From dd54d8ea3f09677528236405e4ee41992fbcba65 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Diego=20Crist=C3=B3bal=20Herreros?= Date: Thu, 29 Jun 2023 09:49:17 +0200 Subject: [PATCH 1/3] Feat: modify template resources and values --- helm_chart/templates/deployment.yaml | 6 ++++++ helm_chart/templates/secret.yaml | 6 ++++++ helm_chart/values.yaml | 13 ++++++++++--- 3 files changed, 22 insertions(+), 3 deletions(-) diff --git a/helm_chart/templates/deployment.yaml b/helm_chart/templates/deployment.yaml index de57586e..1565756b 100644 --- a/helm_chart/templates/deployment.yaml +++ b/helm_chart/templates/deployment.yaml @@ -38,9 +38,15 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace + {{ if .Values.secret.exists }} + envFrom: + - secretRef: + name: {{ .Values.secret.name }} + {{ else }} envFrom: - secretRef: name: {{ include "permission-manager.fullname" . }} + {{ end }} ports: - name: http containerPort: 4000 diff --git a/helm_chart/templates/secret.yaml b/helm_chart/templates/secret.yaml index 970ecdf0..296c59ee 100644 --- a/helm_chart/templates/secret.yaml +++ b/helm_chart/templates/secret.yaml @@ -1,11 +1,17 @@ +{{- if not .Values.secret.exists }} apiVersion: v1 kind: Secret metadata: name: {{include "permission-manager.fullname" .}} labels: {{- include "permission-manager.labels" . | nindent 4}} + {{- with .Values.secret.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} type: Opaque stringData: PORT: "4000" # port where server is exposed CLUSTER_NAME: {{required ".config.clusterName is required. Its value will be used in the generated user kubeconfig to identify the cluster." .Values.config.clusterName}} CONTROL_PLANE_ADDRESS: {{required ".config.controlPlaneAddress is required. Its value will be used in the generated user kubeconfig as the address of the Kubernetes API server." .Values.config.controlPlaneAddress}} BASIC_AUTH_PASSWORD: {{required "config.basicAuthPassword is required. Its value will be used as the password to access Permission Manager's UI" .Values.config.basicAuthPassword}} +{{- end }} \ No newline at end of file diff --git a/helm_chart/values.yaml b/helm_chart/values.yaml index 9297e0b4..f996ee68 100644 --- a/helm_chart/values.yaml +++ b/helm_chart/values.yaml @@ -89,17 +89,24 @@ tolerations: [] affinity: {} +secret: + # If you want to use your own secret, just set "exist" to true and create the secret in the correct namespace. + exist: false + # If the secret exist, set the name below + name: permission-manager + # Annotations to add to the secret + annotations: {} # # Application configuration: config: # Can be found in /etc/kubernetes/admin.conf: clusters -> cluster -> name - clusterName: "" + clusterName: "test" # Can be found in /etc/kubernetes/admin.conf: clusters -> cluster -> server - controlPlaneAddress: "" + controlPlaneAddress: "test" # Password for basic auth to access the UI - basicAuthPassword: "" + basicAuthPassword: "test" templates: - name: operation From 4692a9c8b8edf2aed109d8f71aea7f93f77af041 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Diego=20Crist=C3=B3bal=20Herreros?= Date: Thu, 29 Jun 2023 09:51:03 +0200 Subject: [PATCH 2/3] Doc: add values variables to README --- helm_chart/README.md | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/helm_chart/README.md b/helm_chart/README.md index 392c0fe5..6e56c977 100644 --- a/helm_chart/README.md +++ b/helm_chart/README.md @@ -11,7 +11,7 @@ The following table lists the configurable parameters of the Permission Manager | `replicaCount` | | 1 | | `image.repository` | | "quay.io/sighup/permission-manager" | | `image.pullPolicy` | | "IfNotPresent" | -| `image.tag` | | "v1.9.0" | +| `image.tag` | | "v1.9.0" | | `imagePullSecrets` | | [] | | `nameOverride` | | "" | | `fullnameOverride` | | "" | @@ -36,6 +36,9 @@ The following table lists the configurable parameters of the Permission Manager | `tolerations` | | [] | | `affinity` | | {} | | `config.clusterName` | | "" | +| `secret.exists` | | "false" | +| `secret.name` | | "" | +| `secret.annotations` | | "" | | `config.controlPlaneAddress` | | "" | | `config.basicAuthPassword` | | "" | | `config.templates` | | [{"name": "operation", "rules": [{"apiGroups": ["*"], "resources": ["*"], "verbs": ["*"]}]}, {"name": "developer", "rules": [{"apiGroups": ["*"], "resources": ["configmaps", "endpoints", "persistentvolumeclaims", "pods", "pods/log", "pods/portforward", "podtemplates", "replicationcontrollers", "resourcequotas", "secrets", "services", "events", "daemonsets", "deployments", "replicasets", "ingresses", "networkpolicies", "poddisruptionbudgets"], "verbs": ["*"]}]}] | From 95ce4fd71389f31a14e7a5e89f4014eb4eac8f33 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Diego=20Crist=C3=B3bal=20Herreros?= Date: Thu, 29 Jun 2023 09:55:13 +0200 Subject: [PATCH 3/3] Fix: remove test values --- helm_chart/values.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/helm_chart/values.yaml b/helm_chart/values.yaml index f996ee68..0e9dbc3d 100644 --- a/helm_chart/values.yaml +++ b/helm_chart/values.yaml @@ -100,13 +100,13 @@ secret: # Application configuration: config: # Can be found in /etc/kubernetes/admin.conf: clusters -> cluster -> name - clusterName: "test" + clusterName: "" # Can be found in /etc/kubernetes/admin.conf: clusters -> cluster -> server - controlPlaneAddress: "test" + controlPlaneAddress: "" # Password for basic auth to access the UI - basicAuthPassword: "test" + basicAuthPassword: "" templates: - name: operation