From 1103242b7e8fce7a7cfcbd8278f1dab2bb4620f1 Mon Sep 17 00:00:00 2001 From: Vijay Dandu Date: Mon, 15 Sep 2025 20:41:38 -0700 Subject: [PATCH 1/4] feat: reads enableCARM value and supplies to controller if disabled --- templates/helm/templates/deployment.yaml.tpl | 8 ++++++++ templates/helm/values.schema.json | 5 +++++ templates/helm/values.yaml.tpl | 3 +++ 3 files changed, 16 insertions(+) diff --git a/templates/helm/templates/deployment.yaml.tpl b/templates/helm/templates/deployment.yaml.tpl index 1399388c..b21a6df2 100644 --- a/templates/helm/templates/deployment.yaml.tpl +++ b/templates/helm/templates/deployment.yaml.tpl @@ -90,6 +90,10 @@ spec: {{ "{{- if .Values.featureGates}}" }} - --feature-gates - "$(FEATURE_GATES)" +{{ "{{- end }}" }} +{{ "{{- if and (hasKey .Values "enableCARM") (not .Values.enableCARM) }}"}} + - --enable-carm + - "$(ENABLE_CARM)" {{ "{{- end }}" }} image: {{ "{{ .Values.image.repository }}:{{ .Values.image.tag }}" }} imagePullPolicy: {{ "{{ .Values.image.pullPolicy }}" }} @@ -141,6 +145,10 @@ spec: {{ "{{- if .Values.featureGates}}" }} - name: FEATURE_GATES value: {{ IncludeTemplate "feature-gates" }} +{{ "{{- end }}" }} +{{ "{{- if and (hasKey .Values "enableCARM") (not .Values.enableCARM) }}"}} + - name: ENABLE_CARM + - value: "false" {{ "{{- end }}" }} {{ "{{- if .Values.aws.credentials.secretName }}" }} - name: AWS_SHARED_CREDENTIALS_FILE diff --git a/templates/helm/values.schema.json b/templates/helm/values.schema.json index e656c749..c3f56a0c 100644 --- a/templates/helm/values.schema.json +++ b/templates/helm/values.schema.json @@ -263,6 +263,11 @@ }, "type": "object" }, + "enableCARM": { + "description": "Parameter to enable or disable cross account resource management.", + "type": "boolean", + "default": true + }, "serviceAccount": { "description": "ServiceAccount settings", "properties": { diff --git a/templates/helm/values.yaml.tpl b/templates/helm/values.yaml.tpl index 0c8f1ad8..1b09b2e1 100644 --- a/templates/helm/values.yaml.tpl +++ b/templates/helm/values.yaml.tpl @@ -169,6 +169,9 @@ leaderElection: # pod. namespace: "" +# Enable Cross Account Resource Management (default = true). Set this to false to disable cross account resource management. +enableCARM: true + # Configuration for feature gates. These are optional controller features that # can be individually enabled ("true") or disabled ("false") by adding key/value # pairs below. From 4d165552903d480508dd7776897d54e21446b1c1 Mon Sep 17 00:00:00 2001 From: Vijay Dandu Date: Mon, 15 Sep 2025 20:51:17 -0700 Subject: [PATCH 2/4] simplify logic and supply value always --- templates/helm/templates/deployment.yaml.tpl | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/templates/helm/templates/deployment.yaml.tpl b/templates/helm/templates/deployment.yaml.tpl index b21a6df2..d52708da 100644 --- a/templates/helm/templates/deployment.yaml.tpl +++ b/templates/helm/templates/deployment.yaml.tpl @@ -91,10 +91,8 @@ spec: - --feature-gates - "$(FEATURE_GATES)" {{ "{{- end }}" }} -{{ "{{- if and (hasKey .Values "enableCARM") (not .Values.enableCARM) }}"}} - --enable-carm - "$(ENABLE_CARM)" -{{ "{{- end }}" }} image: {{ "{{ .Values.image.repository }}:{{ .Values.image.tag }}" }} imagePullPolicy: {{ "{{ .Values.image.pullPolicy }}" }} name: controller @@ -146,10 +144,8 @@ spec: - name: FEATURE_GATES value: {{ IncludeTemplate "feature-gates" }} {{ "{{- end }}" }} -{{ "{{- if and (hasKey .Values "enableCARM") (not .Values.enableCARM) }}"}} - name: ENABLE_CARM - - value: "false" -{{ "{{- end }}" }} + value: {{ "{{ .Values.enableCARM }}" }} {{ "{{- if .Values.aws.credentials.secretName }}" }} - name: AWS_SHARED_CREDENTIALS_FILE value: {{ IncludeTemplate "aws.credentials.path" }} From 5d670d319e7ef023b41604115486393eaf6870b1 Mon Sep 17 00:00:00 2001 From: Vijay Dandu Date: Tue, 16 Sep 2025 10:20:22 -0700 Subject: [PATCH 3/4] convert bool to string when supplying as env var --- templates/helm/templates/deployment.yaml.tpl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/templates/helm/templates/deployment.yaml.tpl b/templates/helm/templates/deployment.yaml.tpl index d52708da..af517373 100644 --- a/templates/helm/templates/deployment.yaml.tpl +++ b/templates/helm/templates/deployment.yaml.tpl @@ -145,7 +145,7 @@ spec: value: {{ IncludeTemplate "feature-gates" }} {{ "{{- end }}" }} - name: ENABLE_CARM - value: {{ "{{ .Values.enableCARM }}" }} + value: {{ "{{ .Values.enableCARM | toString }}" }} {{ "{{- if .Values.aws.credentials.secretName }}" }} - name: AWS_SHARED_CREDENTIALS_FILE value: {{ IncludeTemplate "aws.credentials.path" }} From ad989a7bbbef69aa16291b2925cd6e53af16e728 Mon Sep 17 00:00:00 2001 From: Vijay Dandu Date: Tue, 16 Sep 2025 11:25:00 -0700 Subject: [PATCH 4/4] supply directly to cli args instead of envvar --- templates/helm/templates/deployment.yaml.tpl | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/templates/helm/templates/deployment.yaml.tpl b/templates/helm/templates/deployment.yaml.tpl index af517373..b9e15e98 100644 --- a/templates/helm/templates/deployment.yaml.tpl +++ b/templates/helm/templates/deployment.yaml.tpl @@ -91,8 +91,7 @@ spec: - --feature-gates - "$(FEATURE_GATES)" {{ "{{- end }}" }} - - --enable-carm - - "$(ENABLE_CARM)" + - {{ "--enable-carm={{ .Values.enableCARM }}" }} image: {{ "{{ .Values.image.repository }}:{{ .Values.image.tag }}" }} imagePullPolicy: {{ "{{ .Values.image.pullPolicy }}" }} name: controller @@ -144,8 +143,6 @@ spec: - name: FEATURE_GATES value: {{ IncludeTemplate "feature-gates" }} {{ "{{- end }}" }} - - name: ENABLE_CARM - value: {{ "{{ .Values.enableCARM | toString }}" }} {{ "{{- if .Values.aws.credentials.secretName }}" }} - name: AWS_SHARED_CREDENTIALS_FILE value: {{ IncludeTemplate "aws.credentials.path" }}