Commit 21c663d0 authored by Jason Plum's avatar Jason Plum 🌴

Merge branch '1176-gate-clusterrole-in-application-crd' into 'master'

Allow Disabling of ClusterRoles in Application CRD

Closes #1176

See merge request charts/gitlab!702
parents d4b4a052 e99a2761
Pipeline #49557589 passed with stages
in 33 minutes and 12 seconds
---
title: Allow Disabling of ClusterRoles in ApplicationCRD
merge_request: 702
author:
type: added
......@@ -758,3 +758,25 @@ global:
application:
create: true
```
Some environments, such as Google GKE Marketplace, do not allow the creation
of ClusterRole resources. Set the following values to disable ClusterRole
components in the Application Custom Resource Definition as well as the
relevant charts packaged with Cloud Native GitLab.
```yaml
global:
application:
allowClusterRoles: false
operator:
enabled: false
nginx:
controller:
scope:
enabled: true
gitlab-runner:
rbac:
clusterWideAccess: false
certmanager:
install: false
```
......@@ -80,12 +80,14 @@ spec:
kind: ServiceAccount
- apiVersion: rbac.authorization.k8s.io/v1
kind: Role
- apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
- apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
{{ if eq .Values.global.application.allowClusterRoles true -}}
- apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
- apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
{{- end }}
- apiVersion: batch/v1
kind: Job
- apiVersion: v1
......
......@@ -31,6 +31,7 @@ global:
application:
create: false
links: []
allowClusterRoles: true
## doc/charts/globals.md#configure-host-settings
hosts:
domain: example.com
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment