diff --git a/cmd/build/helmify/kustomize-for-helm.yaml b/cmd/build/helmify/kustomize-for-helm.yaml index 58b6db3ed02..ee49825cd1a 100644 --- a/cmd/build/helmify/kustomize-for-helm.yaml +++ b/cmd/build/helmify/kustomize-for-helm.yaml @@ -119,6 +119,8 @@ spec: HELMSUBST_DEPLOYMENT_CONTROLLER_MANAGER_POD_SECURITY_CONTEXT: "" affinity: HELMSUBST_DEPLOYMENT_CONTROLLER_MANAGER_AFFINITY: "" + topologySpreadConstraints: + HELMSUBST_DEPLOYMENT_CONTROLLER_MANAGER_TOPOLOGY_SPREAD_CONSTRAINTS: "" tolerations: HELMSUBST_DEPLOYMENT_CONTROLLER_MANAGER_TOLERATIONS: "" imagePullSecrets: diff --git a/cmd/build/helmify/replacements.go b/cmd/build/helmify/replacements.go index 28b08a6b910..84f362faec9 100644 --- a/cmd/build/helmify/replacements.go +++ b/cmd/build/helmify/replacements.go @@ -55,6 +55,8 @@ var replacements = map[string]string{ `HELMSUBST_DEPLOYMENT_CONTROLLER_MANAGER_TOLERATIONS: ""`: `{{- toYaml .Values.controllerManager.tolerations | nindent 8 }}`, + `HELMSUBST_DEPLOYMENT_CONTROLLER_MANAGER_TOPOLOGY_SPREAD_CONSTRAINTS: ""`: `{{- toYaml .Values.controllerManager.topologySpreadConstraints | nindent 8 }}`, + `HELMSUBST_DEPLOYMENT_CONTROLLER_MANAGER_IMAGE_PULL_SECRETS: ""`: `{{- toYaml .Values.image.pullSecrets | nindent 8 }}`, "HELMSUBST_DEPLOYMENT_CONTROLLER_MANAGER_PRIORITY_CLASS_NAME": `{{ .Values.controllerManager.priorityClassName }}`, diff --git a/cmd/build/helmify/static/README.md b/cmd/build/helmify/static/README.md index 5efd3e57eed..d296b16d7c5 100644 --- a/cmd/build/helmify/static/README.md +++ b/cmd/build/helmify/static/README.md @@ -132,6 +132,7 @@ _See [Exempting Namespaces](https://open-policy-agent.github.io/gatekeeper/websi | resources | The resource request/limits for the container image | limits: 1 CPU, 512Mi, requests: 100mCPU, 256Mi | | nodeSelector | The node selector to use for pod scheduling | `kubernetes.io/os: linux` | | affinity | The node affinity to use for pod scheduling | `{}` | +| topologySpreadConstraints | The topology spread constraints to use for pod scheduling | `[]` | | tolerations | The tolerations to use for pod scheduling | `[]` | | controllerManager.healthPort | Health port for controller manager | `9090` | | controllerManager.port | Webhook-server port for controller manager | `8443` | diff --git a/cmd/build/helmify/static/values.yaml b/cmd/build/helmify/static/values.yaml index 94f759582f0..9d49151d469 100644 --- a/cmd/build/helmify/static/values.yaml +++ b/cmd/build/helmify/static/values.yaml @@ -127,6 +127,7 @@ controllerManager: - webhook topologyKey: kubernetes.io/hostname weight: 100 + topologySpreadConstraints: [] tolerations: [] nodeSelector: {kubernetes.io/os: linux} resources: diff --git a/manifest_staging/charts/gatekeeper/README.md b/manifest_staging/charts/gatekeeper/README.md index 5efd3e57eed..d296b16d7c5 100644 --- a/manifest_staging/charts/gatekeeper/README.md +++ b/manifest_staging/charts/gatekeeper/README.md @@ -132,6 +132,7 @@ _See [Exempting Namespaces](https://open-policy-agent.github.io/gatekeeper/websi | resources | The resource request/limits for the container image | limits: 1 CPU, 512Mi, requests: 100mCPU, 256Mi | | nodeSelector | The node selector to use for pod scheduling | `kubernetes.io/os: linux` | | affinity | The node affinity to use for pod scheduling | `{}` | +| topologySpreadConstraints | The topology spread constraints to use for pod scheduling | `[]` | | tolerations | The tolerations to use for pod scheduling | `[]` | | controllerManager.healthPort | Health port for controller manager | `9090` | | controllerManager.port | Webhook-server port for controller manager | `8443` | diff --git a/manifest_staging/charts/gatekeeper/templates/gatekeeper-controller-manager-deployment.yaml b/manifest_staging/charts/gatekeeper/templates/gatekeeper-controller-manager-deployment.yaml index afe114f36f2..dedb44c35e9 100644 --- a/manifest_staging/charts/gatekeeper/templates/gatekeeper-controller-manager-deployment.yaml +++ b/manifest_staging/charts/gatekeeper/templates/gatekeeper-controller-manager-deployment.yaml @@ -145,6 +145,8 @@ spec: terminationGracePeriodSeconds: 60 tolerations: {{- toYaml .Values.controllerManager.tolerations | nindent 8 }} + topologySpreadConstraints: + {{- toYaml .Values.controllerManager.topologySpreadConstraints | nindent 8 }} volumes: - name: cert secret: diff --git a/manifest_staging/charts/gatekeeper/values.yaml b/manifest_staging/charts/gatekeeper/values.yaml index 94f759582f0..9d49151d469 100644 --- a/manifest_staging/charts/gatekeeper/values.yaml +++ b/manifest_staging/charts/gatekeeper/values.yaml @@ -127,6 +127,7 @@ controllerManager: - webhook topologyKey: kubernetes.io/hostname weight: 100 + topologySpreadConstraints: [] tolerations: [] nodeSelector: {kubernetes.io/os: linux} resources: