Patch roles/bindings for keycloak-operator so it can more easily watch

any namespace(can't watch all, they have to be explicitly specified).

Patch roles/bindings for keycloak-operator so it can more easily watch
any namespace(can't watch all, they have to be explicitly specified).
Adam Heath
Showing 2 changed files with 80 additions and 0 deletions
keycloak-operator/environments/default-values.yaml
keycloak-operator/helmfile.yaml
--- a/keycloak-operator/environments/default-values.yaml
View file @7f15964
+++ b/keycloak-operator/environments/default-values.yaml
View file @7f15964
 namespace: keycloak-operator
+watchNamespaces: "default"
--- a/keycloak-operator/helmfile.yaml
View file @7f15964
+++ b/keycloak-operator/helmfile.yaml
View file @7f15964
@@ -9,4 +9,83 @@ releases:
  - name: keycloak-operator
    namespace: {{ .Values.namespace }}
    chart: charts/keycloak-operator
+    jsonPatches:
+      - target:
+          kind: Deployment
+          name: keycloak-operator
+          namespace: {{ .Values.namespace }}
+          version: v1
+          group: apps
+        patch:
+          - op: add
+            path: /spec/template/spec/containers/0/env/-
+            value:
+              name: QUARKUS_OPERATOR_SDK_NAMESPACES
+              value: {{ .Values.watchNamespaces }}
+      - target:
+          kind: Role
+          name: keycloak-operator-role
+          namespace: {{ .Values.namespace }}
+          version: v1
+          group: rbac.authorization.k8s.io
+        patch:
+          - op: remove
+            path: /metadata/namespace
+          - op: replace
+            path: /kind
+            value: ClusterRole
+      - target:
+          kind: RoleBinding
+          name: keycloak-operator-role-binding
+          namespace: {{ .Values.namespace }}
+          version: v1
+          group: rbac.authorization.k8s.io
+        patch:
+          - op: remove
+            path: /metadata/namespace
+          - op: replace
+            path: /kind
+            value: ClusterRoleBinding
+          - op: replace
+            path: /roleRef/kind
+            value: ClusterRole
+      - target:
+          kind: RoleBinding
+          name: keycloak-operator-view
+          namespace: {{ .Values.namespace }}
+          version: v1
+          group: rbac.authorization.k8s.io
+        patch:
+          - op: remove
+            path: /metadata/namespace
+          - op: replace
+            path: /kind
+            value: ClusterRoleBinding
+          - op: replace
+            path: /roleRef/kind
+            value: ClusterRole
+      - target:
+          kind: RoleBinding
+          name: keycloakcontroller-role-binding
+          namespace: {{ .Values.namespace }}
+          version: v1
+          group: rbac.authorization.k8s.io
+        patch:
+          - op: remove
+            path: /metadata/namespace
+          - op: replace
+            path: /kind
+            value: ClusterRoleBinding
+      - target:
+          kind: RoleBinding
+          name: keycloakrealmimportcontroller-role-binding
+          namespace: {{ .Values.namespace }}
+          version: v1
+          group: rbac.authorization.k8s.io
+        patch:
+          - op: remove
+            path: /metadata/namespace
+          - op: replace
+            path: /kind
+            value: ClusterRoleBinding