From ec27d85ae63886d65e026969f0a3c1666f2df4b1 Mon Sep 17 00:00:00 2001 From: Rowan Smith Date: Fri, 19 Jun 2026 02:57:37 +0000 Subject: [PATCH 1/2] helm rbac templating added --- helm/templates/service.yaml | 14 +++++++------- helm/values.yaml | 6 ++++++ 2 files changed, 13 insertions(+), 7 deletions(-) diff --git a/helm/templates/service.yaml b/helm/templates/service.yaml index cd4fcb3..8c8c69f 100644 --- a/helm/templates/service.yaml +++ b/helm/templates/service.yaml @@ -16,7 +16,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: - name: coder-logstream-kube-role + name: {{ $.Values.rbac.roleName }} namespace: {{ . }} rules: {{ include "coder-logstream-kube.rules" . | nindent 2 }} @@ -24,12 +24,12 @@ rules: apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: - name: coder-logstream-kube-rolebinding + name: {{ $.Values.rbac.roleBindingName }} namespace: {{ . }} roleRef: apiGroup: rbac.authorization.k8s.io kind: Role - name: coder-logstream-kube-role + name: {{ $.Values.rbac.roleName }} subjects: - kind: ServiceAccount name: {{ $.Values.serviceAccount.name | quote }} @@ -40,18 +40,18 @@ subjects: apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: - name: coder-logstream-kube-role + name: {{ $.Values.rbac.roleName }} rules: {{ include "coder-logstream-kube.rules" . | nindent 2 }} --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: - name: coder-logstream-kube-rolebinding + name: {{ $.Values.rbac.roleBindingName }} roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole - name: coder-logstream-kube-role + name: {{ $.Values.rbac.roleName }} subjects: - kind: ServiceAccount name: {{ .Values.serviceAccount.name | quote }} @@ -68,7 +68,7 @@ metadata: apiVersion: apps/v1 kind: Deployment metadata: - name: coder-logstream-kube + name: {{ .Release.Name }} spec: # This must remain at 1 otherwise duplicate logs can occur! replicas: 1 diff --git a/helm/values.yaml b/helm/values.yaml index e3c7036..24f9fad 100644 --- a/helm/values.yaml +++ b/helm/values.yaml @@ -57,6 +57,12 @@ serviceAccount: # coder.serviceAccount.name -- The service account name name: coder-logstream-kube +rbac: + # rbac.roleName -- The name of the role created in Kubernetes. + roleName: coder-logstream-kube + # rbac.roleBindingName -- The name of the role binding created in Kubernetes. + roleBindingName: coder-logstream-kube-rolebinding + # resources -- The resources to request for the Deployment. These are optional # and are not set by default. resources: From 56fc1e0e7af536009bdcbac48039115f871f25b6 Mon Sep 17 00:00:00 2001 From: Rowan Smith Date: Fri, 19 Jun 2026 18:15:50 +1000 Subject: [PATCH 2/2] Update helm/values.yaml Co-authored-by: Cian Johnston --- helm/values.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/helm/values.yaml b/helm/values.yaml index 24f9fad..22045ab 100644 --- a/helm/values.yaml +++ b/helm/values.yaml @@ -59,7 +59,7 @@ serviceAccount: rbac: # rbac.roleName -- The name of the role created in Kubernetes. - roleName: coder-logstream-kube + roleName: coder-logstream-kube-role # rbac.roleBindingName -- The name of the role binding created in Kubernetes. roleBindingName: coder-logstream-kube-rolebinding