Skip to content

Commit

Permalink
[Application] Add init container option
Browse files Browse the repository at this point in the history
  • Loading branch information
heubeck committed Nov 24, 2023
1 parent eface37 commit 825183d
Show file tree
Hide file tree
Showing 6 changed files with 128 additions and 7 deletions.
37 changes: 37 additions & 0 deletions chart-tests/application/ci/test-init-container-values.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,37 @@
resources:
requests:
cpu: 10m
memory: 50Mi
limits:
cpu: 100m
memory: 100Mi

volumeMounts:
- name: share
mountPath: /share

initContainers:
- name: first
image:
repository: redhat/ubi9-minimal
tag: 9.3
command: ['sh', '-c', 'echo $BUMP_ME_UP']
env:
BUMP_ME_UP: bump me up
securityContext:
runAsNonRoot: true
allowPrivilegeEscalation: false
runAsUser: 65534
runAsGroup: 65534
- name: second
image:
repository: redhat/ubi9-minimal
tag: 9.3
command: ['ls', '-lah', '/']
env: {}
restartPolicy: Never
securityContext:
runAsNonRoot: true
allowPrivilegeEscalation: false
runAsUser: 65534
runAsGroup: 65534
2 changes: 1 addition & 1 deletion chart-tests/application/ci/test-sidecar-values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ sidecars:
- name: sidekick
image:
repository: quay.io/heubeck/examiner
tag: 1.11.19
tag: 1.11.23
env:
ECHO_VALUE: yehaaa
QUARKUS_HTTP_PORT: 9090
Expand Down
2 changes: 1 addition & 1 deletion charts/application/Chart.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -7,4 +7,4 @@ maintainers:
- name: MediaMarktSaturn
url: https://github.com/MediaMarktSaturn
appVersion: 1.0.0
version: 1.6.1
version: 1.7.0
2 changes: 1 addition & 1 deletion charts/application/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -36,7 +36,7 @@ Generic application chart with common requirements of a typical workload.
| readinessProbe.failureThreshold | int | `3` | |
| readinessProbe.timeoutSeconds | int | `5` | |
| image.repository | string | `"quay.io/heubeck/examiner"` | |
| image.tag | string | `"1.11.19"` | |
| image.tag | string | `"1.11.23"` | |
| image.pullPolicy | string | `"IfNotPresent"` | |
| image.tagSemverRange | string | `"^1.x"` | |
| image.tagUpdateInterval | string | `"10m0s"` | |
Expand Down
57 changes: 55 additions & 2 deletions charts/application/templates/k8s-deployment.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -44,6 +44,48 @@ spec:
{{ $k }}: {{ $v | quote }}
{{- end }}
automountServiceAccountToken: {{ or .Values.serviceAccount.automountServiceAccountToken .Values.istio.enabled .Values.linkerd.enabled }} # 'true' if explictly set or required for side-car injection
initContainers: {{ if not .Values.initContainers -}}[]{{- end -}}
{{- range $i := .Values.initContainers }}
- name: {{ $i.name }}
image: "{{ .image.repository }}:{{ .image.tag }}"
imagePullPolicy: {{ or $i.image.pullPolicy $.Values.initDefaults.image.pullPolicy }}
command: {{ if not $i.command }}[]{{ end }}
{{- range $i.command }}
- {{ . | quote }}
{{- end }}
securityContext:
{{- toYaml $i.securityContext | nindent 12 }}
resources:
{{- toYaml (or $i.resources $.Values.initDefaults.resources) | nindent 12 }}
{{- if .env }}
env:
{{- range $k, $v := .env }}
- name: {{ $k }}
value: {{ $v | quote }}
{{- end }}
{{- end }}
{{- if (or $i.configEnvFrom $i.secretEnvFrom )}}
envFrom:
{{- range $c := $i.configEnvFrom }}
- configMapRef:
name: {{ $c }}
{{- end }}
{{- range $ie := $i.secretEnvFrom }}
- secretRef:
name: {{ $ie }}
{{- end }}
{{- end }}
volumeMounts: {{ if not (or $i.secretVolumes $.Values.volumeMounts) -}}[]{{- end -}}
{{- range $i.secretVolumes }}
- name: "{{ $i.name }}-{{ .secretName }}"
mountPath: {{ .mountPath }}
readOnly: true
{{- end }}
{{- range $.Values.volumeMounts }}
- name: {{ .name }}
mountPath: {{ .mountPath }}
{{- end }}
{{- end }}
containers:
{{- range $s := .Values.sidecars }}
- name: {{ $s.name }}
Expand Down Expand Up @@ -204,8 +246,10 @@ spec:
mountPath: {{ .mountPath }}
{{- end }}
{{ $hasSidecarVolume := 0 }}
{{ range .Values.sidecars }}{{ if .secretVolumes }}{{ $hasSidecarVolume =1 }}{{ end }}{{ end }}
volumes: {{ if not (or .Values.secretVolumes .Values.configVolumes .Values.serviceAccount.secretName .Values.encryptedSecret.mountPath .Values.volumeMounts $hasSidecarVolume) -}}[]{{- end -}}
{{ range .Values.sidecars }}{{ if .secretVolumes }}{{ $hasSidecarVolume = 1 }}{{ end }}{{ end }}
{{ $hasInitVolume := 0 }}
{{ range .Values.initContainers }}{{ if .secretVolumes }}{{ $hasInitVolume = 1 }}{{ end }}{{ end }}
volumes: {{ if not (or .Values.secretVolumes .Values.configVolumes .Values.serviceAccount.secretName .Values.encryptedSecret.mountPath .Values.volumeMounts $hasSidecarVolume $hasInitVolume) -}}[]{{- end -}}
{{- range .Values.secretVolumes }}
- name: {{ .secretName }}
secret:
Expand Down Expand Up @@ -244,3 +288,12 @@ spec:
{{- end }}
{{- end }}
{{- end }}
{{- range $i := .Values.initContainers }}
{{ if .secretVolumes }}
{{- range .secretVolumes }}
- name: "{{ $i.name }}-{{ .secretName }}"
secret:
secretName: {{ .secretName }}
{{- end }}
{{- end }}
{{- end }}
35 changes: 33 additions & 2 deletions charts/application/values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -47,7 +47,7 @@ readinessProbe:

image:
repository: quay.io/heubeck/examiner
tag: 1.11.19
tag: 1.11.23
pullPolicy: IfNotPresent

# ImagePolicy and check period for automated updates
Expand Down Expand Up @@ -248,7 +248,7 @@ sidecars: []
# - name: sqlproxy
# image:
# repository: quay.io/heubeck/examiner
# tag: 1.11.19
# tag: 1.11.23
# args: []
# env: {}
# configEnvFrom: []
Expand Down Expand Up @@ -281,3 +281,34 @@ sidecarDefaults:
securityContext:
runAsNonRoot: true
allowPrivilegeEscalation: false

# initContainers to be executed at pod startup
initContainers: []
# - name: setup
# image:
# repository: busybox
# tag: latest
# command: ['sh', '-c', 'echo "bump me up"']
# env: {}
# restartPolicy: Always
# configEnvFrom: []
# secretEnvFrom: []
# secretVolumes:
# - secretName: mysecret
# mountPath: /mypath
# # see initDefaults
# resources: {}
# securityContext: {}

# default values that apply on init containers if not explicit set
initDefaults:
image:
pullPolicy: IfNotPresent
resources:
requests:
cpu: 100m
memory: 100Mi
limits:
cpu: 500m
memory: 100Mi
restartPolicy: Always

0 comments on commit 825183d

Please sign in to comment.