From be078ebcdd1893dfc90930c261d9490741450f27 Mon Sep 17 00:00:00 2001 From: Suraj Deshmukh Date: Fri, 14 Sep 2018 17:19:34 +0530 Subject: [PATCH] RBAC: revert the scope of operator to clusterwide This commit defaults the operator to run clusterwide by default. This makes the operation of the operator to default as it was before the RBAC was added. Signed-off-by: Suraj Deshmukh --- helm/habitat-operator/README.md | 2 +- helm/habitat-operator/values.yaml | 2 +- test/sync/rbac/sync_test.go | 6 +++--- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/helm/habitat-operator/README.md b/helm/habitat-operator/README.md index fed67c0d..42110ade 100644 --- a/helm/habitat-operator/README.md +++ b/helm/habitat-operator/README.md @@ -65,7 +65,7 @@ Parameter | Description | Default `nodeSelector` | Node labels for pod assignment | `{}` `rbacEnable` | If true, create & use RBAC resources | `true` `resources` | Pod resource requests & limits | `{}` -`operatorNamespaced` | If this operator should run scoped to Single namespace | `true` +`operatorNamespaced` | If this operator should run scoped to Single namespace | `false` `namespace` | Namespace this operator should run inside | `habitat-operator` Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example, diff --git a/helm/habitat-operator/values.yaml b/helm/habitat-operator/values.yaml index 0a600e5d..82495419 100644 --- a/helm/habitat-operator/values.yaml +++ b/helm/habitat-operator/values.yaml @@ -14,7 +14,7 @@ nodeSelector: {} rbacEnable: true ## Decide if habitat-operator runs at cluster or namespaced scope -operatorNamespaced: true +operatorNamespaced: false namespace: habitat-operator ## Habitat-operator resource limits & requests diff --git a/test/sync/rbac/sync_test.go b/test/sync/rbac/sync_test.go index beae86b9..e5982d44 100644 --- a/test/sync/rbac/sync_test.go +++ b/test/sync/rbac/sync_test.go @@ -168,9 +168,9 @@ func extractRulesFromHelm(path string, isItClusterRole bool) ([]rbacv1.PolicyRul return nil, errors.Wrapf(err, "loading chart %s failed", path) } - // make sure that the ClusterRole is generated - if isItClusterRole { - chart.Values.Raw = strings.Replace(chart.Values.Raw, "operatorNamespaced: true", "operatorNamespaced: false", 1) + // If it is Role then we need to replace the value of `operatorNamespaced` to true + if !isItClusterRole { + chart.Values.Raw = strings.Replace(chart.Values.Raw, "operatorNamespaced: false", "operatorNamespaced: true", 1) } renderedFiles, err := renderutil.Render(chart, chart.Values, renderutil.Options{})