From 045758056e9e84660c5afd9cc79d7f5acdb251bf Mon Sep 17 00:00:00 2001 From: tanner Date: Mon, 27 Feb 2023 14:45:49 +0900 Subject: [PATCH] feat: add init containers Signed-off-by: Taehyun Kim --- README.md | 4 ++++ templates/core/core-dpl.yaml | 4 ++++ templates/jobservice/jobservice-dpl.yaml | 4 ++++ templates/portal/deployment.yaml | 4 ++++ templates/registry/registry-dpl.yaml | 4 ++++ values.yaml | 28 ++++++++++++++++++++++++ 6 files changed, 48 insertions(+) diff --git a/README.md b/README.md index c21764a86..38c108952 100644 --- a/README.md +++ b/README.md @@ -215,6 +215,7 @@ The following table lists the configurable parameters of the Harbor chart and th | `portal.affinity` | Node/Pod affinities | `{}` | | `portal.podAnnotations` | Annotations to add to the portal pod | `{}` | | `portal.priorityClassName` | The priority class to run the pod as | | +| `portal.initContainers` | Init containers to be run before the controller's container starts. | `[]` | | **Core** | | | | `core.image.repository` | Repository for Harbor core image | `goharbor/harbor-core` | | `core.image.tag` | Tag for Harbor core image | `dev` | @@ -226,6 +227,7 @@ The following table lists the configurable parameters of the Harbor chart and th | `core.nodeSelector` | Node labels for pod assignment | `{}` | | `core.tolerations` | Tolerations for pod assignment | `[]` | | `core.affinity` | Node/Pod affinities | `{}` | +| `core.initContainers` | Init containers to be run before the controller's container starts. | `[]` | | `core.podAnnotations` | Annotations to add to the core pod | `{}` | | `core.serviceAnnotations` | Annotations to add to the core service | `{}` | | `core.secret` | Secret is used when core server communicates with other components. If a secret key is not specified, Helm will generate one. Must be a string of 16 chars. | | @@ -251,6 +253,7 @@ The following table lists the configurable parameters of the Harbor chart and th | `jobservice.affinity` | Node/Pod affinities | `{}` | | `jobservice.podAnnotations` | Annotations to add to the jobservice pod | `{}` | | `jobservice.priorityClassName` | The priority class to run the pod as | | +| `jobservice.initContainers` | Init containers to be run before the controller's container starts. | `[]` | | `jobservice.secret` | Secret is used when job service communicates with other components. If a secret key is not specified, Helm will generate one. Must be a string of 16 chars. | | | **Registry** | | | | `registry.registry.image.repository` | Repository for registry image | `goharbor/registry-photon` | @@ -278,6 +281,7 @@ The following table lists the configurable parameters of the Harbor chart and th | `registry.upload_purging.age` | Remove files in _upload directories which exist for a period of time, default is one week. | `168h` | | `registry.upload_purging.interval` | The interval of the purge operations | `24h` | | `registry.upload_purging.dryrun` | If true, enable dryrun for purging _upload, default false | `false` | +| `registry.initContainers` | Init containers to be run before the controller's container starts. | `[]` | | **[Trivy][trivy]** | | | | `trivy.enabled` | The flag to enable Trivy scanner | `true` | | `trivy.image.repository` | Repository for Trivy adapter image | `goharbor/trivy-adapter-photon` | diff --git a/templates/core/core-dpl.yaml b/templates/core/core-dpl.yaml index 2ca8b0c5e..fb630c09f 100644 --- a/templates/core/core-dpl.yaml +++ b/templates/core/core-dpl.yaml @@ -42,6 +42,10 @@ spec: {{- end }} automountServiceAccountToken: {{ .Values.core.automountServiceAccountToken | default false }} terminationGracePeriodSeconds: 120 + {{- with .Values.core.initContainers }} + initContainers: + {{- toYaml . | nindent 8 }} + {{- end }} containers: - name: core image: {{ .Values.core.image.repository }}:{{ .Values.core.image.tag }} diff --git a/templates/jobservice/jobservice-dpl.yaml b/templates/jobservice/jobservice-dpl.yaml index 32df454b1..8c461a82c 100644 --- a/templates/jobservice/jobservice-dpl.yaml +++ b/templates/jobservice/jobservice-dpl.yaml @@ -48,6 +48,10 @@ spec: {{- end }} automountServiceAccountToken: {{ .Values.jobservice.automountServiceAccountToken | default false }} terminationGracePeriodSeconds: 120 + {{- with .Values.jobservice.initContainers }} + initContainers: + {{- toYaml . | nindent 8 }} + {{- end }} containers: - name: jobservice image: {{ .Values.jobservice.image.repository }}:{{ .Values.jobservice.image.tag }} diff --git a/templates/portal/deployment.yaml b/templates/portal/deployment.yaml index 934dc566b..7f1e62f59 100644 --- a/templates/portal/deployment.yaml +++ b/templates/portal/deployment.yaml @@ -38,6 +38,10 @@ spec: serviceAccountName: {{ .Values.portal.serviceAccountName }} {{- end }} automountServiceAccountToken: {{ .Values.portal.automountServiceAccountToken | default false }} + {{- with .Values.portal.initContainers }} + initContainers: + {{- toYaml . | nindent 8 }} + {{- end }} containers: - name: portal image: {{ .Values.portal.image.repository }}:{{ .Values.portal.image.tag }} diff --git a/templates/registry/registry-dpl.yaml b/templates/registry/registry-dpl.yaml index 118a165d4..09224b545 100644 --- a/templates/registry/registry-dpl.yaml +++ b/templates/registry/registry-dpl.yaml @@ -51,6 +51,10 @@ spec: {{- end }} automountServiceAccountToken: {{ .Values.registry.automountServiceAccountToken | default false }} terminationGracePeriodSeconds: 120 + {{- with .Values.registry.initContainers }} + initContainers: + {{- toYaml . | nindent 8 }} + {{- end }} containers: - name: registry image: {{ .Values.registry.registry.image.repository }}:{{ .Values.registry.registry.image.tag }} diff --git a/values.yaml b/values.yaml index 06c7a4f6a..86655c3a5 100644 --- a/values.yaml +++ b/values.yaml @@ -440,6 +440,13 @@ portal: podAnnotations: {} ## The priority class to run the pod as priorityClassName: + # containers to be run before the controller's container starts. + initContainers: [] + # Example: + # + # - name: wait + # image: busybox + # command: [ 'sh', '-c', "sleep 20" ] core: image: @@ -464,6 +471,13 @@ core: affinity: {} ## Additional deployment annotations podAnnotations: {} + # containers to be run before the controller's container starts. + initContainers: [] + # Example: + # + # - name: wait + # image: busybox + # command: [ 'sh', '-c', "sleep 20" ] ## Additional service annotations serviceAnnotations: {} # Secret is used when core server communicates with other components. @@ -528,6 +542,13 @@ jobservice: secret: "" ## The priority class to run the pod as priorityClassName: + # containers to be run before the controller's container starts. + initContainers: [] + # Example: + # + # - name: wait + # image: busybox + # command: [ 'sh', '-c', "sleep 20" ] registry: # set the service account to be used, default if left empty @@ -594,6 +615,13 @@ registry: # the interval of the purge operations interval: 24h dryrun: false + # containers to be run before the controller's container starts. + initContainers: [] + # Example: + # + # - name: wait + # image: busybox + # command: [ 'sh', '-c', "sleep 20" ] trivy: # enabled the flag to enable Trivy scanner