diff --git a/charts/redis-operator/Chart.yaml b/charts/redis-operator/Chart.yaml index 2be22a517..bebddf8ea 100644 --- a/charts/redis-operator/Chart.yaml +++ b/charts/redis-operator/Chart.yaml @@ -1,6 +1,6 @@ --- apiVersion: v2 -version: 0.16.3 +version: 0.16.4 appVersion: "0.17.0" description: Provides easy redis setup definitions for Kubernetes services, and deployment. engine: gotpl diff --git a/charts/redis-operator/readme.md b/charts/redis-operator/readme.md index af4be36d2..9490f52ab 100644 --- a/charts/redis-operator/readme.md +++ b/charts/redis-operator/readme.md @@ -74,39 +74,41 @@ kubectl create secret tls --key tls.key --cert tls.crt -n ## Default Values -| Parameter | Description | Default | -|-------------------------------------|------------------------------------|--------------------------------------------------------------| -| `redisOperator.name` | Operator name | `redis-operator` | -| `redisOperator.imageName` | Image repository | `quay.io/opstree/redis-operator` | -| `redisOperator.imageTag` | Image tag | `{{appVersion}}` | -| `redisOperator.imagePullPolicy` | Image pull policy | `Always` | -| `redisOperator.podAnnotations` | Additional pod annotations | `{}` | -| `redisOperator.podLabels` | Additional Pod labels | `{}` | -| `redisOperator.extraArgs` | Additional arguments for the operator | `{}` | -| `redisOperator.watch_namespace` | Namespace for the operator to watch | `""` | -| `redisOperator.env` | Environment variables for the operator | `{}` | -| `redisOperator.webhook` | Enable webhook | `false` | -| `resources.limits.cpu` | CPU limit | `500m` | -| `resources.limits.memory` | Memory limit | `500Mi` | -| `resources.requests.cpu` | CPU request | `500m` | -| `resources.requests.memory` | Memory request | `500Mi` | -| `replicas` | Number of replicas | `1` | -| `serviceAccountName` | Service account name | `redis-operator` | -| `certificate.name` | Certificate name | `serving-cert` | -| `certificate.secretName` | Certificate secret name | `webhook-server-cert` | -| `issuer.type` | Issuer type | `selfSigned` | -| `issuer.name` | Issuer name | `redis-operator-issuer` | -| `issuer.email` | Issuer email | `shubham.gupta@opstree.com` | -| `issuer.server` | Issuer server URL | `https://acme-v02.api.letsencrypt.org/directory` | -| `issuer.privateKeySecretName` | Private key secret name | `letsencrypt-prod` | -| `certManager.enabled` | Enable cert-manager | `false` | +| Parameter | Description | Default | +|-----------------------------------------------|----------------------------------------|--------------------------------------------------| +| `redisOperator.name` | Operator name | `redis-operator` | +| `redisOperator.imageName` | Image repository | `quay.io/opstree/redis-operator` | +| `redisOperator.imageTag` | Image tag | `{{appVersion}}` | +| `redisOperator.imagePullPolicy` | Image pull policy | `Always` | +| `redisOperator.podAnnotations` | Additional pod annotations | `{}` | +| `redisOperator.podLabels` | Additional Pod labels | `{}` | +| `redisOperator.extraArgs` | Additional arguments for the operator | `{}` | +| `redisOperator.watchNamespace` | Namespace for the operator to watch | `""` | +| `redisOperator.env` | Environment variables for the operator | `{}` | +| `redisOperator.webhook` | Enable webhook | `false` | +| `redisOperator.automountServiceAccountToken` | Automount service account token | `true` | +| `resources.limits.cpu` | CPU limit | `500m` | +| `resources.limits.memory` | Memory limit | `500Mi` | +| `resources.requests.cpu` | CPU request | `500m` | +| `resources.requests.memory` | Memory request | `500Mi` | +| `replicas` | Number of replicas | `1` | +| `serviceAccountName` | Service account name | `redis-operator` | +| `serviceAccount.automountServiceAccountToken` | Automount service account token | `true` | +| `certificate.name` | Certificate name | `serving-cert` | +| `certificate.secretName` | Certificate secret name | `webhook-server-cert` | +| `issuer.type` | Issuer type | `selfSigned` | +| `issuer.name` | Issuer name | `redis-operator-issuer` | +| `issuer.email` | Issuer email | `shubham.gupta@opstree.com` | +| `issuer.server` | Issuer server URL | `https://acme-v02.api.letsencrypt.org/directory` | +| `issuer.privateKeySecretName` | Private key secret name | `letsencrypt-prod` | +| `certManager.enabled` | Enable cert-manager | `false` | ## Scheduling Parameters -| Parameter | Description | Default | -|-------------------------|--------------------------------------------|----------| -| `priorityClassName` | Priority class name for the pods | `""` | -| `nodeSelector` | Labels for pod assignment | `{}` | -| `tolerateAllTaints` | Whether to tolerate all node taints | `false` | -| `tolerations` | Taints to tolerate | `[]` | -| `affinity` | Affinity rules for pod assignment | `{}` | +| Parameter | Description | Default | +|---------------------|-------------------------------------|---------| +| `priorityClassName` | Priority class name for the pods | `""` | +| `nodeSelector` | Labels for pod assignment | `{}` | +| `tolerateAllTaints` | Whether to tolerate all node taints | `false` | +| `tolerations` | Taints to tolerate | `[]` | +| `affinity` | Affinity rules for pod assignment | `{}` | diff --git a/charts/redis-operator/templates/operator-deployment.yaml b/charts/redis-operator/templates/operator-deployment.yaml index a5565d558..eb05d945d 100644 --- a/charts/redis-operator/templates/operator-deployment.yaml +++ b/charts/redis-operator/templates/operator-deployment.yaml @@ -21,6 +21,7 @@ spec: {{- toYaml . | nindent 8 }} {{- end }} spec: + automountServiceAccountToken: {{ .Values.redisOperator.automountServiceAccountToken }} securityContext: {{- toYaml .Values.podSecurityContext | nindent 8 }} containers: diff --git a/charts/redis-operator/templates/service-account.yaml b/charts/redis-operator/templates/service-account.yaml index f1cbdcca7..085089e06 100644 --- a/charts/redis-operator/templates/service-account.yaml +++ b/charts/redis-operator/templates/service-account.yaml @@ -1,6 +1,7 @@ --- apiVersion: v1 kind: ServiceAccount +automountServiceAccountToken: {{ .Values.serviceAccount.automountServiceAccountToken }} metadata: name: {{ .Values.redisOperator.name }} namespace: {{ .Release.Namespace }} diff --git a/charts/redis-operator/values.yaml b/charts/redis-operator/values.yaml index 4371f8bef..bd65e00ee 100644 --- a/charts/redis-operator/values.yaml +++ b/charts/redis-operator/values.yaml @@ -17,6 +17,7 @@ redisOperator: watchNamespace: "" env: [] webhook: false + automountServiceAccountToken: true resources: @@ -31,6 +32,9 @@ replicas: 1 serviceAccountName: redis-operator +serviceAccount: + automountServiceAccountToken: true + service: name: webhook-service namespace: redis-operator