Skip to content

Commit

Permalink
feat: add automountServiceAccountToken values for deployment and serv…
Browse files Browse the repository at this point in the history 
…iceaccnount (#991)

feat: add automountServiceAccountToken values for deployment and serviceaccount

Signed-off-by: drivebyer <[email protected]>
  • Loading branch information
@drivebyer
drivebyer authored Jun 15, 2024
1 parent 052d2e5 commit b6194b0
Show file tree
Hide file tree
Showing 5 changed files with 42 additions and 34 deletions.
2 changes: 1 addition & 1 deletion charts/redis-operator/Chart.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
---
apiVersion: v2
version: 0.16.3
version: 0.16.4
appVersion: "0.17.0"
description: Provides easy redis setup definitions for Kubernetes services, and deployment.
engine: gotpl
Expand Down
68 changes: 35 additions & 33 deletions charts/redis-operator/readme.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -74,39 +74,41 @@ kubectl create secret tls <webhook-server-cert> --key tls.key --cert tls.crt -n
## Default Values

| Parameter | Description | Default |
|-------------------------------------|------------------------------------|--------------------------------------------------------------|
| `redisOperator.name` | Operator name | `redis-operator` |
| `redisOperator.imageName` | Image repository | `quay.io/opstree/redis-operator` |
| `redisOperator.imageTag` | Image tag | `{{appVersion}}` |
| `redisOperator.imagePullPolicy` | Image pull policy | `Always` |
| `redisOperator.podAnnotations` | Additional pod annotations | `{}` |
| `redisOperator.podLabels` | Additional Pod labels | `{}` |
| `redisOperator.extraArgs` | Additional arguments for the operator | `{}` |
| `redisOperator.watch_namespace` | Namespace for the operator to watch | `""` |
| `redisOperator.env` | Environment variables for the operator | `{}` |
| `redisOperator.webhook` | Enable webhook | `false` |
| `resources.limits.cpu` | CPU limit | `500m` |
| `resources.limits.memory` | Memory limit | `500Mi` |
| `resources.requests.cpu` | CPU request | `500m` |
| `resources.requests.memory` | Memory request | `500Mi` |
| `replicas` | Number of replicas | `1` |
| `serviceAccountName` | Service account name | `redis-operator` |
| `certificate.name` | Certificate name | `serving-cert` |
| `certificate.secretName` | Certificate secret name | `webhook-server-cert` |
| `issuer.type` | Issuer type | `selfSigned` |
| `issuer.name` | Issuer name | `redis-operator-issuer` |
| `issuer.email` | Issuer email | `[email protected]` |
| `issuer.server` | Issuer server URL | `https://acme-v02.api.letsencrypt.org/directory` |
| `issuer.privateKeySecretName` | Private key secret name | `letsencrypt-prod` |
| `certManager.enabled` | Enable cert-manager | `false` |
| Parameter | Description | Default |
|-----------------------------------------------|----------------------------------------|--------------------------------------------------|
| `redisOperator.name` | Operator name | `redis-operator` |
| `redisOperator.imageName` | Image repository | `quay.io/opstree/redis-operator` |
| `redisOperator.imageTag` | Image tag | `{{appVersion}}` |
| `redisOperator.imagePullPolicy` | Image pull policy | `Always` |
| `redisOperator.podAnnotations` | Additional pod annotations | `{}` |
| `redisOperator.podLabels` | Additional Pod labels | `{}` |
| `redisOperator.extraArgs` | Additional arguments for the operator | `{}` |
| `redisOperator.watchNamespace` | Namespace for the operator to watch | `""` |
| `redisOperator.env` | Environment variables for the operator | `{}` |
| `redisOperator.webhook` | Enable webhook | `false` |
| `redisOperator.automountServiceAccountToken` | Automount service account token | `true` |
| `resources.limits.cpu` | CPU limit | `500m` |
| `resources.limits.memory` | Memory limit | `500Mi` |
| `resources.requests.cpu` | CPU request | `500m` |
| `resources.requests.memory` | Memory request | `500Mi` |
| `replicas` | Number of replicas | `1` |
| `serviceAccountName` | Service account name | `redis-operator` |
| `serviceAccount.automountServiceAccountToken` | Automount service account token | `true` |
| `certificate.name` | Certificate name | `serving-cert` |
| `certificate.secretName` | Certificate secret name | `webhook-server-cert` |
| `issuer.type` | Issuer type | `selfSigned` |
| `issuer.name` | Issuer name | `redis-operator-issuer` |
| `issuer.email` | Issuer email | `[email protected]` |
| `issuer.server` | Issuer server URL | `https://acme-v02.api.letsencrypt.org/directory` |
| `issuer.privateKeySecretName` | Private key secret name | `letsencrypt-prod` |
| `certManager.enabled` | Enable cert-manager | `false` |

## Scheduling Parameters

| Parameter | Description | Default |
|-------------------------|--------------------------------------------|----------|
| `priorityClassName` | Priority class name for the pods | `""` |
| `nodeSelector` | Labels for pod assignment | `{}` |
| `tolerateAllTaints` | Whether to tolerate all node taints | `false` |
| `tolerations` | Taints to tolerate | `[]` |
| `affinity` | Affinity rules for pod assignment | `{}` |
| Parameter | Description | Default |
|---------------------|-------------------------------------|---------|
| `priorityClassName` | Priority class name for the pods | `""` |
| `nodeSelector` | Labels for pod assignment | `{}` |
| `tolerateAllTaints` | Whether to tolerate all node taints | `false` |
| `tolerations` | Taints to tolerate | `[]` |
| `affinity` | Affinity rules for pod assignment | `{}` |
1 change: 1 addition & 0 deletions charts/redis-operator/templates/operator-deployment.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,7 @@ spec:
{{- toYaml . | nindent 8 }}
{{- end }}
spec:
automountServiceAccountToken: {{ .Values.redisOperator.automountServiceAccountToken }}
securityContext:
{{- toYaml .Values.podSecurityContext | nindent 8 }}
containers:
Expand Down
1 change: 1 addition & 0 deletions charts/redis-operator/templates/service-account.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
---
apiVersion: v1
kind: ServiceAccount
automountServiceAccountToken: {{ .Values.serviceAccount.automountServiceAccountToken }}
metadata:
name: {{ .Values.redisOperator.name }}
namespace: {{ .Release.Namespace }}
Expand Down
4 changes: 4 additions & 0 deletions charts/redis-operator/values.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,7 @@ redisOperator:
watchNamespace: ""
env: []
webhook: false
automountServiceAccountToken: true


resources:
Expand All @@ -31,6 +32,9 @@ replicas: 1

serviceAccountName: redis-operator

serviceAccount:
automountServiceAccountToken: true

service:
name: webhook-service
namespace: redis-operator
Expand Down

0 comments on commit b6194b0

Please sign in to comment.