From 5ddc9693b1bb4a269fcbaef78dc9e04a4bb44a76 Mon Sep 17 00:00:00 2001 From: Bryan Stenson <93951028+BryanStenson-okta@users.noreply.github.com> Date: Fri, 27 May 2022 17:34:17 -0700 Subject: [PATCH] chore: add `crds.podLabels` for helm hook jobs (#962) * add crds.podLabels and consume labels in each hook Job object make template spacing consistent * adding new value to README configuration table --- .../charts/secrets-store-csi-driver/README.md | 1 + .../templates/crds-upgrade-hook.yaml | 6 +++++- .../secrets-store-csi-driver/templates/csidriver.yaml | 2 +- .../templates/keep-crds-upgrade-hook.yaml | 4 ++++ .../templates/secrets-store-csi-driver-windows.yaml | 6 +++--- .../templates/secrets-store-csi-driver.yaml | 8 ++++---- .../charts/secrets-store-csi-driver/values.yaml | 3 ++- 7 files changed, 20 insertions(+), 10 deletions(-) diff --git a/manifest_staging/charts/secrets-store-csi-driver/README.md b/manifest_staging/charts/secrets-store-csi-driver/README.md index 0128d261f..c60469735 100644 --- a/manifest_staging/charts/secrets-store-csi-driver/README.md +++ b/manifest_staging/charts/secrets-store-csi-driver/README.md @@ -36,6 +36,7 @@ The following table lists the configurable parameters of the csi-secrets-store-p | `linux.crds.image.repository` | Linux crds image repository | `k8s.gcr.io/csi-secrets-store/driver-crds` | | `linux.crds.image.pullPolicy` | Linux crds image pull policy | `IfNotPresent` | | `linux.crds.image.tag` | Linux crds image tag | `v1.1.2` | +| `linux.crds.podLabels` | Linux *Pod* labels appended to CRD helm hook job pods | `{}` | | `linux.affinity` | Linux affinity | `key: type; operator: NotIn; values: [virtual-kubelet]` | | `linux.driver.resources` | The resource request/limits for the linux secrets-store container image | `limits: 200m CPU, 200Mi; requests: 50m CPU, 100Mi` | | `linux.enabled` | Install secrets store csi driver on linux nodes | true | diff --git a/manifest_staging/charts/secrets-store-csi-driver/templates/crds-upgrade-hook.yaml b/manifest_staging/charts/secrets-store-csi-driver/templates/crds-upgrade-hook.yaml index c040104dc..db23c7f6c 100644 --- a/manifest_staging/charts/secrets-store-csi-driver/templates/crds-upgrade-hook.yaml +++ b/manifest_staging/charts/secrets-store-csi-driver/templates/crds-upgrade-hook.yaml @@ -87,7 +87,11 @@ spec: name: {{ template "sscd.fullname" . }}-upgrade-crds {{- if .Values.linux.crds.annotations }} annotations: - {{ toYaml .Values.linux.crds.annotations}} + {{ toYaml .Values.linux.crds.annotations }} + {{- end }} + {{- if .Values.linux.crds.podLabels }} + labels: + {{ toYaml .Values.linux.crds.podLabels }} {{- end }} spec: serviceAccountName: {{ template "sscd.fullname" . }}-upgrade-crds diff --git a/manifest_staging/charts/secrets-store-csi-driver/templates/csidriver.yaml b/manifest_staging/charts/secrets-store-csi-driver/templates/csidriver.yaml index 2ff74ca09..91441b44d 100644 --- a/manifest_staging/charts/secrets-store-csi-driver/templates/csidriver.yaml +++ b/manifest_staging/charts/secrets-store-csi-driver/templates/csidriver.yaml @@ -10,5 +10,5 @@ spec: - Ephemeral {{- if and (semverCompare ">=1.20-0" .Capabilities.KubeVersion.Version) .Values.tokenRequests }} tokenRequests: - {{- toYaml .Values.tokenRequests | nindent 2}} + {{- toYaml .Values.tokenRequests | nindent 2 }} {{- end }} diff --git a/manifest_staging/charts/secrets-store-csi-driver/templates/keep-crds-upgrade-hook.yaml b/manifest_staging/charts/secrets-store-csi-driver/templates/keep-crds-upgrade-hook.yaml