Remove create flags for crd, rbac, and serviceAccounts

These all default to true and there doesn't seem to be any reason a user would want to set any to false as Submariner woild not work without these resources. Removing them simplifies the charts. Signed-off-by: Tom Pantelis <[email protected]>
submariner-io · Jan 22, 2025 · 1bb89ab · 1bb89ab
1 parent 0284006
commit 1bb89ab
Show file tree

Hide file tree

Showing 8 changed files with 2 additions and 52 deletions.
diff --git a/generate-yamls.sh b/generate-yamls.sh
@@ -40,37 +40,30 @@ cat yamls/Deploy_crds_submariner_io_submariners.yaml \
     yamls/Deploy_crds_submariner_io_brokers.yaml > submariner-operator/crds/crd.yaml
 
 # Generate the operator RBAC yaml for the operator chart
-echo '{{- if .Values.rbac.create -}}' > ${OPERATOR_RBAC_YAML}
 add_service_acct_ns yamls/Config_rbac_submariner_operator_cluster_role_binding.yaml
 cat yamls/Config_rbac_submariner_operator_service_account.yaml \
     yamls/Config_rbac_submariner_operator_role.yaml \
     yamls/Config_rbac_submariner_operator_role_binding.yaml \
     yamls/Config_rbac_submariner_operator_cluster_role.yaml \
     yamls/Config_rbac_submariner_operator_cluster_role_binding.yaml > ${OPERATOR_RBAC_YAML}
-echo '{{- end -}}' >> ${OPERATOR_RBAC_YAML}
 
 # Generate the gateway RBAC yaml for the operator chart
-echo '{{- if .Values.rbac.create -}}' > ${GATEWAY_RBAC_YAML}
 add_service_acct_ns yamls/Config_rbac_submariner_gateway_cluster_role_binding.yaml
 cat yamls/Config_rbac_submariner_gateway_service_account.yaml \
     yamls/Config_rbac_submariner_gateway_role.yaml \
     yamls/Config_rbac_submariner_gateway_role_binding.yaml \
     yamls/Config_rbac_submariner_gateway_cluster_role.yaml \
     yamls/Config_rbac_submariner_gateway_cluster_role_binding.yaml > ${GATEWAY_RBAC_YAML}
-echo '{{- end -}}' >> ${GATEWAY_RBAC_YAML}
 
 # Generate the routeagent RBAC yaml for the operator chart
-echo '{{- if .Values.rbac.create -}}' > ${ROUTE_AGENT_RBAC_YAML}
 add_service_acct_ns yamls/Config_rbac_submariner_route_agent_cluster_role_binding.yaml
 cat yamls/Config_rbac_submariner_route_agent_service_account.yaml \
     yamls/Config_rbac_submariner_route_agent_role.yaml \
     yamls/Config_rbac_submariner_route_agent_role_binding.yaml \
     yamls/Config_rbac_submariner_route_agent_cluster_role.yaml \
     yamls/Config_rbac_submariner_route_agent_cluster_role_binding.yaml > ${ROUTE_AGENT_RBAC_YAML}
-echo '{{- end -}}' >> ${ROUTE_AGENT_RBAC_YAML}
 
 # Generate the globalnet RBAC yaml for the operator chart
-echo '{{- if .Values.rbac.create -}}' > ${GLOBALNET_RBAC_YAML}
 echo '{{- if .Values.broker.globalnet }}' > ${GLOBALNET_RBAC_YAML}
 add_service_acct_ns yamls/Config_rbac_submariner_globalnet_cluster_role_binding.yaml
 cat yamls/Config_rbac_submariner_globalnet_service_account.yaml \
@@ -81,7 +74,6 @@ cat yamls/Config_rbac_submariner_globalnet_service_account.yaml \
 echo '{{- end -}}' >> ${GLOBALNET_RBAC_YAML}
 
 # Generate the service discovery RBAC yaml for the operator chart
-echo '{{- if .Values.rbac.create -}}' > ${SERVICE_DISC_RBAC_YAML}
 echo '{{- if .Values.submariner.serviceDiscovery }}' > ${SERVICE_DISC_RBAC_YAML}
 add_service_acct_ns yamls/Config_rbac_lighthouse_agent_cluster_role_binding.yaml
 add_service_acct_ns yamls/Config_rbac_lighthouse_coredns_cluster_role_binding.yaml
@@ -94,7 +86,5 @@ cat yamls/Config_rbac_lighthouse_agent_service_account.yaml \
 echo '{{- end -}}' >> ${SERVICE_DISC_RBAC_YAML}
 
