From d30fd3b5d686e76abd34cd1a5e00d5deb15452fd Mon Sep 17 00:00:00 2001
From: Steffen Heidel <kontakt@sthh.eu>
Date: Fri, 8 Apr 2022 15:17:41 +0200
Subject: [PATCH] feat: add custom annotations to kratos courier (#414)

---
 .../kratos/templates/statefulset-mail.yaml    | 38 ++++++++++------
 helm/charts/kratos/values.yaml                | 45 ++++++++++++++++---
 2 files changed, 64 insertions(+), 19 deletions(-)

diff --git a/helm/charts/kratos/templates/statefulset-mail.yaml b/helm/charts/kratos/templates/statefulset-mail.yaml
index e6f004c0a..ae3ed4944 100644
--- a/helm/charts/kratos/templates/statefulset-mail.yaml
+++ b/helm/charts/kratos/templates/statefulset-mail.yaml
@@ -1,5 +1,11 @@
 {{- $resources := ternary .Values.deployment.resources .Values.resources (not (empty .Values.deployment.resources )) -}}
-
+{{- $annotations := ternary .Values.statefulSet.annotations .Values.deployment.annotations (not (empty .Values.statefulSet.annotations )) -}}
+{{- $labels := ternary .Values.statefulSet.labels .Values.deployment.labels (not (empty .Values.statefulSet.labels )) -}}
+{{- $extraVolumeMounts := ternary .Values.statefulSet.extraVolumeMounts .Values.deployment.extraVolumeMounts (not (empty .Values.statefulSet.extraVolumeMounts )) -}}
+{{- $extraEnv := ternary .Values.statefulSet.extraEnv .Values.deployment.extraEnv (not (empty .Values.statefulSet.extraEnv )) -}}
+{{- $extraContainers := ternary .Values.statefulSet.extraContainers .Values.deployment.extraContainers (not (empty .Values.statefulSet.extraContainers )) -}}
+{{- $extraInitContainers := ternary .Values.statefulSet.extraInitContainers .Values.deployment.extraInitContainers (not (empty .Values.statefulSet.extraInitContainers )) -}}
+{{- $extraVolumes := ternary .Values.statefulSet.extraVolumes .Values.deployment.extraVolumes (not (empty .Values.statefulSet.extraVolumes )) -}}
 ---
 apiVersion: apps/v1
 kind: StatefulSet
@@ -10,11 +16,11 @@ metadata:
   {{- end }}
   labels:
 {{ include "kratos.labels" . | indent 4 }}
-    {{- with .Values.deployment.labels }}
+    {{- with $labels }}
       {{- toYaml . | nindent 4 }}
     {{- end }}
   annotations:
-    {{- with .Values.deployment.annotations }}
+    {{- with $annotations }}
       {{- toYaml . | nindent 4 }}
     {{- end }}
 spec:
@@ -29,7 +35,11 @@ spec:
       labels:
         app.kubernetes.io/name: {{ include "kratos.fullname" . }}-courier
         app.kubernetes.io/instance: {{ .Release.Name }}
-        {{- with .Values.deployment.labels }}
+        {{- with $labels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      annotations:
+        {{- with $annotations }}
           {{- toYaml . | nindent 8 }}
         {{- end }}
     spec:
@@ -46,8 +56,8 @@ spec:
             - name: {{ include "kratos.fullname" . }}-config-volume
               mountPath: /etc/config
               readOnly: true
-            {{- if .Values.deployment.extraVolumeMounts }}
-{{ toYaml .Values.deployment.extraVolumeMounts | indent 12 }}
+            {{- if $extraVolumeMounts }}
+{{ toYaml $extraVolumeMounts | indent 12 }}
             {{- end }}
             {{- $root := . -}}
             {{- range $method, $methodEntry := .Values.kratos.emailTemplates }}
@@ -90,8 +100,8 @@ spec:
                 secretKeyRef:
                   name: {{ include "kratos.secretname" . }}
                   key: smtpConnectionURI
-            {{- if .Values.deployment.extraEnv }}
-{{ toYaml .Values.deployment.extraEnv | indent 12 }}
+            {{- if $extraEnv }}
+{{ toYaml $extraEnv | indent 12 }}
             {{- end }}
           resources:
               {{- toYaml $resources | nindent 12 }}
@@ -99,19 +109,19 @@ spec:
           securityContext:
             {{- toYaml .Values.securityContext | nindent 12 }}
           {{- end }}
-        {{- if .Values.deployment.extraContainers }}
-{{ tpl .Values.deployment.extraContainers . | indent 8 }}
+        {{- if $extraContainers }}
+{{ tpl $extraContainers . | indent 8 }}
         {{- end }}
-      {{- if .Values.deployment.extraInitContainers }}
+      {{- if $extraInitContainers }}
       initContainers:
-{{ tpl .Values.deployment.extraInitContainers . | indent 8 }}
+{{ tpl $extraInitContainers . | indent 8 }}
       {{- end }}
       volumes:
         - name: {{ include "kratos.fullname" . }}-config-volume
           configMap:
             name: {{ include "kratos.fullname" . }}-config
-        {{- if .Values.deployment.extraVolumes }}
-{{ toYaml .Values.deployment.extraVolumes | indent 8 }}
+        {{- if $extraVolumes }}
+{{ toYaml $extraVolumes | indent 8 }}
         {{- end }}
         {{- $root := . -}}
         {{- range $method, $methodEntry := .Values.kratos.emailTemplates }}
diff --git a/helm/charts/kratos/values.yaml b/helm/charts/kratos/values.yaml
index c6d6d936d..6a5cddeec 100644
--- a/helm/charts/kratos/values.yaml
+++ b/helm/charts/kratos/values.yaml
@@ -180,7 +180,7 @@ deployment:
     periodSeconds: 10
     failureThreshold: 5
 
