Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: preprovisioned service account unable to be included in deployment #74

Merged
merged 3 commits into from
May 10, 2024
Merged

fix: preprovisioned service account unable to be included in deployment #74

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
ad88517
fix: preprovisioned service account unable to be included in deployment
zoomoid May 8, 2024
39a7ed0
fix: name and better defaulting
zoomoid May 8, 2024
872f7b2
chore: bump chart version
zoomoid May 10, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
26 changes: 13 additions & 13 deletions charts/athens-proxy/Chart.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,24 +1,24 @@
apiVersion: v1
name: athens-proxy
version: 0.10.0
version: 0.11.0
appVersion: v0.14.0
description: The proxy server for Go modules
icon: https://raw.githubusercontent.com/gomods/athens/main/docs/static/banner.png
keywords:
- Golang
- Package Management
- Goproxy
- Athens
- Golang
- Package Management
- Goproxy
- Athens
home: https://github.com/gomods/athens-charts
sources:
- https://github.com/gomods/athens-charts
maintainers:
- name: rimusz
email: rmocius@gmail.com
- name: arschles
email: aaron@ecomaz.net
- name: DrPsychick
email: drpsychick@drsick.net
- name: nrwiersma
email: nick@wiersma.co.za
- name: rimusz
email: rmocius@gmail.com
- name: arschles
email: aaron@ecomaz.net
- name: DrPsychick
email: drpsychick@drsick.net
- name: nrwiersma
email: nick@wiersma.co.za
engine: gotpl
8 changes: 8 additions & 0 deletions charts/athens-proxy/templates/_helpers.tpl
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -59,3 +59,11 @@ Determine the home directory of the current user.
/home/athens
{{- end -}}
{{- end -}}

