Remove Project Prometheus RBAC resource

08e14cdd · Frank Mai · Alena Prokharchyk · ad17036d · 08e14cdd · 08e14cdd
Commit 08e14cdd authored Apr 08, 2019 by Frank Mai Committed by Alena Prokharchyk May 06, 2019
Show whitespace changes
Inline Side-by-side

Showing with 1 addition and 69 deletions

rbac.yaml ...r-monitoring/v0.0.3/charts/prometheus/templates/rbac.yaml +1 -68

values.yaml charts/rancher-monitoring/v0.0.3/values.yaml +0 -1

No files found.
--- a/charts/rancher-monitoring/v0.0.3/charts/prometheus/templates/rbac.yaml
+++ b/charts/rancher-monitoring/v0.0.3/charts/prometheus/templates/rbac.yaml
@@ -11,6 +11,7 @@ metadata:
 imagePullSecrets: 
 {{ toYaml .Values.image.pullSecrets | indent 2 }}

+{{- if eq .Values.level "cluster" }}
 ---
 apiVersion: {{ template "rbac_api_version" . }}
 kind: ClusterRole
@@ -42,7 +43,6 @@ rules:
  - services
  - endpoints
  - pods
-{{- if eq .Values.level "cluster" }}
  - nodes
 - apiGroups:
  - ""
@@ -65,7 +65,6 @@ rules:
  - subjectaccessreviews
  verbs:
  - "create"
-{{- end }}

 ---
 apiVersion: {{ template "rbac_api_version" . }}
@@ -85,71 +84,5 @@ subjects:
  - kind: ServiceAccount
    name: {{ default (include "app.fullname" .) .Values.serviceAccountNameOverride }}
    namespace: {{ .Release.Namespace }}
-
-{{- if eq .Values.level "project" }}
---
-apiVersion: {{ template "rbac_api_version" . }}
-kind: Role
-metadata:
-  labels:
-    app: {{ template "app.name" . }}
-    chart: {{ template "app.version" . }}
-    heritage: {{ .Release.Service }}
-    release: {{ .Release.Name }}
-  name: {{ include "app.fullname" . }}
-rules:
- apiGroups:
-  - "monitoring.cattle.io"
-  resources:
-  - prometheus
-  verbs:
-  - "view"
-
---
-apiVersion: {{ template "rbac_api_version" . }}
-kind: RoleBinding
-metadata:
-  labels:
-    app: {{ template "app.name" . }}
-    chart: {{ template "app.version" . }}
-    heritage: {{ .Release.Service }}
-    release: {{ .Release.Name }}
-  name: {{ include "app.fullname" . }}
-roleRef:
-  apiGroup: rbac.authorization.k8s.io
-  kind: Role
-  name: {{ include "app.fullname" . }}
-  namespace: {{ .Release.Namespace }}
-subjects:
-  - kind: ServiceAccount
-    name: {{ default (include "app.fullname" .) .Values.serviceAccountNameOverride }}
-    namespace: {{ .Release.Namespace }}
 {{- end }}
-
-{{- $rbacAPIVersion := include "rbac_api_version" .  }}
-{{- $appServiceAccountName := default (include "app.fullname" .) .Values.serviceAccountNameOverride }}
-{{- $appName := include "app.name" . }}
-{{- $appVersion := include "app.version" . }}
-{{- $root := . -}}
-{{ range .Values.additionalBindingClusterRoles }}
---
-apiVersion: {{ $rbacAPIVersion }}
-kind: ClusterRoleBinding
-metadata:
-  labels:
-    app: {{ $appName }}
-    chart: {{ $appVersion }}
-    heritage: {{ $root.Release.Service }}
-    release: {{ $root.Release.Name }}
-  name: {{ . }}-additional-binding
-roleRef:
-  apiGroup: rbac.authorization.k8s.io
-  kind: ClusterRole
-  name: {{ . }}
-subjects:
-  - kind: ServiceAccount
-    name: {{ $appServiceAccountName }}
-    namespace: {{ $root.Release.Namespace }}
-
-{{ end }}
 {{- end }}
--- a/charts/rancher-monitoring/v0.0.3/values.yaml
+++ b/charts/rancher-monitoring/v0.0.3/values.yaml
@@ -338,7 +338,6 @@ prometheus:
  serviceMonitorNamespaceSelector: {}
  serviceMonitorSelector:
    matchExpressions: []
-  addtionalBindingClusterRoles: []
  securityContext:
    runAsUser: 1000
    runAsNonRoot: true