mirror of https://git.rancher.io/charts
[rancher-grafana] Replace .Values.rbac.pspEnabled with .Values.global.cattle.psp.enabled and bump major version
Arvind Iyengar
parent
3937cdd790
commit
40325d35a4
|
|
@ -1,6 +1,12 @@
|
|||
--- charts-original/templates/podsecuritypolicy.yaml
|
||||
+++ charts/templates/podsecuritypolicy.yaml
|
||||
@@ -6,13 +6,9 @@
|
||||
@@ -1,18 +1,13 @@
|
||||
-{{- if .Values.rbac.pspEnabled }}
|
||||
-{{- if .Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy" }}
|
||||
+{{- if .Values.global.cattle.psp.enabled }}
|
||||
apiVersion: policy/v1beta1
|
||||
kind: PodSecurityPolicy
|
||||
metadata:
|
||||
name: {{ template "grafana.fullname" . }}
|
||||
labels:
|
||||
{{- include "grafana.labels" . | nindent 4 }}
|
||||
|
|
@ -17,3 +23,9 @@
|
|||
spec:
|
||||
privileged: false
|
||||
allowPrivilegeEscalation: false
|
||||
@@ -47,5 +42,4 @@
|
||||
- min: 1
|
||||
max: 65535
|
||||
readOnlyRootFilesystem: false
|
||||
-{{- end }}
|
||||
{{- end }}
|
||||
|
|
|
|||
|
|
@ -0,0 +1,14 @@
|
|||
--- charts-original/templates/role.yaml
|
||||
+++ charts/templates/role.yaml
|
||||
@@ -10,9 +10,9 @@
|
||||
annotations:
|
||||
{{ toYaml . | indent 4 }}
|
||||
{{- end }}
|
||||
-{{- if or .Values.rbac.pspEnabled (and .Values.rbac.namespaced (or .Values.sidecar.dashboards.enabled (or .Values.sidecar.datasources.enabled (or .Values.sidecar.plugins.enabled .Values.rbac.extraRoleRules)))) }}
|
||||
+{{- if or .Values.global.cattle.psp.enabled (and .Values.rbac.namespaced (or .Values.sidecar.dashboards.enabled (or .Values.sidecar.datasources.enabled (or .Values.sidecar.plugins.enabled .Values.rbac.extraRoleRules)))) }}
|
||||
rules:
|
||||
-{{- if .Values.rbac.pspEnabled }}
|
||||
+{{- if .Values.global.cattle.psp.enabled }}
|
||||
- apiGroups: ['extensions']
|
||||
resources: ['podsecuritypolicies']
|
||||
verbs: ['use']
|
||||
|
|
@ -1,8 +1,9 @@
|
|||
--- charts-original/templates/tests/test-podsecuritypolicy.yaml
|
||||
+++ charts/templates/tests/test-podsecuritypolicy.yaml
|
||||
@@ -1,5 +1,4 @@
|
||||
{{- if and .Values.testFramework.enabled .Values.rbac.pspEnabled }}
|
||||
-{{- if and .Values.testFramework.enabled .Values.rbac.pspEnabled }}
|
||||
-{{- if .Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy" }}
|
||||
+{{- if and .Values.testFramework.enabled .Values.global.cattle.psp.enabled }}
|
||||
apiVersion: policy/v1beta1
|
||||
kind: PodSecurityPolicy
|
||||
metadata:
|
||||
|
|
|
|||
|
|
@ -0,0 +1,8 @@
|
|||
--- charts-original/templates/tests/test-role.yaml
|
||||
+++ charts/templates/tests/test-role.yaml
|
||||
@@ -1,4 +1,4 @@
|
||||
-{{- if and .Values.testFramework.enabled .Values.rbac.pspEnabled -}}
|
||||
+{{- if and .Values.testFramework.enabled .Values.global.cattle.psp.enabled -}}
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: Role
|
||||
metadata:
|
||||
|
|
@ -0,0 +1,8 @@
|
|||
--- charts-original/templates/tests/test-rolebinding.yaml
|
||||
+++ charts/templates/tests/test-rolebinding.yaml
|
||||
@@ -1,4 +1,4 @@
|
||||
