: ["secrets"] resources: ["secrets"]