From 3402dbc94e8e07f5f4a5d98b7157b2073b1f2e00 Mon Sep 17 00:00:00 2001
From: AndrewChubatiuk <andrew.chubatiuk@gmail.com>
Date: Thu, 19 Oct 2023 15:07:55 +0300
Subject: [PATCH] added allowedTopologies for storage class and extra rules for
 role in helm

---
 helm/provisioner/templates/rbac.yaml         | 3 +++
 helm/provisioner/templates/storageclass.yaml | 7 +++++++
 helm/provisioner/values.yaml                 | 4 ++++
 3 files changed, 14 insertions(+)

diff --git a/helm/provisioner/templates/rbac.yaml b/helm/provisioner/templates/rbac.yaml
index 1c6a9fb47..f3e4f2832 100644
--- a/helm/provisioner/templates/rbac.yaml
+++ b/helm/provisioner/templates/rbac.yaml
@@ -24,6 +24,9 @@ rules:
 - apiGroups: [""]
   resources: ["nodes"]
   verbs: ["get"]
+{{- if .Values.rbac.extraRules }}
+{{ toYaml .Values.rbac.extraRules }}
+{{- end}}
 ---
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRoleBinding
diff --git a/helm/provisioner/templates/storageclass.yaml b/helm/provisioner/templates/storageclass.yaml
index b225f41aa..937dd5b0e 100644
--- a/helm/provisioner/templates/storageclass.yaml
+++ b/helm/provisioner/templates/storageclass.yaml
@@ -23,5 +23,12 @@ reclaimPolicy: {{ $val.storageClass.reclaimPolicy | default "Delete" }}
 {{- else }}
 reclaimPolicy: Delete
 {{- end }}
+{{- if $val.allowedTopologies }}
+{{- if kindIs "string" $val.allowedTopologies }}
+allowedTopologies: {{ tpl $val.allowedTopologies $ }}
+{{- else }}
+allowedTopologies: {{ $val.allowedTopologies | toYaml | nindent 0 }}
+{{- end }}
+{{- end }}
 {{- end }}
 {{- end }}
diff --git a/helm/provisioner/values.yaml b/helm/provisioner/values.yaml
index 491651651..14dcbf885 100644
--- a/helm/provisioner/values.yaml
+++ b/helm/provisioner/values.yaml
@@ -5,6 +5,8 @@ fullnameOverride: ""
 rbac:
   # rbac.create: `true` if rbac resources should be created
   create: true
+  # list of additional rbac rules that may be needed by init containers
+  extraRules: []
 
 # Defines whether to generate a serviceAccount
 serviceAccount:
@@ -67,6 +69,8 @@ classes:
     fsType: ext4
     # File name pattern to discover. By default, discover all file names.
     namePattern: "*"
+    # Restrict topology of provisioned volumes to specific labels
+    allowedTopologies:
     blockCleanerCommand:
       #  Do a quick reset of the block device during its cleanup.
       #  - "/scripts/quick_reset.sh"