The cluster role in the helm chart should match the one in the manifest

Question

The cluster role in the helm chart should match the one in the manifest

phroggyy opened this issue 5 years ago · 1 comments

As per #53 (comment) and the comment prior, the cluster role should not have access to secrets and events.

This is clear from the fact that these permissions are only granted in the helm chart, and not in the non-helm manifests.

For further discussion: is there a good way to keep those in sync? Can we have helm read the manifests as yaml and grab segments, or even have a CI job that'll auto-update parts? (e.g doing a helm template with given values that output the desired files).

Answer 1 · 2019-11-19T16:39:44.000Z

Ah, I didn't add the manifests, so wasn't looking at keeping them up to date; I'd rather find a simple way to document combining kontemplate with Helm or to automatically generate those templates from the Helm files, so they're leading.