{{- define "serviceAccountName" -}}
{{- if .Values.serviceAccount.create -}}
{{ default (include "fullname" .) .Values.serviceAccount.name | trunc 63 | trimSuffix "-" }}
{{- else -}}
{{ default "default" .Values.serviceAccount.name | trunc 63 | trimSuffix "-" }}
{{- end -}}
{{- end -}}
42 changes: 20 additions & 22 deletions charts/athens-proxy/templates/deployment.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ template "fullname" . }}
name: {{ include "fullname" . }}
labels:
{{- include "athens.metaLabels" . | nindent 4 }}
spec:
Expand All @@ -17,7 +17,7 @@ spec:
{{- end }}
selector:
matchLabels:
app: {{ template "fullname" . }}
app: {{ include "fullname" . }}
release: "{{ .Release.Name }}"
template:
metadata:
Expand All @@ -39,9 +39,7 @@ spec:
runAsUser: 1000
runAsGroup: 1000
{{- end }}
{{- if .Values.serviceAccount.create }}
serviceAccountName: {{ template "fullname" . }}
{{- end }}
serviceAccountName: {{ include "serviceAccountName" . | quote }}
{{- if .Values.image.pullSecrets }}
imagePullSecrets:
{{- toYaml .Values.image.pullSecrets | nindent 8 }}
Expand All @@ -53,19 +51,19 @@ spec:
command:
- sh
- -c
args: ["cp {{ template "home" . }}/.ssh/id_rsa* /ssh-keys && chmod 400 /ssh-keys/*"]
args: ["cp {{ include "home" . }}/.ssh/id_rsa* /ssh-keys && chmod 400 /ssh-keys/*"]
volumeMounts:
- name: ssh-keys
mountPath: /ssh-keys
{{- $dot := . -}}
{{- range $server := .Values.sshGitServers }}
{{- if $server.existingSecret }}
- name: ssh-git-servers-secret-{{ $server.host | replace "." "-" }}
mountPath: "{{ template "home" $dot }}/.ssh/id_rsa-{{ $server.host }}"
mountPath: "{{ include "home" $dot }}/.ssh/id_rsa-{{ $server.host }}"
subPath: {{ $server.existingSecret.subPath | quote }}
{{- else }}
- name: ssh-git-servers-secret
mountPath: {{ template "home" $dot }}/.ssh/id_rsa-{{ $server.host }}
mountPath: {{ include "home" $dot }}/.ssh/id_rsa-{{ $server.host }}
subPath: id_rsa-{{ $server.host }}
{{- end }}
{{- end }}
Expand All @@ -79,7 +77,7 @@ spec:
{{- end }}
{{- end }}
containers:
- name: {{ template "fullname" . }}
- name: {{ include "fullname" . }}
image: "{{ .Values.image.registry }}/{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
imagePullPolicy: {{ .Values.image.pullPolicy | quote }}
livenessProbe:
Expand Down Expand Up @@ -109,7 +107,7 @@ spec:
- name: ATHENS_MONGO_STORAGE_URL
valueFrom:
secretKeyRef:
name: {{ template "fullname" . }}-secret
name: {{ include "fullname" . }}-secret
key: ATHENS_MONGO_STORAGE_URL
{{- else if eq .Values.storage.type "s3" }}
- name: AWS_REGION
Expand All @@ -124,21 +122,21 @@ spec:
- name: AWS_ACCESS_KEY_ID
valueFrom:
secretKeyRef:
name: {{ template "fullname" . }}-secret
name: {{ include "fullname" . }}-secret
key: AWS_ACCESS_KEY_ID
{{- end }}
{{- if .Values.storage.s3.secretKey }}
- name: AWS_SECRET_ACCESS_KEY
valueFrom:
secretKeyRef:
name: {{ template "fullname" . }}-secret
name: {{ include "fullname" . }}-secret
key: AWS_SECRET_ACCESS_KEY
{{- end }}
{{- if .Values.storage.s3.sessionToken }}
- name: AWS_SESSION_TOKEN
valueFrom:
secretKeyRef:
name: {{ template "fullname" . }}-secret
name: {{ include "fullname" . }}-secret
key: AWS_SESSION_TOKEN
{{- end }}
{{- else if eq .Values.storage.type "gcp"}}
Expand All @@ -150,7 +148,7 @@ spec:
- name: ATHENS_STORAGE_GCP_JSON_KEY
valueFrom:
secretKeyRef:
name: {{ template "fullname" . }}-secret
name: {{ include "fullname" . }}-secret
key: ATHENS_STORAGE_GCP_JSON_KEY
{{- end }}
{{- else if eq .Values.storage.type "minio" }}
Expand All @@ -162,14 +160,14 @@ spec:
- name: ATHENS_MINIO_ACCESS_KEY_ID
valueFrom:
secretKeyRef:
name: {{ template "fullname" . }}-secret
name: {{ include "fullname" . }}-secret
key: ATHENS_MINIO_ACCESS_KEY_ID
{{- end }}
{{- if .Values.storage.minio.secretKey }}
- name: ATHENS_MINIO_SECRET_ACCESS_KEY
valueFrom:
secretKeyRef:
name: {{ template "fullname" . }}-secret
name: {{ include "fullname" . }}-secret
key: ATHENS_MINIO_SECRET_ACCESS_KEY
{{- end }}
{{- if .Values.storage.minio.bucket }}
Expand Down Expand Up @@ -226,10 +224,10 @@ spec:
{{- end }}
{{- if .Values.sshGitServers }}
- name: ssh-git-servers-config
mountPath: {{ template "home" . }}/.ssh/config
mountPath: {{ include "home" . }}/.ssh/config
subPath: ssh_config
- name: ssh-git-servers-config
mountPath: {{ template "home" . }}/.gitconfig
mountPath: {{ include "home" . }}/.gitconfig
subPath: git_config
- name: ssh-keys
mountPath: /ssh-keys
Expand Down Expand Up @@ -258,14 +256,14 @@ spec:
- name: storage-volume
{{- if .Values.storage.disk.persistence.enabled }}
persistentVolumeClaim:
claimName: {{ template "fullname" . }}-storage
claimName: {{ include "fullname" . }}-storage
{{- else }}
emptyDir: {}
{{- end }}
{{- if .Values.upstreamProxy.enabled }}
- name: upstream-config
configMap:
name: {{ template "fullname" . }}-upstream
name: {{ include "fullname" . }}-upstream
{{- end }}
{{- if .Values.netrc.enabled }}
- name: netrc
Expand All @@ -277,10 +275,10 @@ spec:
emptyDir: {}
- name: ssh-git-servers-config
configMap:
name: {{ template "fullname" . }}-ssh-git-servers
name: {{ include "fullname" . }}-ssh-git-servers
- name: ssh-git-servers-secret
secret:
secretName: {{ template "fullname" . }}-ssh-git-servers
secretName: {{ include "fullname" . }}-ssh-git-servers
{{- range $server := .Values.sshGitServers }}
{{- if $server.existingSecret }}
- name: ssh-git-servers-secret-{{ $server.host | replace "." "-" }}
Expand Down
4 changes: 2 additions & 2 deletions charts/athens-proxy/templates/service-account.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,11 +2,11 @@
apiVersion: v1
kind: ServiceAccount
metadata:
name: {{ template "fullname" . }}
name: {{ include "fullname" . }}
labels:
{{- include "athens.metaLabels" . | nindent 4 }}
{{- with .Values.serviceAccount.annotations }}
annotations:
{{ toYaml . | indent 4 }}
{{- toYaml . | nindent 4 }}
{{- end }}
{{- end }}
13 changes: 9 additions & 4 deletions charts/athens-proxy/values.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -99,11 +99,13 @@ priorityClassName: ""

# Container security context configuration (see API reference: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#securitycontext-v1-core)
# This will override the `image.runAsNonRoot` settings in the specified container if `runAsUser` or `runAsGroup` are set
securityContext: {}
securityContext:
{}
# allowPrivilegeEscalation: false
# runAsNonRoot: true

initContainerSecurityContext: {}
initContainerSecurityContext:
{}
# allowPrivilegeEscalation: false
# runAsNonRoot: true

Expand Down Expand Up @@ -160,7 +162,8 @@ jaeger:
# for example, you need to run 'helm install --set jaeger.url=myurl ...'
url: "SET THIS ON THE COMMAND LINE"

sshGitServers: {}
sshGitServers:
{}
## Private git servers over ssh
## to enable uncomment lines with single hash below
## hostname of the git server
Expand Down Expand Up @@ -198,6 +201,7 @@ metrics:
serviceAccount:
create: true
annotations: {}
# name: "athens-proxy"

nodeSelector: {}

Expand Down Expand Up @@ -230,7 +234,8 @@ autoscaling:
targetMemoryUtilizationPercentage: 80
apiVersionOverride: ""
# This is only available on HPA apiVersion `autoscaling/v2beta2` and newer
behavior: {}
behavior:
{}
# scaleDown:
# stabilizationWindowSeconds: 300
# policies:
Expand Down