From f1faf86afe0ec87dfcaf83d270b8ccb365123aaa Mon Sep 17 00:00:00 2001 From: Amine Hilaly Date: Thu, 11 Aug 2022 01:10:54 +0200 Subject: [PATCH] Release artifacts for release v0.0.17 Signed-off-by: Amine Hilaly --- config/controller/kustomization.yaml | 2 +- helm/Chart.yaml | 4 ++-- helm/templates/NOTES.txt | 2 +- helm/templates/_helpers.tpl | 10 ++++++++++ helm/templates/deployment.yaml | 16 ++++++++++++++++ helm/values.schema.json | 17 ++++++++++++++++- helm/values.yaml | 14 ++++++++++---- 7 files changed, 56 insertions(+), 9 deletions(-) diff --git a/config/controller/kustomization.yaml b/config/controller/kustomization.yaml index c687f15d..0690c1da 100644 --- a/config/controller/kustomization.yaml +++ b/config/controller/kustomization.yaml @@ -6,4 +6,4 @@ kind: Kustomization images: - name: controller newName: public.ecr.aws/aws-controllers-k8s/lambda-controller - newTag: v0.0.16 + newTag: v0.0.17 diff --git a/helm/Chart.yaml b/helm/Chart.yaml index 9f9a3a10..08094519 100644 --- a/helm/Chart.yaml +++ b/helm/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v1 name: lambda-chart description: A Helm chart for the ACK service controller for AWS Lambda (Lambda) -version: v0.0.16 -appVersion: v0.0.16 +version: v0.0.17 +appVersion: v0.0.17 home: https://github.com/aws-controllers-k8s/lambda-controller icon: https://raw.githubusercontent.com/aws/eks-charts/master/docs/logo/aws.png sources: diff --git a/helm/templates/NOTES.txt b/helm/templates/NOTES.txt index 47847a06..0bc4843a 100644 --- a/helm/templates/NOTES.txt +++ b/helm/templates/NOTES.txt @@ -1,5 +1,5 @@ {{ .Chart.Name }} has been installed. -This chart deploys "public.ecr.aws/aws-controllers-k8s/lambda-controller:v0.0.16". +This chart deploys "public.ecr.aws/aws-controllers-k8s/lambda-controller:v0.0.17". Check its status by running: kubectl --namespace {{ .Release.Namespace }} get pods -l "app.kubernetes.io/instance={{ .Release.Name }}" diff --git a/helm/templates/_helpers.tpl b/helm/templates/_helpers.tpl index 29265d70..973704c1 100644 --- a/helm/templates/_helpers.tpl +++ b/helm/templates/_helpers.tpl @@ -36,3 +36,13 @@ If release name contains chart name it will be used as a full name. {{- .Release.Namespace -}} {{- end -}} {{- end -}} + +{{/* The mount path for the shared credentials file */}} +{{- define "aws.credentials.secret_mount_path" -}} +{{- "/var/run/secrets/aws" -}} +{{- end -}} + +{{/* The path the shared credentials file is mounted */}} +{{- define "aws.credentials.path" -}} +{{- printf "%s/%s" (include "aws.credentials.secret_mount_path" .) .Values.aws.credentials.secretKey -}} +{{- end -}} diff --git a/helm/templates/deployment.yaml b/helm/templates/deployment.yaml index d3a307a7..9fd82f76 100644 --- a/helm/templates/deployment.yaml +++ b/helm/templates/deployment.yaml @@ -80,6 +80,16 @@ spec: value: {{ .Values.log.level | quote }} - name: ACK_RESOURCE_TAGS value: {{ join "," .Values.resourceTags | quote }} + {{- if .Values.aws.credentials.secretName }} + - name: AWS_SHARED_CREDENTIALS_FILE + value: {{ include "aws.credentials.path" . }} + - name: AWS_PROFILE + value: {{ .Values.aws.credentials.profile }} + volumeMounts: + - name: {{ .Values.aws.credentials.secretName }} + mountPath: {{ include "aws.credentials.secret_mount_path" . }} + readOnly: true + {{- end }} securityContext: allowPrivilegeEscalation: false privileged: false @@ -101,3 +111,9 @@ spec: hostIPC: false hostNetwork: false hostPID: false + {{ if .Values.aws.credentials.secretName -}} + volumes: + - name: {{ .Values.aws.credentials.secretName }} + secret: + secretName: {{ .Values.aws.credentials.secretName }} + {{ end -}} diff --git a/helm/values.schema.json b/helm/values.schema.json index e5032484..2d3555a6 100644 --- a/helm/values.schema.json +++ b/helm/values.schema.json @@ -153,6 +153,21 @@ }, "endpoint": { "type": "string" + }, + "credentials": { + "description": "AWS credentials information", + "properties": { + "secretName": { + "type": "string" + }, + "secretKey": { + "type": "string" + }, + "profile": { + "type": "string" + } + }, + "type": "object" } }, "type": "object" @@ -177,7 +192,7 @@ "type": "array", "items": { "type": "string", - "pattern": "^.*=.*$" + "pattern": "(^$|^.*=.*$)" } }, "serviceAccount": { diff --git a/helm/values.yaml b/helm/values.yaml index f7bb74c6..dd5b0935 100644 --- a/helm/values.yaml +++ b/helm/values.yaml @@ -4,7 +4,7 @@ image: repository: public.ecr.aws/aws-controllers-k8s/lambda-controller - tag: v0.0.16 + tag: v0.0.17 pullPolicy: IfNotPresent pullSecrets: [] @@ -50,6 +50,13 @@ aws: # If specified, use the AWS region for AWS API calls region: "" endpoint_url: "" + credentials: + # If specified, Secret with shared credentials file to use. + secretName: "" + # Secret stringData key that contains the credentials + secretKey: "credentials" + # Profile used for AWS credentials + profile: "default" # log level for the controller log: @@ -64,9 +71,8 @@ installScope: cluster resourceTags: # Configures the ACK service controller to always set key/value pairs tags on # resources that it manages. - - services.k8s.aws/managed=true - - services.k8s.aws/created=%UTCNOW% - - services.k8s.aws/namespace=%KUBERNETES_NAMESPACE% + - services.k8s.aws/controller-version=%CONTROLLER_SERVICE%-%CONTROLLER_VERSION% + - services.k8s.aws/namespace=%K8S_NAMESPACE% serviceAccount: # Specifies whether a service account should be created