From bc13cffce59dfa72da8a029f1f8d9c3c973b65aa Mon Sep 17 00:00:00 2001 From: Stevo Slavic Date: Fri, 26 Jan 2024 13:37:57 +0100 Subject: [PATCH] feat(helm chart): Make env vars configurable and auto configure go runtime Signed-off-by: Stevo Slavic --- .../gatekeeper/helmify/kustomize-for-helm.yaml | 7 +++++++ .../gatekeeper/helmify/static/README.md | 2 ++ .../gatekeeper/helmify/static/values.yaml | 9 +++++++++ 3 files changed, 18 insertions(+) diff --git a/third_party/open-policy-agent/gatekeeper/helmify/kustomize-for-helm.yaml b/third_party/open-policy-agent/gatekeeper/helmify/kustomize-for-helm.yaml index a4d59d149..478255285 100644 --- a/third_party/open-policy-agent/gatekeeper/helmify/kustomize-for-helm.yaml +++ b/third_party/open-policy-agent/gatekeeper/helmify/kustomize-for-helm.yaml @@ -46,6 +46,13 @@ spec: - --metrics-backend={{ .Values.metricsBackend }} command: - /manager + env: + {{- with .Values.goEnvVars }} + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.extraEnvVars }} + {{- toYaml . | nindent 8 }} + {{- end }} envFrom: - configMapRef: name: azure-wi-webhook-config diff --git a/third_party/open-policy-agent/gatekeeper/helmify/static/README.md b/third_party/open-policy-agent/gatekeeper/helmify/static/README.md index 45a7be462..514452d89 100644 --- a/third_party/open-policy-agent/gatekeeper/helmify/static/README.md +++ b/third_party/open-policy-agent/gatekeeper/helmify/static/README.md @@ -36,6 +36,8 @@ helm upgrade -n azure-workload-identity-system [RELEASE_NAME] azure-workload-ide | image.pullPolicy | Image pullPolicy | `IfNotPresent` | | image.release | The image release tag to use | Current release version: `v1.2.0` | | imagePullSecrets | Image pull secrets to use for retrieving images from private registries | `[]` | +| goEnvVars | Go runtime environment variables to pass to the azure-wi-webhook-controller-manager's _manager_ container. | `See _values.yaml_` | +| extraEnvVars | Additional environment variables to pass to the azure-wi-webhook-controller-manager's _manager_ container. | `[]` | | nodeSelector | The node selector to use for pod scheduling | `kubernetes.io/os: linux` | | resources | The resource request/limits for the container image | limits: 100m CPU, 30Mi, requests: 100m CPU, 20Mi | | affinity | The node affinity to use for pod scheduling | `{}` | diff --git a/third_party/open-policy-agent/gatekeeper/helmify/static/values.yaml b/third_party/open-policy-agent/gatekeeper/helmify/static/values.yaml index 305953bd3..ba7c879a5 100644 --- a/third_party/open-policy-agent/gatekeeper/helmify/static/values.yaml +++ b/third_party/open-policy-agent/gatekeeper/helmify/static/values.yaml @@ -9,6 +9,15 @@ image: # Overrides the image tag whose default is the chart appVersion. release: v1.2.0 imagePullSecrets: [] +goEnvVars: +- name: GOMAXPROCS + valueFrom: + resourceFieldRef: + resource: requests.cpu +- name: GOMEMLIMIT + valueFrom: + resourceFieldRef: + resource: limits.memory nodeSelector: kubernetes.io/os: linux resources: