From 1ead7a8667bc06a754e9536a5449ab292e0052f3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Serta=C3=A7=20=C3=96zercan?= <852750+sozercan@users.noreply.github.com> Date: Mon, 24 Oct 2022 19:57:01 -0700 Subject: [PATCH] revert: Revert "feat: Add extraEnv support to deployments (#2330)" (#2355) --- cmd/build/helmify/kustomize-for-helm.yaml | 130 +++++++++--------- cmd/build/helmify/replacements.go | 4 - .../gatekeeper-audit-deployment.yaml | 2 - ...ekeeper-controller-manager-deployment.yaml | 2 - 4 files changed, 63 insertions(+), 75 deletions(-) diff --git a/cmd/build/helmify/kustomize-for-helm.yaml b/cmd/build/helmify/kustomize-for-helm.yaml index d00d40c812a..bfb6cf5efce 100644 --- a/cmd/build/helmify/kustomize-for-helm.yaml +++ b/cmd/build/helmify/kustomize-for-helm.yaml @@ -95,15 +95,15 @@ spec: imagePullPolicy: "{{ .Values.image.pullPolicy }}" HELMSUBST_AUDIT_CONTROLLER_MANAGER_DEPLOYMENT_IMAGE_RELEASE: "" ports: - - containerPort: HELMSUBST_DEPLOYMENT_CONTROLLER_MANAGER_PORT - name: webhook-server - protocol: TCP - - containerPort: HELMSUBST_DEPLOYMENT_CONTROLLER_MANAGER_METRICS_PORT - name: metrics - protocol: TCP - - containerPort: HELMSUBST_DEPLOYMENT_CONTROLLER_MANAGER_HEALTH_PORT - name: healthz - protocol: TCP + - containerPort: HELMSUBST_DEPLOYMENT_CONTROLLER_MANAGER_PORT + name: webhook-server + protocol: TCP + - containerPort: HELMSUBST_DEPLOYMENT_CONTROLLER_MANAGER_METRICS_PORT + name: metrics + protocol: TCP + - containerPort: HELMSUBST_DEPLOYMENT_CONTROLLER_MANAGER_HEALTH_PORT + name: healthz + protocol: TCP readinessProbe: httpGet: path: /readyz @@ -130,8 +130,6 @@ spec: HELMSUBST_DEPLOYMENT_CONTROLLER_MANAGER_TOLERATIONS: "" imagePullSecrets: HELMSUBST_DEPLOYMENT_CONTROLLER_MANAGER_IMAGE_PULL_SECRETS: "" - env: - HELMSUBST_DEPLOYMENT_CONTROLLER_MANAGER_EXTRAENV: "" hostNetwork: HELMSUBST_DEPLOYMENT_CONTROLLER_MANAGER_HOST_NETWORK dnsPolicy: HELMSUBST_DEPLOYMENT_CONTROLLER_MANAGER_DNS_POLICY --- @@ -169,12 +167,12 @@ spec: imagePullPolicy: "{{ .Values.image.pullPolicy }}" HELMSUBST_AUDIT_CONTROLLER_MANAGER_DEPLOYMENT_IMAGE_RELEASE: "" ports: - - containerPort: HELMSUBST_DEPLOYMENT_AUDIT_METRICS_PORT - name: metrics - protocol: TCP - - containerPort: HELMSUBST_DEPLOYMENT_AUDIT_HEALTH_PORT - name: healthz - protocol: TCP + - containerPort: HELMSUBST_DEPLOYMENT_AUDIT_METRICS_PORT + name: metrics + protocol: TCP + - containerPort: HELMSUBST_DEPLOYMENT_AUDIT_HEALTH_PORT + name: healthz + protocol: TCP readinessProbe: httpGet: path: /readyz @@ -199,8 +197,6 @@ spec: HELMSUBST_DEPLOYMENT_AUDIT_TOLERATIONS: "" imagePullSecrets: HELMSUBST_DEPLOYMENT_AUDIT_IMAGE_PULL_SECRETS: "" - env: - HELMSUBST_DEPLOYMENT_AUDIT_EXTRAENV: "" hostNetwork: HELMSUBST_DEPLOYMENT_AUDIT_HOST_NETWORK dnsPolicy: HELMSUBST_DEPLOYMENT_AUDIT_DNS_POLICY --- @@ -219,25 +215,25 @@ metadata: name: gatekeeper-mutating-webhook-configuration annotations: HELMSUBST_MUTATING_WEBHOOK_ANNOTATIONS webhooks: - - clientConfig: - service: - name: gatekeeper-webhook-service - namespace: gatekeeper-system - path: /v1/mutate - failurePolicy: HELMSUBST_MUTATING_WEBHOOK_FAILURE_POLICY - reinvocationPolicy: HELMSUBST_MUTATING_WEBHOOK_REINVOCATION_POLICY - rules: - - HELMSUBST_MUTATING_WEBHOOK_OPERATION_RULES - matchPolicy: Exact - name: mutation.gatekeeper.sh - namespaceSelector: - matchExpressions: - - key: admission.gatekeeper.sh/ignore - operator: DoesNotExist - - HELMSUBST_MUTATING_WEBHOOK_EXEMPT_NAMESPACE_LABELS - objectSelector: HELMSUBST_MUTATING_WEBHOOK_OBJECT_SELECTOR - sideEffects: None - timeoutSeconds: HELMSUBST_MUTATING_WEBHOOK_TIMEOUT +- clientConfig: + service: + name: gatekeeper-webhook-service + namespace: gatekeeper-system + path: /v1/mutate + failurePolicy: HELMSUBST_MUTATING_WEBHOOK_FAILURE_POLICY + reinvocationPolicy: HELMSUBST_MUTATING_WEBHOOK_REINVOCATION_POLICY + rules: + - HELMSUBST_MUTATING_WEBHOOK_OPERATION_RULES + matchPolicy: Exact + name: mutation.gatekeeper.sh + namespaceSelector: + matchExpressions: + - key: admission.gatekeeper.sh/ignore + operator: DoesNotExist + - HELMSUBST_MUTATING_WEBHOOK_EXEMPT_NAMESPACE_LABELS + objectSelector: HELMSUBST_MUTATING_WEBHOOK_OBJECT_SELECTOR + sideEffects: None + timeoutSeconds: HELMSUBST_MUTATING_WEBHOOK_TIMEOUT --- apiVersion: admissionregistration.k8s.io/v1 kind: ValidatingWebhookConfiguration @@ -247,30 +243,30 @@ metadata: name: gatekeeper-validating-webhook-configuration annotations: HELMSUBST_VALIDATING_WEBHOOK_ANNOTATIONS webhooks: - - clientConfig: - service: - name: gatekeeper-webhook-service - namespace: gatekeeper-system - path: /v1/admit - name: validation.gatekeeper.sh - namespaceSelector: - matchExpressions: - - key: admission.gatekeeper.sh/ignore - operator: DoesNotExist - - HELMSUBST_VALIDATING_WEBHOOK_EXEMPT_NAMESPACE_LABELS - objectSelector: HELMSUBST_VALIDATING_WEBHOOK_OBJECT_SELECTOR - timeoutSeconds: HELMSUBST_VALIDATING_WEBHOOK_TIMEOUT - failurePolicy: HELMSUBST_VALIDATING_WEBHOOK_FAILURE_POLICY - rules: - - HELMSUBST_VALIDATING_WEBHOOK_OPERATION_RULES - - clientConfig: - service: - name: gatekeeper-webhook-service - namespace: gatekeeper-system - path: /v1/admitlabel - name: check-ignore-label.gatekeeper.sh - timeoutSeconds: HELMSUBST_VALIDATING_WEBHOOK_TIMEOUT - failurePolicy: HELMSUBST_VALIDATING_WEBHOOK_CHECK_IGNORE_FAILURE_POLICY +- clientConfig: + service: + name: gatekeeper-webhook-service + namespace: gatekeeper-system + path: /v1/admit + name: validation.gatekeeper.sh + namespaceSelector: + matchExpressions: + - key: admission.gatekeeper.sh/ignore + operator: DoesNotExist + - HELMSUBST_VALIDATING_WEBHOOK_EXEMPT_NAMESPACE_LABELS + objectSelector: HELMSUBST_VALIDATING_WEBHOOK_OBJECT_SELECTOR + timeoutSeconds: HELMSUBST_VALIDATING_WEBHOOK_TIMEOUT + failurePolicy: HELMSUBST_VALIDATING_WEBHOOK_FAILURE_POLICY + rules: + - HELMSUBST_VALIDATING_WEBHOOK_OPERATION_RULES +- clientConfig: + service: + name: gatekeeper-webhook-service + namespace: gatekeeper-system + path: /v1/admitlabel + name: check-ignore-label.gatekeeper.sh + timeoutSeconds: HELMSUBST_VALIDATING_WEBHOOK_TIMEOUT + failurePolicy: HELMSUBST_VALIDATING_WEBHOOK_CHECK_IGNORE_FAILURE_POLICY --- apiVersion: policy/v1 kind: PodDisruptionBudget @@ -295,8 +291,8 @@ spec: pods: HELMSUBST_RESOURCEQUOTA_POD_LIMIT scopeSelector: matchExpressions: - - operator: In - scopeName: PriorityClass - values: - - HELMSUBST_DEPLOYMENT_CONTROLLER_MANAGER_PRIORITY_CLASS_NAME - - HELMSUBST_DEPLOYMENT_AUDIT_PRIORITY_CLASS_NAME + - operator: In + scopeName: PriorityClass + values: + - HELMSUBST_DEPLOYMENT_CONTROLLER_MANAGER_PRIORITY_CLASS_NAME + - HELMSUBST_DEPLOYMENT_AUDIT_PRIORITY_CLASS_NAME diff --git a/cmd/build/helmify/replacements.go b/cmd/build/helmify/replacements.go index efecb297db5..fd0aa7ce72a 100644 --- a/cmd/build/helmify/replacements.go +++ b/cmd/build/helmify/replacements.go @@ -47,8 +47,6 @@ var replacements = map[string]string{ `HELMSUBST_DEPLOYMENT_AUDIT_IMAGE_PULL_SECRETS: ""`: `{{- toYaml .Values.image.pullSecrets | nindent 8 }}`, - `HELMSUBST_DEPLOYMENT_AUDIT_EXTRAENV: ""`: `{{- toYaml .Values.audit.extraEnv | nindent 8 }}`, - "HELMSUBST_DEPLOYMENT_AUDIT_PRIORITY_CLASS_NAME": `{{ .Values.audit.priorityClassName }}`, `HELMSUBST_DEPLOYMENT_CONTROLLER_MANAGER_NODE_SELECTOR: ""`: `{{- toYaml .Values.controllerManager.nodeSelector | nindent 8 }}`, @@ -69,8 +67,6 @@ var replacements = map[string]string{ `HELMSUBST_DEPLOYMENT_CONTROLLER_MANAGER_IMAGE_PULL_SECRETS: ""`: `{{- toYaml .Values.image.pullSecrets | nindent 8 }}`, - `HELMSUBST_DEPLOYMENT_CONTROLLER_MANAGER_EXTRAENV: ""`: `{{- toYaml .Values.controllerManager.extraEnv | nindent 8 }}`, - "HELMSUBST_DEPLOYMENT_CONTROLLER_MANAGER_PRIORITY_CLASS_NAME": `{{ .Values.controllerManager.priorityClassName }}`, "HELMSUBST_DEPLOYMENT_REPLICAS": `{{ .Values.replicas }}`, diff --git a/manifest_staging/charts/gatekeeper/templates/gatekeeper-audit-deployment.yaml b/manifest_staging/charts/gatekeeper/templates/gatekeeper-audit-deployment.yaml index e7c99b722c0..e11ad748713 100644 --- a/manifest_staging/charts/gatekeeper/templates/gatekeeper-audit-deployment.yaml +++ b/manifest_staging/charts/gatekeeper/templates/gatekeeper-audit-deployment.yaml @@ -121,8 +121,6 @@ spec: - mountPath: /tmp/audit name: tmp-volume dnsPolicy: {{ .Values.audit.dnsPolicy }} - env: - {{- toYaml .Values.audit.extraEnv | nindent 8 }} hostNetwork: {{ .Values.audit.hostNetwork }} imagePullSecrets: {{- toYaml .Values.image.pullSecrets | nindent 8 }} diff --git a/manifest_staging/charts/gatekeeper/templates/gatekeeper-controller-manager-deployment.yaml b/manifest_staging/charts/gatekeeper/templates/gatekeeper-controller-manager-deployment.yaml index 5fb725005ac..266bbeba400 100644 --- a/manifest_staging/charts/gatekeeper/templates/gatekeeper-controller-manager-deployment.yaml +++ b/manifest_staging/charts/gatekeeper/templates/gatekeeper-controller-manager-deployment.yaml @@ -136,8 +136,6 @@ spec: name: cert readOnly: true dnsPolicy: {{ .Values.controllerManager.dnsPolicy }} - env: - {{- toYaml .Values.controllerManager.extraEnv | nindent 8 }} hostNetwork: {{ .Values.controllerManager.hostNetwork }} imagePullSecrets: {{- toYaml .Values.image.pullSecrets | nindent 8 }}