feat(helm): Regenerate helm chart with latest kubebuilder#159
Merged
Conversation
Member
|
HI @Allex1, it looks great. You can use Helm e2e tests to verify this feature. |
Contributor
Author
This was referenced Apr 14, 2026
Allex1
force-pushed
the
main
branch
4 times, most recently
from
fe4e8ad to
c6ffd05
Compare
Contributor
Author
|
@GrigoryPervakov I think it's ready |
Contributor
Author
|
@GrigoryPervakov can I get a review ? |
Member
GrigoryPervakov
left a comment
GrigoryPervakov
left a comment
There was a problem hiding this comment.
Is this change a pure, freshly generated chart without preserving manually added features?
Most of them were explicitly asked by the community, and I'd prefer not to drop them now
GrigoryPervakov
changed the title
There was a problem hiding this comment.
Pull request overview
This PR regenerates the operator’s Helm chart output using the latest Kubebuilder Helm plugin (v4.14.0) and updates the chart scaffolding around RBAC scope, ServiceAccount handling, and metrics/webhook/cert-manager integration. It also adjusts CI to split out OLM-labeled e2e coverage.
Changes:
- Regenerate Helm chart scaffolding and values structure (including namespaced RBAC option and ServiceAccount naming helper).
- Update metrics + Prometheus ServiceMonitor templates and add separate cert-manager certificate for secure metrics.
- Split compatibility e2e tests into non-OLM vs OLM runs and bump Kubebuilder version.
Reviewed changes
Copilot reviewed 8 out of 35 changed files in this pull request and generated 2 comments.
Show a summary per file
| File | Description |
|---|---|
| PROJECT | Updates Kubebuilder helm plugin manifest path reference. |
| Makefile | Updates Helm chart generation flow, adds OLM-only e2e target, bumps Kubebuilder version. |
| dist/chart/values.yaml | Restructures chart values (controller/manager/rbac/serviceAccount/metrics/prometheus). |
| dist/chart/templates/_helpers.tpl | Fixes helper typo and adds serviceAccountName helper. |
| dist/chart/templates/manager/manager.yaml | Regenerated Deployment template: args/env, cert mounts, SA name helper, optional manager install. |
| dist/chart/templates/rbac/controller-manager.yaml | Adds conditional SA creation + annotations/labels support, uses SA name helper. |
| dist/chart/templates/rbac/manager-role.yaml | Adds namespaced vs cluster-scoped RBAC kind switching. |
| dist/chart/templates/rbac/manager-rolebinding.yaml | Adds namespaced vs cluster-scoped binding kind switching and uses SA name helper. |
| dist/chart/templates/rbac/leader-election-rolebinding.yaml | Uses SA name helper. |
| dist/chart/templates/rbac/metrics-reader.yaml | Gates metrics RBAC on secure metrics. |
| dist/chart/templates/rbac/metrics-auth-role.yaml | Gates metrics RBAC on secure metrics. |
| dist/chart/templates/rbac/metrics-auth-rolebinding.yaml | Gates metrics RBAC on secure metrics and uses SA name helper. |
| dist/chart/templates/rbac/clickhousecluster-admin-role.yaml | Moves helper RBAC under rbac.helpers.enable and adds namespaced kind switching. |
| dist/chart/templates/rbac/clickhousecluster-editor-role.yaml | Same as above. |
| dist/chart/templates/rbac/clickhousecluster-viewer-role.yaml | Same as above. |
| dist/chart/templates/rbac/keepercluster-admin-role.yaml | Same as above. |
| dist/chart/templates/rbac/keepercluster-editor-role.yaml | Same as above. |
| dist/chart/templates/rbac/keepercluster-viewer-role.yaml | Same as above. |
| dist/chart/templates/webhook/webhook-service.yaml | Regenerated webhook Service ports formatting. |
| dist/chart/templates/webhook/validating-webhook-configuration.yaml | Regenerated validating webhook configuration template. |
| dist/chart/templates/webhook/mutating-webhook-configuration.yaml | Regenerated mutating webhook configuration template. |
| dist/chart/templates/cert-manager/serving-cert.yaml | Updates webhook certificate generation and secret naming. |
| dist/chart/templates/cert-manager/metrics-certs.yaml | Adds dedicated metrics certificate template for secure metrics. |
| dist/chart/templates/metrics/metrics-service.yaml | Renames metrics Service port name based on secure/insecure mode. |
| dist/chart/templates/prometheus/controller-manager-metrics-monitor.yaml | Adds new ServiceMonitor template under prometheus.enable. |
| dist/chart/templates/monitoring/servicemonitor.yaml | Removes older ServiceMonitor template. |
| dist/chart/Chart.yaml | Removes cert-manager subchart dependency block. |
| dist/chart/Chart.lock | Removes cert-manager dependency lockfile. |
| config/helm/kustomization.yaml | Adds helm-focused kustomization for producing install manifests and replacements. |
| config/default/kustomization.yaml | Updates commented replacement guidance for ServiceMonitor TLS serverName substitution. |
| config/prometheus/monitor.yaml | Updates ServiceMonitor port name + switches to strict TLS config using Secret refs. |
| config/metrics/service.yaml | Renames insecure metrics Service port name to http. |
| config/metrics_secure/service.yaml | Renames secure metrics Service port name to https. |
| .github/workflows/ci.yaml | Adds CI matrix entry to run OLM-labeled deploy e2e. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Replaces #99