-{{- if and .Values.testFramework.enabled .Values.rbac.pspEnabled -}}
|
||||
+{{- if and .Values.testFramework.enabled .Values.global.cattle.psp.enabled -}}
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: RoleBinding
|
||||
metadata:
|
||||
|
|
@ -1,15 +1,17 @@
|
|||
--- charts-original/values.yaml
|
||||
+++ charts/values.yaml
|
||||
@@ -1,9 +1,23 @@
|
||||
@@ -1,9 +1,24 @@
|
||||
+global:
|
||||
+ cattle:
|
||||
+ psp:
|
||||
+ enabled: false
|
||||
+ systemDefaultRegistry: ""
|
||||
+
|
||||
rbac:
|
||||
create: true
|
||||
## Use an existing ClusterRole/Role (depending on rbac.namespaced false/true)
|
||||
# useExistingRole: name-of-some-(cluster)role
|
||||
pspEnabled: true
|
||||
- pspEnabled: true
|
||||
- pspUseAppArmor: true
|
||||
+ pspAnnotations: {}
|
||||
+ ## Specify pod annotations
|
||||
|
|
@ -25,7 +27,7 @@
|
|||
namespaced: false
|
||||
extraRoleRules: []
|
||||
# - apiGroups: []
|
||||
@@ -73,9 +87,9 @@
|
||||
@@ -73,9 +88,9 @@
|
||||
# schedulerName: "default-scheduler"
|
||||
|
||||
image:
|
||||
|
|
@ -37,7 +39,7 @@
|
|||
sha: ""
|
||||
pullPolicy: IfNotPresent
|
||||
|
||||
@@ -88,13 +102,16 @@
|
||||
@@ -88,13 +103,16 @@
|
||||
# - myRegistrKeySecretName
|
||||
|
||||
testFramework:
|
||||
|
|
@ -57,7 +59,7 @@
|
|||
runAsUser: 472
|
||||
runAsGroup: 472
|
||||
fsGroup: 472
|
||||
@@ -127,7 +144,7 @@
|
||||
@@ -127,7 +145,7 @@
|
||||
# priorityClassName:
|
||||
|
||||
downloadDashboardsImage:
|
||||
|
|
@ -66,7 +68,7 @@
|
|||
tag: 7.85.0
|
||||
sha: ""
|
||||
pullPolicy: IfNotPresent
|
||||
@@ -204,7 +221,7 @@
|
||||
@@ -204,7 +222,7 @@
|
||||
labels: {}
|
||||
path: /
|
||||
|
||||
|
|
@ -75,7 +77,7 @@
|
|||
pathType: Prefix
|
||||
|
||||
hosts:
|
||||
@@ -328,7 +345,7 @@
|
||||
@@ -328,7 +346,7 @@
|
||||
## initChownData container image
|
||||
##
|
||||
image:
|
||||
|
|
@ -84,7 +86,7 @@
|
|||
tag: "1.31.1"
|
||||
sha: ""
|
||||
pullPolicy: IfNotPresent
|
||||
@@ -739,7 +756,7 @@
|
||||
@@ -739,7 +757,7 @@
|
||||
## Requires at least Grafana 5 to work and can't be used together with parameters dashboardProviders, datasources and dashboards
|
||||
sidecar:
|
||||
image:
|
||||
|
|
@ -93,7 +95,7 @@
|
|||
tag: 1.19.2
|
||||
sha: ""
|
||||
imagePullPolicy: IfNotPresent
|
||||
@@ -852,10 +869,10 @@
|
||||
@@ -852,10 +870,10 @@
|
||||
reloadURL: "http://localhost:3000/api/admin/provisioning/datasources/reload"
|
||||
# Absolute path to shell script to execute after a datasource got reloaded
|
||||
script: null
|
||||
|
|
@ -106,7 +108,7 @@
|
|||
# Sets the size limit of the datasource sidecar emptyDir volume
|
||||
sizeLimit: {}
|
||||
plugins:
|
||||
@@ -934,9 +951,9 @@
|
||||
@@ -934,9 +952,9 @@
|
||||
replicas: 1
|
||||
image:
|
||||
# image-renderer Image repository
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
url: https://github.com/grafana/helm-charts.git
|
||||
subdirectory: charts/grafana
|
||||
commit: 74c1f4c96e174ca140cfc24e1327393c82478214
|
||||
version: 101.0.0
|
||||
version: 102.0.0
|
||||
doNotRelease: true
|
||||
|
|
|
|||
Loading…
Reference in New Issue