fix: datastore resource object hook #39
Conversation
| version: 0.3.0 | ||
| version: 0.4.0 |
There was a problem hiding this comment.
A minor change is required since the Datastore manifest will be part of the managed resources, as the opposite for the RBAC-related one (Role, Rolebinding, ServiceAccount).
| annotations: | ||
| "helm.sh/hook": pre-install | ||
| "helm.sh/hook-weight": "5" |
There was a problem hiding this comment.
The ConfigMap containing the CSR data is required only upon installation.
| annotations: | ||
| "helm.sh/hook": post-install,post-upgrade,post-rollback | ||
| "helm.sh/hook-weight": "5" |
There was a problem hiding this comment.
To avoid the Datastore from being delete upon every upgrade, or rollback, the hooks must be removed.
prometherion
force-pushed
the
issues/38
branch
from
4975628
to
2717fbc
Compare
| kubectl --namespace={{ .Release.Namespace }} create secret tls {{ include "etcd.clientSecretName" . }} --key=/certs/root-client-key.pem --cert=/certs/root-client.pem && | ||
| kubectl --namespace={{ .Release.Namespace }} rollout status sts/{{ include "etcd.stsName" . }} --timeout=300s | ||
| kubectl --namespace={{ .Release.Namespace }} create secret tls {{ include "etcd.clientSecretName" . }} --key=/certs/root-client-key.pem --cert=/certs/root-client.pem |
There was a problem hiding this comment.
Statefulset rollout check has been moved to the etcd_job_preinstall_2.yaml job since the StatefulSet resource will be created once the pre-install phase has been completed.
| @@ -24,7 +24,6 @@ spec: | |||
| {{- toYaml .Values.podAnnotations | nindent 8 }} | |||
| {{- end }} | |||
| spec: | |||
| serviceAccountName: {{ include "etcd.serviceAccountName" . }} | |||
There was a problem hiding this comment.
The etcd cluster didn't ever need a SA since there's no interaction with the Kubernetes API Server.
Fixes #38.
The hook list was wrong, causing a deletion of the DataStore upon an update, or a rollback.