Merge pull request #1356 from ishankhare07/fix-clusterrole-cross-vclu…

…ster-coredns

create clusterrole and pod permissions when coredns plugin enabled

charts/eks/templates/_helpers.tpl

@@ -58,7 +58,8 @@ Whether to create a cluster role or not
     .Values.sync.priorityclasses.enabled
     .Values.sync.volumesnapshots.enabled
     .Values.proxy.metricsServer.nodes.enabled
-    .Values.multiNamespaceMode.enabled -}}
+    .Values.multiNamespaceMode.enabled
+    .Values.coredns.plugin.enabled -}}
     {{- true -}}
 {{- end -}}
 {{- end -}}

charts/eks/templates/rbac/clusterrole.yaml

@@ -26,6 +26,11 @@ rules:
     resources: [ "pods", "nodes/metrics", "nodes/stats"]
     verbs: ["get", "watch", "list"]
   {{- end }}
+  {{- if .Values.coredns.plugin.enabled }}
+  - apiGroups: [""]
+    resources: [ "pods"]
+    verbs: ["get", "watch", "list"]
+  {{- end }}
   {{- if and (or .Values.sync.nodes.enabled .Values.rbac.clusterRole.create) (or (not .Values.isolation.enabled) (and .Values.isolation.nodeProxyPermission.enabled .Values.isolation.enabled)) }}
   - apiGroups: [""]
     resources: ["nodes/proxy"]

charts/k0s/templates/_helpers.tpl

@@ -58,7 +58,8 @@ Whether to create a cluster role or not
     .Values.sync.priorityclasses.enabled
     .Values.sync.volumesnapshots.enabled
     .Values.proxy.metricsServer.nodes.enabled
-    .Values.multiNamespaceMode.enabled -}}
+    .Values.multiNamespaceMode.enabled
+    .Values.coredns.plugin.enabled -}}
     {{- true -}}
 {{- end -}}
 {{- end -}}

charts/k0s/templates/rbac/clusterrole.yaml

@@ -26,6 +26,11 @@ rules:
     resources: [ "pods", "nodes/metrics", "nodes/stats"]
     verbs: ["get", "watch", "list"]
   {{- end }}
+  {{- if .Values.coredns.plugin.enabled }}
+  - apiGroups: [""]
+    resources: [ "pods"]
+    verbs: ["get", "watch", "list"]
+  {{- end }}
   {{- if and (or .Values.sync.nodes.enabled .Values.rbac.clusterRole.create) (or (not .Values.isolation.enabled) (and .Values.isolation.nodeProxyPermission.enabled .Values.isolation.enabled)) }}
   - apiGroups: [""]
     resources: ["nodes/proxy"]

charts/k3s/templates/_helpers.tpl

@@ -58,7 +58,8 @@ Whether to create a cluster role or not
     .Values.sync.priorityclasses.enabled
     .Values.sync.volumesnapshots.enabled
     .Values.proxy.metricsServer.nodes.enabled
-    .Values.multiNamespaceMode.enabled -}}
+    .Values.multiNamespaceMode.enabled
+    .Values.coredns.plugin.enabled -}}
     {{- true -}}
 {{- end -}}
 {{- end -}}

charts/k3s/templates/rbac/clusterrole.yaml

@@ -26,6 +26,11 @@ rules:
     resources: [ "pods", "nodes/metrics", "nodes/stats"]
     verbs: ["get", "watch", "list"]
   {{- end }}
+  {{- if .Values.coredns.plugin.enabled }}
+  - apiGroups: [""]
+    resources: [ "pods"]
+    verbs: ["get", "watch", "list"]
+  {{- end }}
   {{- if and (or .Values.sync.nodes.enabled .Values.rbac.clusterRole.create) (or (not .Values.isolation.enabled) (and .Values.isolation.nodeProxyPermission.enabled .Values.isolation.enabled)) }}
   - apiGroups: [""]
     resources: ["nodes/proxy"]

charts/k8s/templates/_helpers.tpl

@@ -58,7 +58,8 @@ Whether to create a cluster role or not
     .Values.sync.priorityclasses.enabled
     .Values.sync.volumesnapshots.enabled
     .Values.proxy.metricsServer.nodes.enabled
-    .Values.multiNamespaceMode.enabled -}}
+    .Values.multiNamespaceMode.enabled
+    .Values.coredns.plugin.enabled -}}
     {{- true -}}
 {{- end -}}
 {{- end -}}

charts/k8s/templates/rbac/clusterrole.yaml

@@ -26,6 +26,11 @@ rules:
     resources: [ "pods", "nodes/metrics", "nodes/stats"]
     verbs: ["get", "watch", "list"]
   {{- end }}
+  {{- if .Values.coredns.plugin.enabled }}
+  - apiGroups: [""]
+    resources: [ "pods"]
+    verbs: ["get", "watch", "list"]
+  {{- end }}
   {{- if and (or .Values.sync.nodes.enabled .Values.rbac.clusterRole.create) (or (not .Values.isolation.enabled) (and .Values.isolation.nodeProxyPermission.enabled .Values.isolation.enabled)) }}
   - apiGroups: [""]
     resources: ["nodes/proxy"]