github-personal/cozystack
1
0
Fork 0
mirror of https://github.com/outbackdingo/cozystack.git synced 2026-01-27 10:18:39 +00:00
Code Issues Packages Projects Releases Wiki Activity

feature/make info app unconditionally

Browse Source 
Signed-off-by: kklinch0 <kklinch0@gmail.com>
This commit is contained in:
kklinch0
2025-09-30 00:40:25 +03:00
parent 7c1e103197
commit 65bee1a8dc
2 changed files with 13 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
packages/apps/tenant/templates/info.yaml
View File

@@ -1,6 +1,3 @@
{{- $cozyConfig := lookup "v1" "ConfigMap" "cozy-system" "cozystack" }}
{{- $oidcEnabled := index $cozyConfig.data "oidc-enabled" }}
{{- if eq $oidcEnabled "true" }}
apiVersion: helm.toolkit.fluxcd.io/v2
kind: HelmRelease
metadata:
@@ -30,4 +27,3 @@ spec:
force: true
remediation:
retries: -1
{{- end }}

14
packages/extra/info/templates/dashboard-resourcemap.yaml
View File

@@ -1,3 +1,5 @@
{{- $cozyConfig := lookup "v1" "ConfigMap" "cozy-system" "cozystack" }}
{{- $oidcEnabled := index $cozyConfig.data "oidc-enabled" }}
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
@@ -8,7 +10,11 @@ rules:
resources:
- secrets
resourceNames:
- kubeconfig-{{ .Release.Namespace }}
- {{- if eq $oidcEnabled "true" -}}
kubeconfig-{{ .Release.Namespace }}
{{- else -}}
tenant-{{ .Release.Namespace }}
{{- end }}
verbs: ["get", "list", "watch"]
---
kind: RoleBinding
@@ -16,7 +22,13 @@ apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: {{ .Release.Name }}-dashboard-resources
subjects:
{{- if eq $oidcEnabled "true" }}
{{ include "cozy-lib.rbac.subjectsForTenantAndAccessLevel" (list "view" .Release.Namespace) }}
{{- else }}
- kind: ServiceAccount
name: tenant-{{ .Release.Namespace }}
namespace: tenant-{{ .Release.Namespace }}
{{- end }}
roleRef:
kind: Role
name: {{ .Release.Name }}-dashboard-resources