kedacore · wozniakjan · Oct 14, 2024 · Aug 5, 2024 · Sep 3, 2024 · Sep 3, 2024
@@ -109,6 +109,7 @@ their default values.
 | `podSecurityContext` | object | [See below](#KEDA-is-secure-by-default) | [Pod security context] for all pods |
 | `priorityClassName` | string | `""` | priorityClassName for all KEDA components |
 | `rbac.aggregateToDefaultRoles` | bool | `false` | Specifies whether RBAC for CRDs should be [aggregated](https://kubernetes.io/docs/reference/access-authn-authz/rbac/#aggregated-clusterroles) to default roles (view, edit, admin) |
+| `rbac.controlPlaneServiceAccountsNamespace` | string | `"kube-system"` | Customize the namespace of k8s metrics-server deployment This could also be achieved by the Kubernetes control plane manager flag --use-service-account-credentials: [docs](https://kubernetes.io/docs/reference/command-line-tools-reference/kube-controller-manager/) |
 | `rbac.create` | bool | `true` | Specifies whether RBAC should be used |
 | `rbac.enabledCustomScaledRefKinds` | bool | `true` | Whether RBAC for configured CRDs that can have a `scale` subresource should be created |
 | `rbac.scaledRefKinds` | list | `[{"apiGroup":"*","kind":"*"}]` | List of custom resources that support the `scale` subresource and can be referenced by `scaledobject.spec.scaleTargetRef`. The feature needs to be also enabled by `enabledCustomScaledRefKinds`. If left empty, RBAC for `apiGroups: *` and `resources: *, */scale` will be created note: Deployments and StatefulSets are supported out of the box |

@@ -31,7 +31,7 @@ metadata:
     app.kubernetes.io/name: {{ .Values.operator.name }}-auth-reader
     {{- include "keda.labels" . | indent 4 }}
   name: {{ .Values.operator.name }}-auth-reader
-  namespace: kube-system
+  namespace: {{ .Values.rbac.controlPlaneServiceAccountsNamespace }}
 roleRef:
   apiGroup: rbac.authorization.k8s.io
   kind: Role
@@ -59,5 +59,5 @@ roleRef:
 subjects:
 - kind: ServiceAccount
   name: horizontal-pod-autoscaler
-  namespace: kube-system
+  namespace: {{ .Values.rbac.controlPlaneServiceAccountsNamespace }}
 {{- end -}}
@@ -276,6 +276,10 @@ rbac:
 
   # -- Whether RBAC for configured CRDs that can have a `scale` subresource should be created
   enabledCustomScaledRefKinds: true
+  # -- Customize the namespace of k8s metrics-server deployment
+  # This could also be achieved by the Kubernetes control plane manager flag --use-service-account-credentials:
+  # [docs](https://kubernetes.io/docs/reference/command-line-tools-reference/kube-controller-manager/)
+  controlPlaneServiceAccountsNamespace: kube-system
   # -- List of custom resources that support the `scale` subresource and can be referenced by `scaledobject.spec.scaleTargetRef`.
   # The feature needs to be also enabled by `enabledCustomScaledRefKinds`.
   # If left empty, RBAC for `apiGroups: *` and `resources: *, */scale` will be created