Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

adding support for imagePullSecrets and pullpolicy to "IfNotPresent" #472

Merged
merged 2 commits into from
Apr 15, 2021
Merged

adding support for imagePullSecrets and pullpolicy to "IfNotPresent" #472

merged 2 commits into from
Apr 15, 2021

Conversation

kartik-moolya
Copy link
Contributor

ISSUE TYPE
  • Feature Pull Request
SUMMARY

Added code block in helmcharts to support imagepullsecrets
as a best practise changed the imagePullPolicy to "IfNotPresent"

Fixes #471

@kartik-moolya
Copy link
Contributor Author

Helm dry-run output

$ helm install --dry-run testing helm/botkube/ --set image.pullSecrets[0]=test
NAME: testing
LAST DEPLOYED: Thu Apr 15 14:14:23 2021
NAMESPACE: default
STATUS: pending-install
REVISION: 1
TEST SUITE: None
HOOKS:
MANIFEST:
---
# Source: botkube/templates/serviceaccount.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
  name: testing-botkube-sa
  labels:
    app.kubernetes.io/name: botkube
    helm.sh/chart: botkube-v0.12.0
    app.kubernetes.io/instance: testing
    app.kubernetes.io/managed-by: Helm
---
# Source: botkube/templates/communicationsecret.yaml
apiVersion: v1
kind: Secret
metadata:
  name: testing-botkube-communication-secret
  labels:
    app.kubernetes.io/name: botkube
    helm.sh/chart: botkube-v0.12.0
    app.kubernetes.io/instance: testing
    app.kubernetes.io/managed-by: Helm
stringData:
  comm_config.yaml: |
    # Communication settings
    communications:
      discord:
        botid: DISCORD_BOT_ID
        channel: DISCORD_CHANNEL_ID
        enabled: false
        notiftype: short
        token: DISCORD_TOKEN
      elasticsearch:
        awsSigning:
          awsRegion: us-east-1
          enabled: false
          roleArn: ""
        enabled: false
        index:
          name: botkube
          replicas: 0
          shards: 1
          type: botkube-event
        password: ELASTICSEARCH_PASSWORD
        server: ELASTICSEARCH_ADDRESS
        username: ELASTICSEARCH_USERNAME
      mattermost:
        channel: MATTERMOST_CHANNEL
        enabled: false
        notiftype: short
        team: MATTERMOST_TEAM
        token: MATTERMOST_TOKEN
        url: MATTERMOST_SERVER_URL
      slack:
        channel: SLACK_CHANNEL
        enabled: false
        notiftype: short
        token: SLACK_API_TOKEN
      teams:
        appID: APPLICATION_ID
        appPassword: APPLICATION_PASSWORD
        enabled: false
        notiftype: short
        port: 3978
      webhook:
        enabled: false
        url: WEBHOOK_URL
---
# Source: botkube/templates/configmap.yaml
apiVersion: v1
kind: ConfigMap
metadata:
  name: testing-botkube-configmap
  labels:
    app.kubernetes.io/name: botkube
    helm.sh/chart: botkube-v0.12.0
    app.kubernetes.io/instance: testing
    app.kubernetes.io/managed-by: Helm
data:
  resource_config.yaml: |
    recommendations: true
    resources:
    - events:
      - create
      - delete
      - error
      name: v1/pods
      namespaces:
        ignore:
        - null
        include:
        - all
    - events:
      - create
      - delete
      - error
      name: v1/services
      namespaces:
        ignore:
        - null
        include:
        - all
    - events:
      - create
      - update
      - delete
      - error
      name: apps/v1/deployments
      namespaces:
        ignore:
        - null
        include:
        - all
      updateSetting:
        fields:
        - spec.template.spec.containers[*].image
        - status.availableReplicas
        includeDiff: true
    - events:
      - create
      - update
      - delete
      - error
      name: apps/v1/statefulsets
      namespaces:
        ignore:
        - null
        include:
        - all
      updateSetting:
        fields:
        - spec.template.spec.containers[*].image
        - status.readyReplicas
        includeDiff: true
    - events:
      - create
      - delete
      - error
      name: networking.k8s.io/v1beta1/ingresses
      namespaces:
        ignore:
        - null
        include:
        - all
    - events:
      - create
      - delete
      - error
      name: v1/nodes
      namespaces:
        ignore:
        - null
        include:
        - all
    - events:
      - create
      - delete
      - error
      name: v1/namespaces
      namespaces:
        ignore:
        - null
        include:
        - all
    - events:
      - create
      - delete
      - error
      name: v1/persistentvolumes
      namespaces:
        ignore:
        - null
        include:
        - all
    - events:
      - create
      - delete
      - error
      name: v1/persistentvolumeclaims
      namespaces:
        ignore:
        - null
        include:
        - all
    - events:
      - create
      - delete
      - error
      name: v1/configmaps
      namespaces:
        ignore:
        - null