-  # -- Array of extra argumetns to be passed down to the deployment. Kubernetes args format is expected
+  # -- Array of extra arguments to be passed down to the deployment. Kubernetes args format is expected
   # - --foo
   # - --sqa-opt-out
   extraArgs: []
@@ -261,7 +261,7 @@ deployment:
   # -- Node labels for pod assignment.
   nodeSelector: {}
   # If you do want to specify node labels, uncomment the following
-  # lines, adjust them as necessary, and remove the curly braces after 'annotations:'.
+  # lines, adjust them as necessary, and remove the curly braces after 'nodeSelector:'.
   #   foo: bar
 
   # -- Configure node tolerations.
@@ -285,9 +285,9 @@ deployment:
   # environmentSecretsName:
 
   # -- Specify the serviceAccountName value.
-  # In some situations it is needed to provides specific permissions to Hydra deployments
-  # Like for example installing Hydra on a cluster with a PosSecurityPolicy and Istio.
-  # Uncoment if it is needed to provide a ServiceAccount for the Hydra deployment.
+  # In some situations it is needed to provide specific permissions to Kratos deployments.
+  # Like for example installing Kratos on a cluster with a PosSecurityPolicy and Istio.
+  # Uncomment if it is needed to provide a ServiceAccount for the Kratos deployment.
   serviceAccount:
     # -- Specifies whether a service account should be created
     create: true
@@ -313,6 +313,41 @@ statefulSet:
     #    cpu: 100m
     #  memory: 128Mi
 
+    extraEnv: []
+    # -- If you want to mount external volume
+    # For example, mount a secret containing Certificate root CA to verify database
+    # TLS connection.
+    extraVolumes: []
+    # - name: my-volume
+    #   secret:
+    #     secretName: my-secret
+    extraVolumeMounts: []
+    # - name: my-volume
+    #   mountPath: /etc/secrets/my-secret
+    #   readOnly: true
+
+    # -- If you want to add extra init containers. These are processed before the migration init container.
+    extraInitContainers: {}
+    # extraInitContainers: |
+    #  - name: ...
+    #    image: ...
+
+    # -- If you want to add extra sidecar containers.
+    extraContainers: {}
+    # extraContainers: |
+    #  - name: ...
+    #    image: ...
+
+    annotations: {}
+    #      If you do want to specify annotations, uncomment the following
+    #      lines, adjust them as necessary, and remove the curly braces after 'annotations:'.
+    #      e.g.  sidecar.istio.io/rewriteAppHTTPProbers: "true"
+
+    labels: {}
+    #      If you do want to specify additional labels, uncomment the following
+    #      lines, adjust them as necessary, and remove the curly braces after 'labels:'.
+    #      e.g.  type: app
+
 securityContext:
   capabilities:
     drop: