feat: add clusterAccess option for Kubernetes RBAC #18

Merged

cpfarhood merged 2 commits from feat/cluster-access-rbac into main

2026-02-20 16:31:35 +00:00

Author	SHA1	Message	Date
Chris Farhood	9c964e7069	docs: rewrite README with current architecture and clusterAccess docs - Replace all stale references (claude user, k8s/ dir, StatefulSet, old Happy paths) with current state (app user, Helm chart, Deployment) - Add full Helm chart reference table including new clusterAccess option with usage examples for all five access levels - Document Happy Coder daemon setup and startup flow accurately - Update troubleshooting commands to match actual resource names - Add Claude authentication notes (browser OAuth + API key fallback) Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-02-20 11:26:45 -05:00
Chris Farhood	d7210fb4e5	feat: add clusterAccess option for Kubernetes RBAC in Helm chart Adds a clusterAccess value with five levels: none — no cluster access (default, no RBAC resources created) readonlyns — Role + RoleBinding: get/list/watch in release namespace readwritens — Role + RoleBinding: full access in release namespace readonly — ClusterRole + ClusterRoleBinding: get/list/watch cluster-wide readwrite — ClusterRole + ClusterRoleBinding: full access cluster-wide A ServiceAccount is created for the pod whenever access != none and referenced in the Deployment's serviceAccountName. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-02-20 11:25:29 -05:00

Author

SHA1

Message

Date

Chris Farhood

9c964e7069

docs: rewrite README with current architecture and clusterAccess docs

- Replace all stale references (claude user, k8s/ dir, StatefulSet,
  old Happy paths) with current state (app user, Helm chart, Deployment)
- Add full Helm chart reference table including new clusterAccess option
  with usage examples for all five access levels
- Document Happy Coder daemon setup and startup flow accurately
- Update troubleshooting commands to match actual resource names
- Add Claude authentication notes (browser OAuth + API key fallback)

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

2026-02-20 11:26:45 -05:00

Chris Farhood

d7210fb4e5

feat: add clusterAccess option for Kubernetes RBAC in Helm chart

Adds a clusterAccess value with five levels:
  none        — no cluster access (default, no RBAC resources created)
  readonlyns  — Role + RoleBinding: get/list/watch in release namespace
  readwritens — Role + RoleBinding: full access in release namespace
  readonly    — ClusterRole + ClusterRoleBinding: get/list/watch cluster-wide
  readwrite   — ClusterRole + ClusterRoleBinding: full access cluster-wide

A ServiceAccount is created for the pod whenever access != none and
referenced in the Deployment's serviceAccountName.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

2026-02-20 11:25:29 -05:00

feat: add clusterAccess option for Kubernetes RBAC #18

2 Commits