        include:
        - all
    - events:
      - create
      - update
      - delete
      - error
      name: apps/v1/daemonsets
      namespaces:
        ignore:
        - null
        include:
        - all
      updateSetting:
        fields:
        - spec.template.spec.containers[*].image
        - status.numberReady
        includeDiff: true
    - events:
      - create
      - update
      - delete
      - error
      name: batch/v1/jobs
      namespaces:
        ignore:
        - null
        include:
        - all
      updateSetting:
        fields:
        - spec.template.spec.containers[*].image
        - status.conditions[*].type
        includeDiff: true
    - events:
      - create
      - delete
      - error
      name: rbac.authorization.k8s.io/v1/roles
      namespaces:
        ignore:
        - null
        include:
        - all
    - events:
      - create
      - delete
      - error
      name: rbac.authorization.k8s.io/v1/rolebindings
      namespaces:
        ignore:
        - null
        include:
        - all
    - events:
      - create
      - delete
      - error
      name: rbac.authorization.k8s.io/v1/clusterrolebindings
      namespaces:
        ignore:
        - null
        include:
        - all
    - events:
      - create
      - delete
      - error
      name: rbac.authorization.k8s.io/v1/clusterroles
      namespaces:
        ignore:
        - null
        include:
        - all
    settings:
      clustername: not-configured
      configwatcher: true
      kubectl:
        commands:
          resources:
          - deployments
          - pods
          - namespaces
          - daemonsets
          - statefulsets
          - storageclasses
          - nodes
          verbs:
          - api-resources
          - api-versions
          - cluster-info
          - describe
          - diff
          - explain
          - get
          - logs
          - top
          - auth
        defaultNamespace: default
        enabled: false
        restrictAccess: false
      upgradeNotifier: true
    ssl:
      enabled: false
---
# Source: botkube/templates/clusterrole.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  name: testing-botkube-clusterrole
  labels:
    app.kubernetes.io/name: botkube
    helm.sh/chart: botkube-v0.12.0
    app.kubernetes.io/instance: testing
    app.kubernetes.io/managed-by: Helm
rules:
  - apiGroups:
    - '*'
    resources:
    - '*'
    verbs:
    - get
    - watch
    - list
---
# Source: botkube/templates/clusterrolebinding.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: testing-botkube-clusterrolebinding
  labels:
    app.kubernetes.io/name: botkube
    helm.sh/chart: botkube-v0.12.0
    app.kubernetes.io/instance: testing
    app.kubernetes.io/managed-by: Helm
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: testing-botkube-clusterrole
subjects:
- kind: ServiceAccount
  name: testing-botkube-sa
  namespace: default
---
# Source: botkube/templates/deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
  name: testing-botkube
  labels:
    app.kubernetes.io/name: botkube
    helm.sh/chart: botkube-v0.12.0
    app.kubernetes.io/instance: testing
    app.kubernetes.io/managed-by: Helm
    component: controller
    app: botkube
spec:
  replicas: 1
  selector:
    matchLabels:
      component: controller
      app: botkube
  template:
    metadata:
      labels:
        component: controller
        app: botkube
      annotations:
        checksum/config: 8efe556b62c36e003f4810090e45b7da7251bca06dd6ccb88d1996087b905fe9
    spec:
      serviceAccountName: testing-botkube-sa
      imagePullSecrets:
        - name: test
      containers:
        - name: botkube
          image: "infracloudio/botkube:v0.12.0"
          imagePullPolicy: IfNotPresent
          volumeMounts:
            - name: config-volume
              mountPath: "/config"
          env:
            - name: CONFIG_PATH
              value: "/config/"
            - name: LOG_LEVEL
              value: "info"
            - name: BOTKUBE_VERSION
              value: v0.12.0
            - name: METRICS_PORT
              value: "2112"
      volumes:
        - name: config-volume
          projected:
            sources:
            - configMap:
                name: testing-botkube-configmap
            - secret:
                name: testing-botkube-communication-secret
      securityContext:
        runAsUser: 101
        runAsGroup: 101

@mergify mergify bot merged commit 38196d9 into develop Apr 15, 2021
@mergify mergify bot deleted the k8s/imagepullsecrets branch April 15, 2021 08:57
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@PrasadG193 PrasadG193 PrasadG193 approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Capability to specify imagePullSecrets for downloading the docker image
2 participants
@kartik-moolya @PrasadG193