From 83fe775c944e2248303f5b8fd9070a2351e17592 Mon Sep 17 00:00:00 2001
From: Iryna Shustava <iryna@hashicorp.com>
Date: Tue, 31 Aug 2021 10:28:19 -0600
Subject: [PATCH 1/2] Add startup probe to connect inject deployment.

We did so in https://github.com/hashicorp/consul-helm/pull/885, but it never got released.
This adds the same probe now that we have a health endpoint in the webhook.

This also changes the periodSeconds for the liveness and readiness probes
to use the default of 10s instead of 2s we used previously.
That is because now with the startup probe in place,
we don't need to check for certs being present that frequently.
---
 charts/consul/templates/connect-inject-deployment.yaml | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/charts/consul/templates/connect-inject-deployment.yaml b/charts/consul/templates/connect-inject-deployment.yaml
index 8fa83948b4..8e00c7f250 100644
--- a/charts/consul/templates/connect-inject-deployment.yaml
+++ b/charts/consul/templates/connect-inject-deployment.yaml
@@ -193,6 +193,14 @@ spec:
                 -consul-sidecar-cpu-request={{ $consulSidecarResources.requests.cpu }} \
                 {{- end }}
                 {{- end }}
+          startupProbe:
+            httpGet:
+              path: /readyz/ready
+              port: 9445
+              scheme: HTTP
+            failureThreshold: 15
+            periodSeconds: 2
+            timeoutSeconds: 5
           livenessProbe:
             httpGet:
               path: /readyz/ready
@@ -200,7 +208,6 @@ spec:
               scheme: HTTP
             failureThreshold: 2
             initialDelaySeconds: 1
-            periodSeconds: 2
             successThreshold: 1
             timeoutSeconds: 5
           readinessProbe:
@@ -210,7 +217,6 @@ spec:
               scheme: HTTP
             failureThreshold: 2
             initialDelaySeconds: 2
-            periodSeconds: 2
             successThreshold: 1
             timeoutSeconds: 5
           volumeMounts:

From 069684acd2d0a65ea0c0ad382283c2e881dc557d Mon Sep 17 00:00:00 2001
From: Iryna Shustava <iryna@hashicorp.com>
Date: Tue, 31 Aug 2021 10:32:48 -0600
Subject: [PATCH 2/2] update changelog

---
 CHANGELOG.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 7db21a5eb9..e57f00259a 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -4,7 +4,7 @@ IMPROVEMENTS:
 * Helm Chart
   * Add ability to specify port for ui service. [[GH-604](https://github.com/hashicorp/consul-k8s/pull/604)]
   * Use `policy/v1` for Consul server `PodDisruptionBudget` if supported. [[GH-606](https://github.com/hashicorp/consul-k8s/pull/606)]
-  * Added readiness and liveness checks to the connect inject deployment. [[GH-626](https://github.com/hashicorp/consul-k8s/pull/626)]
+  * Added readiness, liveness and startup probes to the connect inject deployment. [[GH-626](https://github.com/hashicorp/consul-k8s/pull/626)][[GH-701](https://github.com/hashicorp/consul-k8s/pull/701)]
   * Add support for setting container security contexts on client and server Pods. [[GH-620](https://github.com/hashicorp/consul-k8s/pull/620)]
 * Control Plane
   * Added health endpoint to the connect inject webhook that will be healthy when webhook certs are present and not empty. [[GH-626](https://github.com/hashicorp/consul-k8s/pull/626)]