Is there an existing issue for this?

• I have searched the existing issues

Current Behavior

Reported by customer on ticket 4568.

When deploying the chart with coder.serviceAccount.workspacePerms=false, the chart still renders and applies Role and RoleBinding resources related to workspace permissions. Prior to v2.27.0, setting this value to false prevented these RBAC objects from being rendered. The following PR seems to have been added in v2.27.0:#19517 - It was merged in the v2.27.0 release which aligns with the reproduction.

Relevant Log Output

Expected Behavior

If values.yaml sets:

coder:  serviceAccount:    workspacePerms: false

…then no Roles/RoleBindings associated with workspace permissions should be rendered or installed.

Steps to Reproduce

1. Use Helm with chart v2.27.0 or newer.
2. Render templates:

helm template coder coder-v2/coder \  --version 2.27.0 \  --namespace coder \  --set coder.serviceAccount.workspacePerms=false

3. Observe that Role/RoleBinding manifests are present in the output:

---# Source: coder/templates/rbac.yamlapiVersion: rbac.authorization.k8s.io/v1kind: Rolemetadata:  name: coder-workspace-perms  namespace: coderrules:  - apiGroups:    - apps    resources:    - deployments    verbs:    - create    - delete    - deletecollection    - get    - list    - patch    - update    - watch---# Source: coder/templates/rbac.yamlapiVersion: rbac.authorization.k8s.io/v1kind: RoleBindingmetadata:  name: "coder"  namespace: codersubjects:  - kind: ServiceAccount    name: "coder"roleRef:  apiGroup: rbac.authorization.k8s.io  kind: Role  name: coder-workspace-perms---

4. Install and confirm RBAC objects are created:

helm install coder coder/coder --version 2.27.0 --namespace coder --create-namespace \  --set coder.serviceAccount.workspacePerms=falsekubectl get role,rolebinding -n coder

Environment

• Host OS: N/A
• Coder version: v2.27 and above

Additional Context

No response