Skip to content

Commit

Permalink
Chart annotations cont, manager container security context (#3741)
Browse files Browse the repository at this point in the history 
* fix nindent for controller dep

* add container security context to manager deployment
  • Loading branch information
@mwm5945
mwm5945 authored Nov 15, 2021
1 parent 1db1557 commit bce0b30
Show file tree
Hide file tree
Showing 3 changed files with 21 additions and 7 deletions.
5 changes: 4 additions & 1 deletion helm-charts/seldon-core-operator/templates/deployment_seldon-controller-manager.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@ spec:
metadata:
annotations:
{{- with .Values.manager.annotations }}
{{- toYaml . | nindent 4}}
{{- toYaml . | nindent 8}}
{{- end }}
prometheus.io/scrape: 'true'
sidecar.istio.io/inject: 'false'
Expand All @@ -41,6 +41,9 @@ spec:
- --log-level=$(MANAGER_LOG_LEVEL)
- --leader-election-id=$(MANAGER_LEADER_ELECTION_ID)
- '{{- if .Values.singleNamespace }}--namespace={{ include "seldon.namespace" . }}{{- end }}'
{{- with .Values.manager.containerSecurityContext }}
{{- toYaml . | nindent 8}}
{{- end }}
command:
- /manager
env:
Expand Down
1 change: 1 addition & 0 deletions helm-charts/seldon-core-operator/values.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -81,6 +81,7 @@ manager:
logLevel: INFO
leaderElectionID: a33bd623.machinelearning.seldon.io
annotations: {}
containerSecurityContext: {}
rbac:
configmap:
create: true
Expand Down
22 changes: 16 additions & 6 deletions operator/helm/split_resources.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -31,8 +31,10 @@
HELM_K8S_V1_CRD_IF_START = '{{- if or (ge (int (regexFind "[0-9]+" .Capabilities.KubeVersion.Minor)) 18) (.Values.crd.forcev1) }}\n'
HELM_K8S_V1BETA1_CRD_IF_START = '{{- if or (lt (int (regexFind "[0-9]+" .Capabilities.KubeVersion.Minor)) 18) (.Values.crd.forcev1beta1) }}\n'
HELM_CRD_ANNOTATIONS_WITH_START = '{{- with .Values.crd.annotations }}\n'
HELM_ANNOTATIONS_TOYAML = '{{- toYaml . | nindent 4}}\n'
HELM_ANNOTATIONS_TOYAML4 = '{{- toYaml . | nindent 4}}\n'
HELM_ANNOTATIONS_TOYAML8 = '{{- toYaml . | nindent 8}}\n'
HELM_CONTROLER_DEP_ANNOTATIONS_WITH_START = '{{- with .Values.manager.annotations }}\n'
HELM_CONTROLER_DEP_POD_SEC_CTX_WITH_START = '{{- with .Values.manager.containerSecurityContext }}\n'
HELM_IF_END = "{{- end }}\n"

HELM_ENV_SUBST = {
Expand Down Expand Up @@ -406,7 +408,7 @@ def helm_namespace_override():
+ re.sub(
r"(.*controller-gen.kubebuilder.io/version.*\n)",
r"\1" + HELM_CRD_ANNOTATIONS_WITH_START +
HELM_ANNOTATIONS_TOYAML + HELM_IF_END,
HELM_ANNOTATIONS_TOYAML4 + HELM_IF_END,
fdata,
re.M,
)
Expand All @@ -423,7 +425,7 @@ def helm_namespace_override():
+ re.sub(
r"(.*controller-gen.kubebuilder.io/version.*\n)",
r"\1" + HELM_CRD_ANNOTATIONS_WITH_START +
HELM_ANNOTATIONS_TOYAML + HELM_IF_END,
HELM_ANNOTATIONS_TOYAML4 + HELM_IF_END,
fdata,
re.M,
)
Expand All @@ -435,6 +437,14 @@ def helm_namespace_override():
elif kind == "configmap" and name == "seldon-config":
fdata = HELM_CREATERESOURCES_IF_START + fdata + HELM_IF_END
elif kind == "deployment" and name == "seldon-controller-manager":
fdata = re.sub(
r"(.*template:\n.*metadata:\n.*annotations:\n)",
r"\1" + HELM_CONTROLER_DEP_ANNOTATIONS_WITH_START +
HELM_ANNOTATIONS_TOYAML8 + HELM_IF_END,
fdata,
re.M,
)

fdata = re.sub(
r"(.*volumeMounts:\n.*\n.*\n.*\n)",
HELM_CREATERESOURCES_IF_START + r"\1" + HELM_IF_END,
Expand All @@ -449,9 +459,9 @@ def helm_namespace_override():
)

fdata = re.sub(
r"(.*template:\n.*metadata:\n.*annotations:\n)",
r"\1" + HELM_CONTROLER_DEP_ANNOTATIONS_WITH_START +
HELM_ANNOTATIONS_TOYAML + HELM_IF_END,
r"(.*command:\n)",
HELM_CONTROLER_DEP_POD_SEC_CTX_WITH_START +
HELM_ANNOTATIONS_TOYAML8 + HELM_IF_END + r"\1",
fdata,
re.M,
)
Expand Down

0 comments on commit bce0b30

Please sign in to comment.