Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

helm: Propagate securityContext and nodeSelector to Job hooks #24012

Merged
merged 3 commits into from
Apr 5, 2023
Merged

helm: Propagate securityContext and nodeSelector to Job hooks #24012

merged 3 commits into from
Apr 5, 2023

Conversation

webvictim
Copy link
Contributor

@webvictim webvictim commented Apr 3, 2023
edited

We didn't propagate the securityContext configured in the values to either of the Jobs that we create, leading to issues with the job failing to run in clusters which enforce PSPs.

We also didn't pass nodeSelector when configured in the values either, leading to unpredictable workload scheduling.

I couldn't find a clean way to add a unit test for the changes to hook.yaml as that job is only optionally created when a Deployment already exists on upgrade.

@webvictim webvictim requested a review from hugoShaka April 3, 2023 20:06
@webvictim webvictim self-assigned this Apr 3, 2023
@github-actions github-actions bot requested review from klizhentas and zmb3 April 3, 2023 20:06
@webvictim webvictim changed the title helm: Propagate securityContext to Job hooks helm: Propagate securityContext and nodeSelector to Job hooks Apr 5, 2023
@webvictim webvictim linked an issue Apr 5, 2023 that may be closed by this pull request
Teleport agent chart helm upgrade doesn't respect nodeSelector #24035
Closed
@webvictim webvictim mentioned this pull request Apr 5, 2023
Merged
@webvictim webvictim requested a review from hugoShaka April 5, 2023 11:37
@webvictim
Copy link
Contributor Author

@hugoShaka PTAL, I added nodeSelector as well.

@webvictim webvictim added this pull request to the merge queue Apr 5, 2023
Merged via the queue into master with commit 9598c54 Apr 5, 2023
19 checks passed
@webvictim webvictim deleted the gus/helm/propagate-securitycontext branch April 5, 2023 17:13
@public-teleport-github-review-bot
Copy link

@webvictim See the table below for backport results.

Branch Result
branch/v12 Failed

webvictim added a commit that referenced this pull request Apr 5, 2023
@webvictim
helm: Propagate securityContext and nodeSelector to Job hooks (#24012)
7d924aa 
* helm: Propagate securityContext to Job hooks

* Also support nodeSelector
@webvictim webvictim mentioned this pull request Apr 5, 2023
Merged
webvictim added a commit that referenced this pull request Apr 5, 2023
@webvictim
helm: Propagate securityContext and nodeSelector to Job hooks (#24012) (
5e097d1 
#24134)

* helm: Propagate securityContext to Job hooks

* Also support nodeSelector
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@zmb3 zmb3 zmb3 approved these changes

@hugoShaka hugoShaka hugoShaka approved these changes

Assignees

@webvictim webvictim

Labels
helm size/sm
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Teleport agent chart helm upgrade doesn't respect nodeSelector
3 participants
@webvictim @zmb3 @hugoShaka