diff --git a/.github/workflows/helm-chart.yml b/.github/workflows/helm-chart.yml index 757b5b12..d8a0138b 100644 --- a/.github/workflows/helm-chart.yml +++ b/.github/workflows/helm-chart.yml @@ -128,6 +128,8 @@ jobs: output_format: cli,sarif output_file_path: console,results.sarif soft_fail: true + env: + HELM_NAMESPACE: no-default-namespace - name: Template chart # temporary disabled due to https://github.com/zegl/kube-score/issues/559 diff --git a/helm/flowforge/templates/configmap.yaml b/helm/flowforge/templates/configmap.yaml index d60a019b..d65187b0 100644 --- a/helm/flowforge/templates/configmap.yaml +++ b/helm/flowforge/templates/configmap.yaml @@ -2,6 +2,7 @@ apiVersion: v1 kind: ConfigMap metadata: name: flowforge-config + namespace: {{ .Release.Namespace }} labels: {{- include "forge.labels" . | nindent 4 }} data: diff --git a/helm/flowforge/templates/deployment.yaml b/helm/flowforge/templates/deployment.yaml index 5da9efb4..88eed26e 100644 --- a/helm/flowforge/templates/deployment.yaml +++ b/helm/flowforge/templates/deployment.yaml @@ -2,6 +2,7 @@ apiVersion: apps/v1 kind: Deployment metadata: name: flowforge + namespace: {{ .Release.Namespace }} labels: {{- include "forge.labels" . | nindent 4 }} {{- with .Values.forge.labels }} diff --git a/helm/flowforge/templates/file-storage.yml b/helm/flowforge/templates/file-storage.yml index be39adf3..2b8e5a26 100644 --- a/helm/flowforge/templates/file-storage.yml +++ b/helm/flowforge/templates/file-storage.yml @@ -4,7 +4,6 @@ apiVersion: v1 kind: PersistentVolumeClaim metadata: name: file-storage-pvc - namespace: {{ .Release.Namespace }} labels: {{- include "forge.labels" . | nindent 4 }} spec: diff --git a/helm/flowforge/templates/network-policy.yaml b/helm/flowforge/templates/network-policy.yaml index 81e403e8..3baa3741 100644 --- a/helm/flowforge/templates/network-policy.yaml +++ b/helm/flowforge/templates/network-policy.yaml @@ -3,7 +3,6 @@ apiVersion: networking.k8s.io/v1 kind: NetworkPolicy metadata: name: flowforge-database-policy - namespace: {{ .Release.Namespace }} labels: {{- include "forge.labels" . | nindent 4 }} spec: diff --git a/helm/flowforge/templates/private-ca.yaml b/helm/flowforge/templates/private-ca.yaml index 84fccbc6..7b058d99 100644 --- a/helm/flowforge/templates/private-ca.yaml +++ b/helm/flowforge/templates/private-ca.yaml @@ -3,7 +3,6 @@ apiVersion: v1 kind: ConfigMap metadata: name: {{ .Values.forge.privateCA.configMapName | default "ff-ca-certs"}} - namespace: {{ .Release.Namespace }} labels: {{- include "forge.labels" . | nindent 4 }} data: diff --git a/helm/flowforge/templates/service-account.yaml b/helm/flowforge/templates/service-account.yaml index d422ed0b..e3a86988 100644 --- a/helm/flowforge/templates/service-account.yaml +++ b/helm/flowforge/templates/service-account.yaml @@ -2,6 +2,7 @@ apiVersion: v1 kind: ServiceAccount metadata: name: flowforge + namespace: {{ .Release.Namespace }} labels: {{- include "forge.labels" . | nindent 4 }} {{- if .Values.forge.cloudProvider }} @@ -34,6 +35,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: name: {{ ((.Values.forge).clusterRole).name | default "create-pod" }} + namespace: {{ .Release.Namespace }} labels: {{- include "forge.labels" . | nindent 4 }} rules: @@ -60,13 +62,12 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: name: {{ ((.Values.forge).clusterRole).name | default "create-pod" }} - namespace: {{ .Values.forge.projectNamespace }} + namespace: {{ .Release.Namespace }} labels: {{- include "forge.labels" . | nindent 4 }} subjects: - kind: ServiceAccount name: flowforge - namespace: {{ .Release.Namespace }} roleRef: kind: ClusterRole name: {{ ((.Values.forge).clusterRole).name | default "create-pod" }} diff --git a/helm/flowforge/templates/service-ingress.yaml b/helm/flowforge/templates/service-ingress.yaml index 86919eef..d9d9c95c 100644 --- a/helm/flowforge/templates/service-ingress.yaml +++ b/helm/flowforge/templates/service-ingress.yaml @@ -3,6 +3,7 @@ apiVersion: v1 kind: Service metadata: name: forge + namespace: {{ .Release.Namespace }} labels: {{- include "forge.labels" . | nindent 4 }} spec: @@ -17,6 +18,7 @@ apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: flowforge-ingress + namespace: {{ .Release.Namespace }} labels: {{- include "forge.labels" . | nindent 4 }} annotations: @@ -53,6 +55,7 @@ apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: flowforge-ingress-api-devices + namespace: {{ .Release.Namespace }} labels: {{- include "forge.labels" . | nindent 4 }} annotations: