From 208ff8e350b45aaa2b94f0f45fd1fd401b9ece35 Mon Sep 17 00:00:00 2001
From: Christopher Randles <randles.chris@gmail.com>
Date: Tue, 28 Nov 2017 13:33:57 -0500
Subject: [PATCH] Allow for more customization of the tiller deploy (#1946)

---
 roles/kubernetes-apps/helm/defaults/main.yml | 12 ++++++++++++
 roles/kubernetes-apps/helm/tasks/main.yml    | 12 +++++++-----
 2 files changed, 19 insertions(+), 5 deletions(-)

diff --git a/roles/kubernetes-apps/helm/defaults/main.yml b/roles/kubernetes-apps/helm/defaults/main.yml
index 8ac51729e..ebaa545a4 100644
--- a/roles/kubernetes-apps/helm/defaults/main.yml
+++ b/roles/kubernetes-apps/helm/defaults/main.yml
@@ -6,3 +6,15 @@ helm_home_dir: "/root/.helm"
 
 # Deployment mode: host or docker
 helm_deployment_type: docker
+
+# Do not download the local repository cache on helm init
+helm_skip_refresh: false
+
+# Set URL for stable repository
+# helm_stable_repo_url: "https://kubernetes-charts.storage.googleapis.com"
+
+# Set node selector options for Tiller Deployment manifest.
+# tiller_node_selectors: "key1=val1,key2=val2"
+
+# Override values for the Tiller Deployment manifest.
+# tiller_override: "key1=val1,key2=val2"
diff --git a/roles/kubernetes-apps/helm/tasks/main.yml b/roles/kubernetes-apps/helm/tasks/main.yml
index a0f1b7785..ac8c9ebf0 100644
--- a/roles/kubernetes-apps/helm/tasks/main.yml
+++ b/roles/kubernetes-apps/helm/tasks/main.yml
@@ -27,13 +27,15 @@
   when: dns_mode != 'none' and inventory_hostname == groups['kube-master'][0] and rbac_enabled
 
 - name: Helm | Install/upgrade helm
-  command: "{{ bin_dir }}/helm init --upgrade --tiller-image={{ tiller_image_repo }}:{{ tiller_image_tag }}"
+  command: >
+    {{ bin_dir }}/helm init --upgrade --tiller-image={{ tiller_image_repo }}:{{ tiller_image_tag }} --tiller-namespace={{ system_namespace }}
+    {% if helm_skip_refresh %} --skip-refresh{% endif %}
+    {% if helm_stable_repo_url is defined %} --stable-repo-url {{ helm_stable_repo_url }}{% endif %}
+    {% if rbac_enabled %} --service-account=tiller{% endif %}
+    {% if tiller_node_selectors is defined %} --node-selectors {{ tiller_node_selectors }}{% endif %}
+    {% if tiller_override is defined %} --override {{ tiller_override }}{% endif %}
   when: (helm_container is defined and helm_container.changed) or (helm_task_result is defined and helm_task_result.changed)
 
-- name: Helm | Patch tiller deployment for RBAC
-  command: "{{bin_dir}}/kubectl patch deployment tiller-deploy -p '{\"spec\":{\"template\":{\"spec\":{\"serviceAccount\":\"tiller\"}}}}' -n {{ system_namespace }}"
-  when: rbac_enabled
-
 - name: Helm | Set up bash completion
   shell: "umask 022 && {{ bin_dir }}/helm completion bash >/etc/bash_completion.d/helm.sh"
   when: ((helm_container is defined and helm_container.changed) or (helm_task_result is defined and helm_task_result.changed)) and not ansible_os_family in ["CoreOS", "Container Linux by CoreOS"]