index c9ef1d72f..789b8be41 100644 --- a/manifest_staging/charts/secrets-store-csi-driver/templates/keep-crds-upgrade-hook.yaml +++ b/manifest_staging/charts/secrets-store-csi-driver/templates/keep-crds-upgrade-hook.yaml @@ -89,6 +89,10 @@ spec: annotations: {{ toYaml .Values.linux.crds.annotations}} {{- end }} + {{- if .Values.linux.crds.podLabels }} + labels: + {{ toYaml .Values.linux.crds.podLabels }} + {{- end }} spec: serviceAccountName: {{ template "sscd.fullname" . }}-keep-crds {{- if .Values.imagePullSecrets }} diff --git a/manifest_staging/charts/secrets-store-csi-driver/templates/secrets-store-csi-driver-windows.yaml b/manifest_staging/charts/secrets-store-csi-driver/templates/secrets-store-csi-driver-windows.yaml index a98a37a24..c49f87e59 100644 --- a/manifest_staging/charts/secrets-store-csi-driver/templates/secrets-store-csi-driver-windows.yaml +++ b/manifest_staging/charts/secrets-store-csi-driver/templates/secrets-store-csi-driver-windows.yaml @@ -1,4 +1,4 @@ -{{- if .Values.windows.enabled}} +{{- if .Values.windows.enabled }} kind: DaemonSet apiVersion: apps/v1 metadata: @@ -132,7 +132,7 @@ spec: {{- end }} {{- end }} {{- if .Values.windows.volumeMounts }} - {{- toYaml .Values.windows.volumeMounts | nindent 12}} + {{- toYaml .Values.windows.volumeMounts | nindent 12 }} {{- end }} {{- with .Values.windows.driver.resources }} resources: @@ -185,7 +185,7 @@ spec: {{- end }} {{- end }} {{- if .Values.windows.volumes }} - {{- toYaml .Values.windows.volumes | nindent 8}} + {{- toYaml .Values.windows.volumes | nindent 8 }} {{- end }} nodeSelector: kubernetes.io/os: windows diff --git a/manifest_staging/charts/secrets-store-csi-driver/templates/secrets-store-csi-driver.yaml b/manifest_staging/charts/secrets-store-csi-driver/templates/secrets-store-csi-driver.yaml index 4f245f2c3..dd4a41c51 100644 --- a/manifest_staging/charts/secrets-store-csi-driver/templates/secrets-store-csi-driver.yaml +++ b/manifest_staging/charts/secrets-store-csi-driver/templates/secrets-store-csi-driver.yaml @@ -1,4 +1,4 @@ -{{- if .Values.linux.enabled}} +{{- if .Values.linux.enabled }} kind: DaemonSet apiVersion: apps/v1 metadata: @@ -135,7 +135,7 @@ spec: {{- end }} {{- end }} {{- if .Values.linux.volumeMounts }} - {{- toYaml .Values.linux.volumeMounts | nindent 12}} + {{- toYaml .Values.linux.volumeMounts | nindent 12 }} {{- end }} {{- with .Values.linux.driver.resources }} resources: @@ -185,10 +185,10 @@ spec: hostPath: path: "{{ $path }}" type: DirectoryOrCreate - {{- end}} + {{- end }} {{- end }} {{- if .Values.linux.volumes }} - {{- toYaml .Values.linux.volumes | nindent 8}} + {{- toYaml .Values.linux.volumes | nindent 8 }} {{- end }} nodeSelector: kubernetes.io/os: linux diff --git a/manifest_staging/charts/secrets-store-csi-driver/values.yaml b/manifest_staging/charts/secrets-store-csi-driver/values.yaml index 8316f7a01..2b844bdcf 100644 --- a/manifest_staging/charts/secrets-store-csi-driver/values.yaml +++ b/manifest_staging/charts/secrets-store-csi-driver/values.yaml @@ -11,6 +11,7 @@ linux: tag: v1.1.2 pullPolicy: IfNotPresent annotations: {} + podLabels: {} ## Prevent the CSI driver from being scheduled on virtual-kubelet nodes affinity: @@ -68,7 +69,7 @@ linux: kubeletRootDir: /var/lib/kubelet providersDir: /var/run/secrets-store-csi-providers - additionalProvidersDirs: + additionalProvidersDirs: - /etc/kubernetes/secrets-store-csi-providers nodeSelector: {} tolerations: []