From def6b880b20c958cdc2960ab04df172dfe570870 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Krzysztof=20Pud=C5=82owski?= Date: Sat, 26 Oct 2024 21:15:42 +0200 Subject: [PATCH] testing helm linter 25 --- .gitignore | 1 - charts/adcs-issuer/templates/deployment.yaml | 5 +++++ .../adcs-issuer/templates/openshift-rbac.yaml | 16 +++++++++++++++ charts/adcs-issuer/templates/pdb.yaml | 13 ++++++++++++ .../templates/podpriorityclass.yaml | 12 +++++++++++ charts/adcs-issuer/values.yaml | 20 ++++++++++++++++++- 6 files changed, 65 insertions(+), 2 deletions(-) create mode 100644 charts/adcs-issuer/templates/openshift-rbac.yaml create mode 100644 charts/adcs-issuer/templates/pdb.yaml create mode 100644 charts/adcs-issuer/templates/podpriorityclass.yaml diff --git a/.gitignore b/.gitignore index 2549ef1..ec516d8 100644 --- a/.gitignore +++ b/.gitignore @@ -1,4 +1,3 @@ - # Binaries for programs and plugins *.exe *.exe~ diff --git a/charts/adcs-issuer/templates/deployment.yaml b/charts/adcs-issuer/templates/deployment.yaml index 2afb5c1..b537336 100644 --- a/charts/adcs-issuer/templates/deployment.yaml +++ b/charts/adcs-issuer/templates/deployment.yaml @@ -51,6 +51,11 @@ spec: {{- toYaml .Values.controllerManager.tolerations | nindent 8 }} {{- end }} + {{- if .Values.podPriorityClass.enabled }} + priorityClassName: {{ .Values.podPriorityClass.name | quote | default "" }} + + {{- end }} + containers: - name: manager image: {{ .Values.controllerManager.manager.image.repository }}:{{ .Values.controllerManager.manager.image.tag | default .Chart.AppVersion }} diff --git a/charts/adcs-issuer/templates/openshift-rbac.yaml b/charts/adcs-issuer/templates/openshift-rbac.yaml new file mode 100644 index 0000000..2b78d26 --- /dev/null +++ b/charts/adcs-issuer/templates/openshift-rbac.yaml @@ -0,0 +1,16 @@ +{{- if and .Values.openshift.enabled .Values.openshift.anyuid }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: scc-anyuid + namespace: {{ .Release.Namespace }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: system:openshift:scc:anyuid +subjects: + - kind: ServiceAccount + name: {{ .Values.controllerManager.rbac.serviceAccountName | default (include "chart.fullname" .) }} + namespace: {{ .Release.Namespace }} + +{{- end }} \ No newline at end of file diff --git a/charts/adcs-issuer/templates/pdb.yaml b/charts/adcs-issuer/templates/pdb.yaml new file mode 100644 index 0000000..39553c7 --- /dev/null +++ b/charts/adcs-issuer/templates/pdb.yaml @@ -0,0 +1,13 @@ +{{- if .Values.controllerManager.podDisruptionBudget.enabled }} +apiVersion: policy/v1 +kind: PodDisruptionBudget +metadata: + name: {{ include "chart.fullname" . }}-controller-manager + namespace: {{ .Release.Name }} +spec: + minAvailable: 1 + selector: + matchLabels: + {{- include "chart.selectorLabels" . | nindent 8 }} + +{{- end }} \ No newline at end of file diff --git a/charts/adcs-issuer/templates/podpriorityclass.yaml b/charts/adcs-issuer/templates/podpriorityclass.yaml new file mode 100644 index 0000000..3eb343a --- /dev/null +++ b/charts/adcs-issuer/templates/podpriorityclass.yaml @@ -0,0 +1,12 @@ +{{- if .Values.podPriorityClass.enabled }} + +apiVersion: scheduling.k8s.io/v1 +kind: PriorityClass +metadata: + name: {{ .Values.podPriorityClass.name }} +value: {{ .Values.podPriorityClass.value }} +globalDefault: false +preemptionPolicy: PreemptLowerPriority +description: "Priority class for adcs-issuer applications." + +{{- end }} \ No newline at end of file diff --git a/charts/adcs-issuer/values.yaml b/charts/adcs-issuer/values.yaml index 552d985..af7e9ca 100644 --- a/charts/adcs-issuer/values.yaml +++ b/charts/adcs-issuer/values.yaml @@ -7,9 +7,22 @@ cert-manager: crd: install: true +openshift: + enabled: false # to use permission SCC on Openshift + anyuid: true # add permission for anyuid SCC on Openshift + + # @section ADCS Issuer Controller Manager controllerManager: + networkPolicy: + enabled: false + + podDisruptionBudget: + enabled: false + + + # @section Image # Image settings for the ADCS Issuer manager. manager: @@ -58,7 +71,7 @@ controllerManager: # @section Replicas # Number of replicas for the controller manager deployment. - replicas: 1 + replicas: 2 # @section Environment Variables # Environment variables for the controller manager. @@ -140,6 +153,11 @@ webhookService: # Node selector configuration for the controller manager pods. nodeSelector: {} +podPriorityClass: + enabled: false + name: adcs-issuer + value: 1000 + # @section ADCS Simulator # Configuration for the ADCS Simulator. simulator: