Skip to content

Commit

Permalink
Update Helm to use configmaps for user config rather than secrets (#4122
Browse files Browse the repository at this point in the history 
)

* Update Hel to use configmaps for user config rather than secrets

* fix checksum

* update configmap
  • Loading branch information
@d80tb7
d80tb7 authored Jan 7, 2025
1 parent 6e5c1eb commit 5d24d0a
Show file tree
Hide file tree
Showing 20 changed files with 60 additions and 68 deletions.
5 changes: 2 additions & 3 deletions deployment/armada/templates/secret.yaml → deployment/armada/templates/configmap.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,13 +1,12 @@
apiVersion: v1
kind: Secret
kind: ConfigMap
metadata:
name: {{ include "armada.config.name" . }}
namespace: {{ .Release.Namespace }}
labels:
{{- include "armada.labels.all" . | nindent 4 }}
type: Opaque
data:
{{ include "armada.config.filename" . }}: |
{{- if .Values.applicationConfig }}
{{ toYaml .Values.applicationConfig | b64enc | indent 4 }}
{{ toYaml .Values.applicationConfig | indent 4 }}
{{- end }}
6 changes: 3 additions & 3 deletions deployment/armada/templates/deployment.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@ spec:
metadata:
name: {{ include "armada.name" . }}
annotations:
checksum/config: {{ include (print $.Template.BasePath "/secret.yaml") . | sha256sum }}
checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }}
labels:
{{- include "armada.labels.all" . | nindent 8 }}
spec:
Expand Down Expand Up @@ -131,8 +131,8 @@ spec:
topologyKey: kubernetes.io/hostname
volumes:
- name: user-config
secret:
secretName: {{ include "armada.config.name" . }}
configMap:
name: {{ include "armada.config.name" . }}
{{- if .Values.applicationConfig.pulsar.authenticationEnabled }}
- name: pulsar-token
secret:
Expand Down
5 changes: 2 additions & 3 deletions deployment/binoculars/templates/secret.yaml → ...yment/binoculars/templates/configmap.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,13 +1,12 @@
apiVersion: v1
kind: Secret
kind: ConfigMap
metadata:
name: {{ include "binoculars.config.name" . }}
namespace: {{ .Release.Namespace }}
labels:
{{- include "binoculars.labels.all" . | nindent 4 }}
type: Opaque
data:
{{ include "binoculars.config.filename" . }}: |
{{- if .Values.applicationConfig }}
{{ toYaml .Values.applicationConfig | b64enc | indent 4 }}
{{ toYaml .Values.applicationConfig | indent 4 }}
{{- end }}
6 changes: 3 additions & 3 deletions deployment/binoculars/templates/deployment.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@ spec:
metadata:
name: {{ include "binoculars.name" . }}
annotations:
checksum/config: {{ include (print $.Template.BasePath "/secret.yaml") . | sha256sum }}
checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }}
labels:
{{- include "binoculars.labels.all" . | nindent 8 }}
spec:
Expand Down Expand Up @@ -102,8 +102,8 @@ spec:
topologyKey: kubernetes.io/hostname
volumes:
- name: user-config
secret:
secretName: {{ include "binoculars.config.name" . }}
configMap:
name: {{ include "binoculars.config.name" . }}
{{- if .Values.applicationConfig.grpc.tls.enabled }}
- name: tls-certs
secret:
Expand Down
6 changes: 3 additions & 3 deletions ...ment/event-ingester/templates/secret.yaml → ...t/event-ingester/templates/configmap.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,13 +1,13 @@
apiVersion: v1
kind: Secret
kind: ConfigMap
metadata:
name: {{ include "event_ingester.config.name" . }}
namespace: {{ .Release.Namespace }}
labels:
{{- include "event_ingester.labels.all" . | nindent 4 }}
type: Opaque
data:
{{ include "event_ingester.config.filename" . }}: |
{{- if .Values.applicationConfig }}
{{ toYaml .Values.applicationConfig | b64enc | indent 4 }}
{{ toYaml .Values.applicationConfig | indent 4 }}
{{- end }}

6 changes: 3 additions & 3 deletions deployment/event-ingester/templates/deployment.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@ spec:
metadata:
name: {{ include "event_ingester.name" . }}
annotations:
checksum/config: {{ include (print $.Template.BasePath "/secret.yaml") . | sha256sum }}
checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }}
labels:
{{- include "event_ingester.labels.all" . | nindent 8 }}
spec:
Expand Down Expand Up @@ -87,8 +87,8 @@ spec:
topologyKey: kubernetes.io/hostname
volumes:
- name: user-config
secret:
secretName: {{ include "event_ingester.config.name" . }}
configMap:
name: {{ include "event_ingester.config.name" . }}
{{- if .Values.applicationConfig.pulsar.authenticationEnabled }}
- name: pulsar-token
secret:
Expand Down
5 changes: 2 additions & 3 deletions deployment/executor/templates/secret.yaml → deployment/executor/templates/configmap.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,13 +1,12 @@
apiVersion: v1
kind: Secret
kind: ConfigMap
metadata:
name: {{ include "executor.config.name" . }}
namespace: {{ .Release.Namespace }}
labels:
{{- include "executor.labels.all" . | nindent 4 }}
type: Opaque
data:
{{ include "executor.config.filename" . }}: |
{{- if .Values.applicationConfig }}
{{ toYaml .Values.applicationConfig | b64enc | indent 4 }}
{{ toYaml .Values.applicationConfig | indent 4 }}
{{- end }}
6 changes: 3 additions & 3 deletions deployment/executor/templates/deployment.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@ spec:
metadata:
name: {{ include "executor.name" . }}
annotations:
checksum/config: {{ include (print $.Template.BasePath "/secret.yaml") . | sha256sum }}
checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }}
labels:
{{- include "executor.labels.all" . | nindent 8 }}
spec:
Expand Down Expand Up @@ -90,8 +90,8 @@ spec:
{{- end }}
volumes:
- name: user-config
secret:
secretName: {{ include "executor.config.name" . }}
configMap:
name: {{ include "executor.config.name" . }}
{{- if .Values.additionalVolumes }}
{{- toYaml .Values.additionalVolumes | nindent 8 }}
{{- end }}
5 changes: 2 additions & 3 deletions ...lookout-ingester-v2/templates/secret.yaml → ...kout-ingester-v2/templates/configmap.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,13 +1,12 @@
apiVersion: v1
kind: Secret
kind: ConfigMap
metadata:
name: {{ include "lookout_ingester_v2.config.name" . }}
namespace: {{ .Release.Namespace }}
labels:
{{- include "lookout_ingester_v2.labels.all" . | nindent 4 }}
type: Opaque
data:
{{ include "lookout_ingester_v2.config.filename" . }}: |
{{- if .Values.applicationConfig }}
{{ toYaml .Values.applicationConfig | b64enc | indent 4 }}
{{ toYaml .Values.applicationConfig | indent 4 }}
{{- end }}
6 changes: 3 additions & 3 deletions deployment/lookout-ingester-v2/templates/deployment.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@ spec:
metadata:
name: {{ include "lookout_ingester_v2.name" . }}
annotations:
checksum/config: {{ include (print $.Template.BasePath "/secret.yaml") . | sha256sum }}
checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }}
labels:
{{- include "lookout_ingester_v2.labels.all" . | nindent 8 }}
spec:
Expand Down Expand Up @@ -87,8 +87,8 @@ spec:
topologyKey: kubernetes.io/hostname
volumes:
- name: user-config
secret:
secretName: {{ include "lookout_ingester_v2.config.name" . }}
configMap:
name: {{ include "lookout_ingester_v2.config.name" . }}
{{- if .Values.applicationConfig.pulsar.authenticationEnabled }}
- name: pulsar-token
secret:
Expand Down
9 changes: 4 additions & 5 deletions deployment/lookout-v2/templates/secret.yaml → ...out-migration-v2/templates/configmap.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,13 +1,12 @@
apiVersion: v1
kind: Secret
kind: ConfigMap
metadata:
name: {{ include "lookout_v2.config.name" . }}
namespace: {{ .Release.Namespace }}
labels:
{{- include "lookout_v2.labels.all" . | nindent 4 }}
type: Opaque
data:
{{ include "lookout_v2.config.filename" . }}: |
{{- if .Values.applicationConfig }}
{{ toYaml .Values.applicationConfig | b64enc | indent 4 }}
{{- end }}
{{- if .Values.applicationConfig }}
{{ toYaml .Values.applicationConfig | indent 4 }}
{{- end }}
4 changes: 2 additions & 2 deletions deployment/lookout-migration-v2/templates/job.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -49,8 +49,8 @@ spec:
allowPrivilegeEscalation: false
volumes:
- name: user-config
secret:
secretName: {{ include "lookout_v2.config.name" . }}
configMap:
name: {{ include "lookout_v2.config.name" . }}
{{- if .Values.additionalVolumes }}
{{- toYaml .Values.additionalVolumes | nindent 8 }}
{{- end }}
9 changes: 4 additions & 5 deletions ...ookout-migration-v2/templates/secret.yaml → ...yment/lookout-v2/templates/configmap.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,13 +1,12 @@
apiVersion: v1
kind: Secret
kind: ConfigMap
metadata:
name: {{ include "lookout_v2.config.name" . }}
namespace: {{ .Release.Namespace }}
labels:
{{- include "lookout_v2.labels.all" . | nindent 4 }}
type: Opaque
data:
{{ include "lookout_v2.config.filename" . }}: |
{{- if .Values.applicationConfig }}
{{ toYaml .Values.applicationConfig | b64enc | indent 4 }}
{{- end }}
{{- if .Values.applicationConfig }}
{{ toYaml .Values.applicationConfig | indent 4 }}
{{- end }}
6 changes: 3 additions & 3 deletions deployment/lookout-v2/templates/deployment.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@ spec:
metadata:
name: {{ include "lookout_v2.name" . }}
annotations:
checksum/config: {{ include (print $.Template.BasePath "/secret.yaml") . | sha256sum }}
checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }}
labels:
{{- include "lookout_v2.labels.all" . | nindent 8 }}
spec:
Expand Down Expand Up @@ -101,8 +101,8 @@ spec:
topologyKey: kubernetes.io/hostname
volumes:
- name: user-config
secret:
secretName: {{ include "lookout_v2.config.name" . }}
configMap:
name: {{ include "lookout_v2.config.name" . }}
{{- if .Values.applicationConfig.tls.enabled }}
- name: tls-certs
secret:
Expand Down
10 changes: 5 additions & 5 deletions ...scheduler-migration/templates/secret.yaml → ...eduler-migration/templates/configmap.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,13 +1,13 @@
apiVersion: v1
kind: Secret
kind: ConfigMap
metadata:
name: {{ include "armada-scheduler.config.name" . }}
namespace: {{ .Release.Namespace }}
labels:
{{- include "armada-scheduler.labels.all" . | nindent 4 }}
type: Opaque
data:
{{ include "armada-scheduler.config.filename" . }}: |
{{- if .Values.applicationConfig }}
{{ toYaml .Values.applicationConfig | b64enc | indent 4 }}
{{- end }}
{{- if .Values.applicationConfig }}
{{ toYaml .Values.applicationConfig | indent 4 }}
{{- end }}
4 changes: 2 additions & 2 deletions deployment/scheduler-migration/templates/job.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -49,8 +49,8 @@ spec:
allowPrivilegeEscalation: false
volumes:
- name: user-config
secret:
secretName: {{ include "armada-scheduler.config.name" . }}
configMap:
name: {{ include "armada-scheduler.config.name" . }}
{{- if .Values.additionalVolumes }}
{{- toYaml .Values.additionalVolumes | nindent 8 }}
{{- end }}
9 changes: 4 additions & 5 deletions ...scheduler/templates/scheduler-secret.yaml → ...eduler/templates/scheduler-configmap.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,13 +1,12 @@
apiVersion: v1
kind: Secret
kind: ConfigMap
metadata:
name: {{ include "armada-scheduler.config.name" . }}
namespace: {{ .Release.Namespace }}
labels:
{{- include "armada-scheduler.labels.all" . | nindent 4 }}
type: Opaque
data:
{{ include "armada-scheduler.config.filename" . }}: |
{{- if .Values.scheduler.applicationConfig }}
{{ toYaml .Values.scheduler.applicationConfig | b64enc | indent 4 }}
{{- end }}
{{- if .Values.scheduler.applicationConfig }}
{{ toYaml .Values.scheduler.applicationConfig | indent 4 }}
{{- end }}
9 changes: 4 additions & 5 deletions .../templates/scheduler-ingester-secret.yaml → ...mplates/scheduler-ingester-configmap.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,13 +1,12 @@
apiVersion: v1
kind: Secret
kind: ConfigMap
metadata:
name: {{ include "armada-scheduler-ingester.config.name" . }}
namespace: {{ .Release.Namespace }}
labels:
{{- include "armada-scheduler-ingester.labels.all" . | nindent 4 }}
type: Opaque
data:
{{ include "armada-scheduler-ingester.config.filename" . }}: |
{{- if .Values.ingester.applicationConfig }}
{{ toYaml .Values.ingester.applicationConfig | b64enc | indent 4 }}
{{- end }}
{{- if .Values.ingester.applicationConfig }}
{{ toYaml .Values.ingester.applicationConfig | indent 4 }}
{{- end }}
6 changes: 3 additions & 3 deletions deployment/scheduler/templates/scheduler-ingester-deployment.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@ spec:
metadata:
name: {{ include "armada-scheduler.name" . }}-ingester
annotations:
checksum/config: {{ include (print $.Template.BasePath "/scheduler-ingester-secret.yaml") . | sha256sum }}
checksum/config: {{ include (print $.Template.BasePath "/scheduler-ingester-configmap.yaml") . | sha256sum }}
labels:
{{- include "armada-scheduler-ingester.labels.all" . | nindent 8 }}
spec:
Expand Down Expand Up @@ -87,8 +87,8 @@ spec:
topologyKey: kubernetes.io/hostname
volumes:
- name: user-config
secret:
secretName: {{ include "armada-scheduler-ingester.config.name" . }}
configMap:
name: {{ include "armada-scheduler-ingester.config.name" . }}
{{- if .Values.ingester.applicationConfig.pulsar.authenticationEnabled }}
- name: pulsar-token
secret:
Expand Down
6 changes: 3 additions & 3 deletions deployment/scheduler/templates/scheduler-statefulset.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ spec:
metadata:
name: {{ include "armada-scheduler.name" . }}
annotations:
checksum/config: {{ include (print $.Template.BasePath "/scheduler-secret.yaml") . | sha256sum }}
checksum/config: {{ include (print $.Template.BasePath "/scheduler-configmap.yaml") . | sha256sum }}
labels:
{{- include "armada-scheduler.labels.all" . | nindent 8 }}
spec:
Expand Down Expand Up @@ -132,8 +132,8 @@ spec:
secretName: armada-scheduler-service-tls
{{- end}}
- name: user-config
secret:
secretName: {{ include "armada-scheduler.config.name" . }}
configMap:
name: {{ include "armada-scheduler.config.name" . }}
{{- if .Values.scheduler.applicationConfig.pulsar.authenticationEnabled }}
- name: pulsar-token
secret:
Expand Down

0 comments on commit 5d24d0a

Please sign in to comment.