From e77c4a59a1af50e4f47b15a93813680224243d65 Mon Sep 17 00:00:00 2001 From: Dariusch Ochlast Date: Fri, 25 Oct 2024 09:22:58 +0200 Subject: [PATCH] feat(cluster) add ServiceAccountTemplate annotations and labels Signed-off-by: Dariusch Ochlast --- Makefile | 4 ++-- charts/cluster/README.md | 3 ++- charts/cluster/README.md.gotmpl | 3 --- charts/cluster/templates/cluster.yaml | 13 ++++++++++++- ...01-non_default_configuration_cluster-assert.yaml | 6 ++++++ .../01-non_default_configuration_cluster.yaml | 5 +++++ charts/cluster/values.schema.json | 11 +++++++++++ charts/cluster/values.yaml | 7 +++++++ 8 files changed, 45 insertions(+), 7 deletions(-) diff --git a/Makefile b/Makefile index ac2030a88..96eb137bc 100644 --- a/Makefile +++ b/Makefile @@ -16,8 +16,8 @@ schema: cloudnative-pg-schema cluster-schema ## Generate charts' schema using he cloudnative-pg-schema: @helm schema-gen charts/cloudnative-pg/values.yaml | cat > charts/cloudnative-pg/values.schema.json || \ - (echo "Please, run: helm plugin install https://github.com/karuppiah7890/helm-schema-gen.git" && exit 1) + (echo "Please, run: helm plugin install https://github.com/KnechtionsCoding/helm-schema-gen.git" && exit 1) cluster-schema: @helm schema-gen charts/cluster/values.yaml | cat > charts/cluster/values.schema.json || \ - (echo "Please, run: helm plugin install https://github.com/karuppiah7890/helm-schema-gen.git" && exit 1) + (echo "Please, run: helm plugin install https://github.com/KnechtionsCoding/helm-schema-gen.git" && exit 1) diff --git a/charts/cluster/README.md b/charts/cluster/README.md index 99cc8c378..9590fb68b 100644 --- a/charts/cluster/README.md +++ b/charts/cluster/README.md @@ -180,6 +180,8 @@ refer to the [CloudNativePG Documentation](https://cloudnative-pg.io/documentat | cluster.priorityClassName | string | `""` | | | cluster.resources | object | `{}` | Resources requirements of every generated Pod. Please refer to https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ for more information. We strongly advise you use the same setting for limits and requests so that your cluster pods are given a Guaranteed QoS. See: https://kubernetes.io/docs/concepts/workloads/pods/pod-qos/ | | cluster.roles | list | `[]` | This feature enables declarative management of existing roles, as well as the creation of new roles if they are not already present in the database. See: https://cloudnative-pg.io/documentation/current/declarative_role_management/ | +| cluster.serviceAccount.annotations | object | `{}` | Annotations to be added to the ServiceAccount See: https://cloudnative-pg.io/documentation/current/appendixes/object_stores/#running-inside-google-kubernetes-engine See: https://cloudnative-pg.io/documentation/current/appendixes/object_stores/#iam-role-for-service-account-irsa | +| cluster.serviceAccount.labels | object | `{}` | Labels to be added to the ServiceAccount | | cluster.storage.size | string | `"8Gi"` | | | cluster.storage.storageClass | string | `""` | | | cluster.superuserSecret | string | `""` | | @@ -274,4 +276,3 @@ TODO ---- * IAM Role for S3 Service Account * Automatic provisioning of a Alert Manager configuration - diff --git a/charts/cluster/README.md.gotmpl b/charts/cluster/README.md.gotmpl index 1ca7bebaa..269af6d01 100644 --- a/charts/cluster/README.md.gotmpl +++ b/charts/cluster/README.md.gotmpl @@ -153,6 +153,3 @@ TODO ---- * IAM Role for S3 Service Account * Automatic provisioning of a Alert Manager configuration - - -{{ template "helm-docs.versionFooter" . }} diff --git a/charts/cluster/templates/cluster.yaml b/charts/cluster/templates/cluster.yaml index 169683fef..3e6bdb650 100644 --- a/charts/cluster/templates/cluster.yaml +++ b/charts/cluster/templates/cluster.yaml @@ -28,7 +28,7 @@ spec: walStorage: size: {{ .Values.cluster.walStorage.size }} storageClass: {{ .Values.cluster.walStorage.storageClass }} -{{- end }} +{{- end }} {{- with .Values.cluster.resources }} resources: {{- toYaml . | nindent 4 }} @@ -39,6 +39,17 @@ spec: {{- end }} priorityClassName: {{ .Values.cluster.priorityClassName }} + serviceAccountTemplate: + metadata: + {{- with .Values.cluster.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.cluster.serviceAccount.labels }} + labels: + {{ toYaml . | nindent 8 }} + {{- end }} + primaryUpdateMethod: {{ .Values.cluster.primaryUpdateMethod }} primaryUpdateStrategy: {{ .Values.cluster.primaryUpdateStrategy }} logLevel: {{ .Values.cluster.logLevel }} diff --git a/charts/cluster/test/postgresql-cluster-configuration/01-non_default_configuration_cluster-assert.yaml b/charts/cluster/test/postgresql-cluster-configuration/01-non_default_configuration_cluster-assert.yaml index 5f5c62a68..861a3516d 100644 --- a/charts/cluster/test/postgresql-cluster-configuration/01-non_default_configuration_cluster-assert.yaml +++ b/charts/cluster/test/postgresql-cluster-configuration/01-non_default_configuration_cluster-assert.yaml @@ -60,6 +60,12 @@ spec: values: - node1 - node2 + serviceAccountTemplate: + metadata: + annotations: + foo: bar + labels: + bar: foo resources: requests: cpu: 100m diff --git a/charts/cluster/test/postgresql-cluster-configuration/01-non_default_configuration_cluster.yaml b/charts/cluster/test/postgresql-cluster-configuration/01-non_default_configuration_cluster.yaml index 570ea8409..0200c75d8 100644 --- a/charts/cluster/test/postgresql-cluster-configuration/01-non_default_configuration_cluster.yaml +++ b/charts/cluster/test/postgresql-cluster-configuration/01-non_default_configuration_cluster.yaml @@ -52,6 +52,11 @@ cluster: inRoles: - pg_monitor - pg_signal_backend + serviceAccount: + annotations: + foo: bar + labels: + bar: foo postgresql: parameters: max_connections: "42" diff --git a/charts/cluster/values.schema.json b/charts/cluster/values.schema.json index 81899f1cd..b061e888f 100644 --- a/charts/cluster/values.schema.json +++ b/charts/cluster/values.schema.json @@ -288,6 +288,17 @@ "roles": { "type": "array" }, + "serviceAccount": { + "type": "object", + "properties": { + "annotations": { + "type": "object" + }, + "labels": { + "type": "object" + } + } + }, "storage": { "type": "object", "properties": { diff --git a/charts/cluster/values.yaml b/charts/cluster/values.yaml index d45e5c1e9..0e9b89c86 100644 --- a/charts/cluster/values.yaml +++ b/charts/cluster/values.yaml @@ -284,6 +284,13 @@ cluster: additionalLabels: {} annotations: {} + serviceAccount: + # -- Annotations to be added to the ServiceAccount + # See: https://cloudnative-pg.io/documentation/current/appendixes/object_stores/#running-inside-google-kubernetes-engine + # See: https://cloudnative-pg.io/documentation/current/appendixes/object_stores/#iam-role-for-service-account-irsa + annotations: {} + # -- Labels to be added to the ServiceAccount + labels: {} backups: # -- You need to configure backups manually, so backups are disabled by default.