chore: add service account creation as optional and allow podSecurityContext #4355

awatterson22 · 2024-02-23T14:41:46Z

What would you like to be added:

For helmchart, could the following fields be added?

controllerManager:
  .
  .
  serviceAccount:
    create: true
    name: chaos-controller-manager

      chaosDaemon:
        .
        .
        podSecurityPolicy: false
        podSecurityContext: {}

Then in helm/chaos-mesh/templates/controller-manager-deployment.yaml, change the if statement to this:

{{- if .Values.controllerManager.serviceAccount.create }}
serviceAccountName: {{ .Values.controllerManager.serviceAccount.name }}

Then in helm/chaos-mesh/templates/controller-manager-rbac.yaml, add the following if statement around the serviceAccount:

{{- if .Values.controllerManager.serviceAccount.create }}
.
.
.
{{- end }}

Why is this needed:

I would like to be able to not ignore the service account creation as I create it in another process and would like the ability to template the podSecurityContext for the chaosDaemon.

The text was updated successfully, but these errors were encountered:

STRRL · 2024-03-05T14:13:08Z

hi @awatterson22 , could you create a PR and help us complete it? Thanks! ❤️

awatterson22 · 2024-04-04T16:21:04Z

hi @STRRL, thank you for your reply. I have created a PR here: #4390. Just need to add my DCO and should be all set to be reviewed. Thank you!

awatterson22 · 2024-04-15T12:43:17Z

@STRRL, my PR is ready for review: #4390. Thank you

STRRL · 2024-04-15T12:44:53Z

copy that, we would triage and review it later.

Provide feedback