From 9772da014abe828cb171c5b059e521656607377a Mon Sep 17 00:00:00 2001 From: Enno Boland Date: Mon, 29 Jun 2020 09:39:48 +0200 Subject: [PATCH 1/3] helm-chart: allow configmaps instead of endpoints if leader elections uses the configmaps method --- .../postgres-operator/templates/clusterrole-postgres-pod.yaml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/charts/postgres-operator/templates/clusterrole-postgres-pod.yaml b/charts/postgres-operator/templates/clusterrole-postgres-pod.yaml index ef607ae3c..af7aed814 100644 --- a/charts/postgres-operator/templates/clusterrole-postgres-pod.yaml +++ b/charts/postgres-operator/templates/clusterrole-postgres-pod.yaml @@ -13,7 +13,11 @@ rules: - apiGroups: - "" resources: +{{- if toString .Values.configGeneral.kubernetes_use_configmaps | eq "true" }} + - configmaps +{{- else }} - endpoints +{{- end }} verbs: - create - delete From 6223f84599c3efd0fefe72666e4988eb6ad1cd75 Mon Sep 17 00:00:00 2001 From: Enno Boland Date: Wed, 1 Jul 2020 12:40:10 +0200 Subject: [PATCH 2/3] helm-chart: allow endpoints get even if config maps are used --- .../templates/clusterrole-postgres-pod.yaml | 22 +++++++++++++++++-- 1 file changed, 20 insertions(+), 2 deletions(-) diff --git a/charts/postgres-operator/templates/clusterrole-postgres-pod.yaml b/charts/postgres-operator/templates/clusterrole-postgres-pod.yaml index af7aed814..b3f9f08f5 100644 --- a/charts/postgres-operator/templates/clusterrole-postgres-pod.yaml +++ b/charts/postgres-operator/templates/clusterrole-postgres-pod.yaml @@ -10,14 +10,31 @@ metadata: app.kubernetes.io/instance: {{ .Release.Name }} rules: # Patroni needs to watch and manage endpoints +{{- if toString .Values.configGeneral.kubernetes_use_configmaps | eq "true" }} - apiGroups: - "" resources: -{{- if toString .Values.configGeneral.kubernetes_use_configmaps | eq "true" }} - configmaps + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - endpoints + verbs: + - get {{- else }} +- apiGroups: + - "" + resources: - endpoints -{{- end }} verbs: - create - delete @@ -27,6 +44,7 @@ rules: - patch - update - watch +{{- end }} # Patroni needs to watch pods - apiGroups: - "" From d2e6330bb68c602be40d17517183d9e5ebcb63c1 Mon Sep 17 00:00:00 2001 From: Enno Boland Date: Fri, 3 Jul 2020 17:03:02 +0200 Subject: [PATCH 3/3] helm-chart: allow configmaps instead of endpoints on the operator role too. --- charts/postgres-operator/templates/clusterrole.yaml | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/charts/postgres-operator/templates/clusterrole.yaml b/charts/postgres-operator/templates/clusterrole.yaml index bd34e803e..bd60f0772 100644 --- a/charts/postgres-operator/templates/clusterrole.yaml +++ b/charts/postgres-operator/templates/clusterrole.yaml @@ -54,11 +54,15 @@ rules: - patch - update - watch -# to manage endpoints which are also used by Patroni +# to manage endpoints/configmaps which are also used by Patroni - apiGroups: - "" resources: +{{- if toString .Values.configGeneral.kubernetes_use_configmaps | eq "true" }} + - configmaps +{{- else }} - endpoints +{{- end }} verbs: - create - delete