Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(httpproxy): Update chart to support httproxy #535

Merged
merged 1 commit into from
May 14, 2024
Merged

feat(httpproxy): Update chart to support httproxy #535

merged 1 commit into from
May 14, 2024

Conversation

tfadeyi
Copy link
Contributor

@tfadeyi tfadeyi commented May 13, 2024

Updates the venafi-kubernetes-agent helm chart to include the HTTPS_PROXY, HTTP_PROXY, NO_PROXY env vars.

with HTTPS_PROXY value 
# Source: venafi-kubernetes-agent/templates/deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
  name: venafi-kubernetes-agent-release-name
  namespace: default
  labels:
    helm.sh/chart: venafi-kubernetes-agent-0.1.47
    app.kubernetes.io/name: venafi-kubernetes-agent
    app.kubernetes.io/instance: release-name
    app.kubernetes.io/version: "v0.1.47"
    app.kubernetes.io/managed-by: Helm
spec:
  replicas: 1
  selector:
    matchLabels:
      app.kubernetes.io/name: venafi-kubernetes-agent
      app.kubernetes.io/instance: release-name
  template:
    metadata:
      labels:
        app.kubernetes.io/name: venafi-kubernetes-agent
        app.kubernetes.io/instance: release-name
    spec:
      serviceAccountName: venafi-kubernetes-agent-release-name
      securityContext:
        {}
      containers:
        - name: venafi-kubernetes-agent
          securityContext:
            capabilities:
              drop:
              - ALL
            readOnlyRootFilesystem: true
            runAsNonRoot: true
            runAsUser: 1000
          image: "registry.venafi.cloud/venafi-agent/venafi-agent:v0.1.47"
          imagePullPolicy: IfNotPresent
          env:
          - name: HTTPS_PROXY
            value: https://proxy:8080
          args:
            - "agent"
            - "-c"
            - "/etc/venafi/agent/config/config.yaml"
            - "--client-id"
            - ""
            - "-p"
            - "0h1m0s"
            - --venafi-cloud
          resources:
            limits:
              cpu: 500m
              memory: 500Mi
            requests:
              cpu: 200m
              memory: 200Mi
          volumeMounts:
            - name: config
              mountPath: "/etc/venafi/agent/config"
              readOnly: true
            - name: credentials
              mountPath: "/etc/venafi/agent/key"
              readOnly: true
      volumes:
        - name: config
          configMap:
            name: agent-config
            optional: false
        - name: credentials
          secret:
            secretName: agent-credentials
            optional: false
with HTTP_PROXY value 
# Source: venafi-kubernetes-agent/templates/deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
  name: venafi-kubernetes-agent-release-name
  namespace: default
  labels:
    helm.sh/chart: venafi-kubernetes-agent-0.1.47
    app.kubernetes.io/name: venafi-kubernetes-agent
    app.kubernetes.io/instance: release-name
    app.kubernetes.io/version: "v0.1.47"
    app.kubernetes.io/managed-by: Helm
spec:
  replicas: 1
  selector:
    matchLabels:
      app.kubernetes.io/name: venafi-kubernetes-agent
      app.kubernetes.io/instance: release-name
  template:
    metadata:
      labels:
        app.kubernetes.io/name: venafi-kubernetes-agent
        app.kubernetes.io/instance: release-name
    spec:
      serviceAccountName: venafi-kubernetes-agent-release-name
      securityContext:
        {}
      containers:
        - name: venafi-kubernetes-agent
          securityContext:
            capabilities:
              drop:
              - ALL
            readOnlyRootFilesystem: true
            runAsNonRoot: true
            runAsUser: 1000
          image: "registry.venafi.cloud/venafi-agent/venafi-agent:v0.1.47"
          imagePullPolicy: IfNotPresent
          env:
          - name: HTTP_PROXY
            value: http://proxy:8080
          args:
            - "agent"
            - "-c"
            - "/etc/venafi/agent/config/config.yaml"
            - "--client-id"
            - ""
            - "-p"
            - "0h1m0s"
            - --venafi-cloud
          resources:
            limits:
              cpu: 500m
              memory: 500Mi
            requests:
              cpu: 200m
              memory: 200Mi
          volumeMounts:
            - name: config
              mountPath: "/etc/venafi/agent/config"
              readOnly: true
            - name: credentials
              mountPath: "/etc/venafi/agent/key"
              readOnly: true
      volumes:
        - name: config
          configMap:
            name: agent-config
            optional: false
        - name: credentials
          secret:
            secretName: agent-credentials
            optional: false
with NO_PROXY values 
# Source: venafi-kubernetes-agent/templates/deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
  name: venafi-kubernetes-agent-release-name
  namespace: default
  labels:
    helm.sh/chart: venafi-kubernetes-agent-0.1.47
    app.kubernetes.io/name: venafi-kubernetes-agent
    app.kubernetes.io/instance: release-name
    app.kubernetes.io/version: "v0.1.47"
    app.kubernetes.io/managed-by: Helm
spec:
  replicas: 1
  selector:
    matchLabels:
      app.kubernetes.io/name: venafi-kubernetes-agent
      app.kubernetes.io/instance: release-name
  template:
    metadata:
      labels:
        app.kubernetes.io/name: venafi-kubernetes-agent
        app.kubernetes.io/instance: release-name
    spec:
      serviceAccountName: venafi-kubernetes-agent-release-name
      securityContext:
        {}
      containers:
        - name: venafi-kubernetes-agent
          securityContext:
            capabilities:
              drop:
              - ALL
            readOnlyRootFilesystem: true
            runAsNonRoot: true
            runAsUser: 1000
          image: "registry.venafi.cloud/venafi-agent/venafi-agent:v0.1.47"
          imagePullPolicy: IfNotPresent
          env:
          - name: NO_PROXY
            value: 127.0.0.1,localhost
          args:
            - "agent"
            - "-c"
            - "/etc/venafi/agent/config/config.yaml"
            - "--client-id"
            - ""
            - "-p"
            - "0h1m0s"
            - --venafi-cloud
          resources:
            limits:
              cpu: 500m
              memory: 500Mi
            requests:
              cpu: 200m
              memory: 200Mi
          volumeMounts:
            - name: config
              mountPath: "/etc/venafi/agent/config"
              readOnly: true
            - name: credentials
              mountPath: "/etc/venafi/agent/key"
              readOnly: true
      volumes:
        - name: config
          configMap:
            name: agent-config
            optional: false
        - name: credentials
          secret:
            secretName: agent-credentials
            optional: false

feat(httpproxy): Update chart to support httproxy
41a9bf6 
Updates the helm chart to include the HTTPS_PROXY and HTTP_PROXY
env vars.

Signed-off-by: Oluwole Fadeyi <oluwole.fadeyi@venafi.com>
@tfadeyi tfadeyi merged commit 5029910 into master May 14, 2024
8 checks passed
@tfadeyi tfadeyi deleted the add-httpproxy branch May 14, 2024 09:43
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@j-fuentes j-fuentes j-fuentes approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@tfadeyi @j-fuentes