From 7c634ba011fb00720d2abc83aeaddd0af367271c Mon Sep 17 00:00:00 2001 From: Lukasz Raczylo Date: Mon, 13 Jan 2025 14:19:24 +0000 Subject: [PATCH] fixup! Improve helm chart allowing for lock of the worker image --- chart/Chart.yaml | 4 ++-- chart/templates/deployment.yaml | 16 ++++++++-------- chart/values.yaml | 26 +++++++++++--------------- 3 files changed, 21 insertions(+), 25 deletions(-) diff --git a/chart/Chart.yaml b/chart/Chart.yaml index 122449b..88e145f 100644 --- a/chart/Chart.yaml +++ b/chart/Chart.yaml @@ -10,9 +10,9 @@ description: | type: application -version: 0.5.47 +version: 0.5.48 -appVersion: "0.5.47" +appVersion: "0.5.48" home: https://github.com/lukaszraczylo/kubernetes-images-sync-operator diff --git a/chart/templates/deployment.yaml b/chart/templates/deployment.yaml index 820c2bd..633ee6e 100644 --- a/chart/templates/deployment.yaml +++ b/chart/templates/deployment.yaml @@ -4,18 +4,18 @@ metadata: name: {{ include "chart.fullname" . }}-sa labels: control-plane: sa - {{- include "chart.labels" . | nindent 4 }} + {{- include "chart.labels" . | nindent 4 }} spec: replicas: {{ .Values.sa.replicas }} selector: matchLabels: control-plane: sa - {{- include "chart.selectorLabels" . | nindent 6 }} + {{- include "chart.selectorLabels" . | nindent 6 }} template: metadata: labels: control-plane: sa - {{- include "chart.selectorLabels" . | nindent 8 }} + {{- include "chart.selectorLabels" . | nindent 8 }} annotations: kubectl.kubernetes.io/default-container: manager spec: @@ -30,9 +30,8 @@ spec: fieldPath: spec.serviceAccountName - name: KUBERNETES_CLUSTER_DOMAIN value: {{ quote .Values.kubernetesClusterDomain }} - - name: WORKER_IMAGE - value: {{ include "chart.workerImage" . }} - image: {{ .Values.images.operator.repository }}:{{ .Values.images.operator.tag | default .Chart.AppVersion }} + image: {{ .Values.sa.manager.image.repository }}:{{ .Values.sa.manager.image.tag + | default .Chart.AppVersion }} livenessProbe: httpGet: path: /healthz @@ -47,7 +46,8 @@ spec: initialDelaySeconds: 5 periodSeconds: 10 resources: {{- toYaml .Values.sa.manager.resources | nindent 10 }} - securityContext: {{- toYaml .Values.sa.manager.containerSecurityContext | nindent 10 }} + securityContext: {{- toYaml .Values.sa.manager.containerSecurityContext | nindent + 10 }} securityContext: {{- toYaml .Values.sa.podSecurityContext | nindent 8 }} serviceAccountName: {{ include "chart.fullname" . }}-sa - terminationGracePeriodSeconds: 10 + terminationGracePeriodSeconds: 10 \ No newline at end of file diff --git a/chart/values.yaml b/chart/values.yaml index b5b24b4..3dff3df 100644 --- a/chart/values.yaml +++ b/chart/values.yaml @@ -1,22 +1,18 @@ kubernetesClusterDomain: cluster.local -images: - operator: - repository: ghcr.io/lukaszraczylo/kubernetes-images-sync-operator - tag: 0.5.47 - worker: - repository: ghcr.io/lukaszraczylo/kubernetes-images-sync-worker - tag: 0.5.47 sa: manager: args: - - --metrics-bind-address=:8443 - - --leader-elect - - --health-probe-bind-address=:8081 + - --metrics-bind-address=:8443 + - --leader-elect + - --health-probe-bind-address=:8081 containerSecurityContext: allowPrivilegeEscalation: false capabilities: drop: - - ALL + - ALL + image: + repository: ghcr.io/lukaszraczylo/kubernetes-images-sync-operator + tag: 0.5.48 resources: limits: cpu: 500m @@ -31,8 +27,8 @@ sa: annotations: {} saMetricsService: ports: - - name: https - port: 8443 - protocol: TCP - targetPort: 8443 + - name: https + port: 8443 + protocol: TCP + targetPort: 8443 type: ClusterIP