ovn: implement Daemonset overrides

Change-Id: I2735748a200071c9488810456b8cccfc3bb2cff6

ovn/templates/configmap-bin.yaml

@@ -12,13 +12,15 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */}}
 
-{{- if .Values.manifests.configmap_bin }}
-{{- $envAll := . }}
+{{- define "ovn.configmap.bin" }}
+{{- $configMapName := index . 0 }}
+{{- $envAll := index . 1 }}
+{{- with $envAll }}
 ---
 apiVersion: v1
 kind: ConfigMap
 metadata:
-  name: ovn-bin
+  name: {{ $configMapName }}
 data:
 {{- if .Values.images.local_registry.active }}
   image-repo-sync.sh: |
@@ -27,3 +29,8 @@ data:
   ovn-controller-init.sh: |
 {{ tuple "bin/_ovn-controller-init.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
 {{- end }}
+{{- end }}
+
+{{- if .Values.manifests.configmap_bin }}
+{{- list "ovn-bin" . | include "ovn.configmap.bin" }}
+{{- end }}

ovn/templates/daemonset-controller.yaml

@@ -21,12 +21,12 @@ exec:
     - ovn-controller
 {{- end }}
 
-{{- if .Values.manifests.daemonset_ovn_controller }}
-{{- $envAll := . }}
-
-{{- $configMapName := "ovn-etc" }}
-{{- $serviceAccountName := "ovn-controller" }}
-{{ tuple $envAll "ovn_controller" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
+{{- define "ovn.daemonset" }}
+{{- $daemonset := index . 0 }}
+{{- $configMapName := index . 1 }}
+{{- $serviceAccountName := index . 2 }}
+{{- $envAll := index . 3 }}
+{{- with $envAll }}
 
 ---
 kind: DaemonSet
@@ -155,3 +155,45 @@ spec:
         - name: gw-enabled
           emptyDir: {}
 {{- end }}
+{{- end }}
+
+
+{{- if .Values.manifests.daemonset_ovn_controller }}
+{{- $envAll := . }}
+{{- $daemonset := "controller" }}
+{{- $configMapName := "ovn-etc" }}
+{{- $serviceAccountName := "ovn-controller" }}
+
+{{ tuple $envAll "ovn_controller" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
+{{- $configmap_yaml := "ovn.configmap.etc" }}
+
+{{/* Preffer using .Values.overrides rather than .Values.conf.overrides */}}
+{{- list $daemonset "ovn.daemonset" $serviceAccountName $configmap_yaml $configMapName "ovn.configmap.bin" "ovn-bin" . | include "helm-toolkit.utils.daemonset_overrides_root" }}
+
+{{- $serviceAccountNamespace := $envAll.Release.Namespace }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: ovn-controller-list-nodes-role-{{ $serviceAccountNamespace }}
+rules:
+- apiGroups: [""]
+  resources: ["nodes"]
+  verbs: ["list", "get"]
+
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: ovn-controller-list-nodes-rolebinding-{{ $serviceAccountNamespace }}
+subjects:
+- kind: ServiceAccount
+  name: {{ $serviceAccountName }}
+  namespace: {{ $serviceAccountNamespace }}
+roleRef:
+  kind: ClusterRole
+  name: ovn-controller-list-nodes-role-{{ $serviceAccountNamespace }}
+  apiGroup: rbac.authorization.k8s.io
+
+{{- end }}
+

releasenotes/notes/ovn-3b9e82e5d469bc98.yaml

@@ -0,0 +1,4 @@
+---
+features:
+  - Implement daemonset overrides
+...