 # Generate the openshift monitoring rbac yaml for the operator chart
-echo '{{- if .Values.rbac.create -}}' > ${OPENSHIFT_MONITORING_YAML}
 cat yamls/Config_openshift_rbac_submariner_metrics_reader_role.yaml \
-    yamls/Config_openshift_rbac_submariner_metrics_reader_role_binding.yaml >> ${OPENSHIFT_MONITORING_YAML}
-echo '{{- end -}}' >> ${OPENSHIFT_MONITORING_YAML}
+    yamls/Config_openshift_rbac_submariner_metrics_reader_role_binding.yaml > ${OPENSHIFT_MONITORING_YAML}
diff --git a/submariner-k8s-broker/README.md b/submariner-k8s-broker/README.md
@@ -13,12 +13,3 @@ Submariner Kubernetes Broker
 ## Source Code
 
 * <https://submariner-io.github.io/submariner-charts/charts>
-
-## Values
-
-| Key | Type | Default | Description |
-|-----|------|---------|-------------|
-| crd.create | bool | `true` |  |
-| rbac.create | bool | `true` |  |
-| serviceAccounts.client.create | bool | `true` |  |
-| serviceAccounts.client.name | string | `""` |  |
diff --git a/submariner-k8s-broker/templates/_helpers.tpl b/submariner-k8s-broker/templates/_helpers.tpl
@@ -35,9 +35,5 @@ Create chart name and version as used by the chart label.
 Create the name of the submariner-client service account to use
 */}}
 {{- define "submariner-k8s-broker.clientServiceAccountName" -}}
-{{- if .Values.serviceAccounts.client.create -}}
-    {{ default (printf "%s-client" (include "submariner-k8s-broker.fullname" .)) .Values.serviceAccounts.client.name }}
-{{- else -}}
-    {{ default "default" .Values.serviceAccounts.client.name }}
-{{- end -}}
+{{- printf "%s-client" (include "submariner-k8s-broker.fullname" .)}}
 {{- end -}}
diff --git a/submariner-k8s-broker/templates/rbac.yaml b/submariner-k8s-broker/templates/rbac.yaml
@@ -1,4 +1,3 @@
-{{- if .Values.rbac.create -}}
 {{ include "broker-role" $ }}
 ---
 apiVersion: rbac.authorization.k8s.io/v1
@@ -13,4 +12,3 @@ subjects:
 - kind: ServiceAccount
   name: {{ template "submariner-k8s-broker.clientServiceAccountName" . }}
   namespace: {{ .Release.Namespace }}
-{{- end -}}
diff --git a/submariner-k8s-broker/templates/svc-acct.yaml b/submariner-k8s-broker/templates/svc-acct.yaml
@@ -1,4 +1,3 @@
-{{- if .Values.serviceAccounts.client.create }}
 apiVersion: v1
 kind: ServiceAccount
 metadata:
@@ -16,4 +15,3 @@ metadata:
   annotations:
     kubernetes.io/service-account.name: {{ template "submariner-k8s-broker.clientServiceAccountName" . }}
 type: kubernetes.io/service-account-token
-{{- end }}
diff --git a/submariner-k8s-broker/values.yaml b/submariner-k8s-broker/values.yaml
@@ -1,9 +1 @@
 ---
-rbac:
-  create: true
-crd:
-  create: true
-serviceAccounts:
-  client:
-    create: true
-    name: ""
diff --git a/submariner-operator/README.md b/submariner-operator/README.md
@@ -38,19 +38,6 @@ Submariner enables direct networking between Pods and Services in different Kube
 | operator.image.tag | string | `"0.14.0"` |  |
 | operator.resources | object | `{}` |  |
 | operator.tolerations | list | `[]` |  |
-| rbac.create | bool | `true` |  |
-| serviceAccounts.gateway.create | bool | `true` |  |
-| serviceAccounts.gateway.name | string | `""` |  |
-| serviceAccounts.globalnet.create | bool | `true` |  |
-| serviceAccounts.globalnet.name | string | `""` |  |
-| serviceAccounts.lighthouseAgent.create | bool | `true` |  |
-| serviceAccounts.lighthouseAgent.name | string | `""` |  |
-| serviceAccounts.lighthouseCoreDns.create | bool | `true` |  |
-| serviceAccounts.lighthouseCoreDns.name | string | `""` |  |
-| serviceAccounts.operator.create | bool | `true` |  |
-| serviceAccounts.operator.name | string | `""` |  |
-| serviceAccounts.routeAgent.create | bool | `true` |  |
-| serviceAccounts.routeAgent.name | string | `""` |  |
 | submariner.cableDriver | string | `"libreswan"` |  |
 | submariner.clusterCidr | string | `""` |  |
 | submariner.clusterId | string | `""` |  |

diff --git a/submariner-operator/values.yaml b/submariner-operator/values.yaml
@@ -25,8 +25,6 @@ broker:
   insecure: false
   ca: ""
   globalnet: false
-rbac:
-  create: true
 images: {}
 ipsec:
   psk: ""