Removal of secret reader feature (#285)

kiali-operator/templates/clusterrole.yaml

@@ -36,17 +36,6 @@ rules:
   - create
   - list
   - watch
-{{- if gt (len .Values.secretReader) 0 }}
-- apiGroups: [""]
-  resourceNames:
-  {{- range .Values.secretReader }}
-  - {{ . }}
-  {{- end }}
-  resources:
-  - secrets
-  verbs:
-  - get
-{{- end }}
 - apiGroups: [""]
   resourceNames:
   - kiali-signing-key

kiali-operator/values.yaml

@@ -44,15 +44,6 @@ watchNamespace: ""
 # Note that this will be overriden to "true" if cr.create is true and cr.spec.deployment.cluster_wide_access=true.
 clusterRoleCreator: true
 
-# Set to a list of secrets in the cluster that the operator will be allowed to read. This is necessary if you want to
-# support Kiali CRs with spec.kiali_feature_flags.certificates_information_indicators.enabled=true.
-# The secrets in this list will be the only ones allowed to be specified in any Kiali CR (in the setting
-# spec.kiali_feature_flags.certificates_information_indicators.secrets).
-# If you set this to an empty list, the operator will not be given permission to read any additional secrets
-# found in the cluster, and thus will only support a value of "false" in the Kiali CR setting
-# spec.kiali_feature_flags.certificates_information_indicators.enabled.
-secretReader: ['cacerts', 'istio-ca-secret']
-
 # Set to true if you want to allow the operator to only be able to install Kiali in view-only-mode.
 # The purpose for this setting is to allow you to restrict the permissions given to the operator itself.
 onlyViewOnlyMode: false

kiali-server/values.yaml

@@ -95,11 +95,6 @@ identity: {}
   #private_key_file:
 
 kiali_feature_flags:
-  certificates_information_indicators:
-    enabled: true
-    secrets:
-    - cacerts
-    - istio-ca-secret
   disabled_features: []
   validations:
     ignore: ["KIA1301"]