aligned serviceAccount configuration with argo-cd values

Signed-off-by: chgl <chgl@users.noreply.github.com>
2021-05-08 22:07:06 +02:00 · 2021-05-08 22:07:06 +02:00 · 445348f9a2
commit 445348f9a2
parent 676f05aa90
10 changed files with 40 additions and 38 deletions
--- a/charts/argo-workflows/ci/enable-metrics-values.yaml
+++ b/charts/argo-workflows/ci/enable-metrics-values.yaml
@ -3,3 +3,5 @@ controller:
    enabled: true
  metricsConfig:
    enabled: true
+  telemetryConfig:
+    enabled: true
--- a/charts/argo-workflows/templates/_helpers.tpl
+++ b/charts/argo-workflows/templates/_helpers.tpl
@ -64,10 +64,10 @@ app.kubernetes.io/component: {{ .component }}
 Create the name of the server service account to use
 */}}
 {{- define "argo-workflows.serverServiceAccountName" -}}
-{{- if .Values.server.createServiceAccount -}}
-    {{ default (include "argo-workflows.fullname" .) .Values.server.serviceAccount }}
+{{- if .Values.server.serviceAccount.create -}}
+    {{ default (include "argo-workflows.fullname" .) .Values.server.serviceAccount.name }}
 {{- else -}}
-    {{ default "default" .Values.server.serviceAccount }}
+    {{ default "default" .Values.server.serviceAccount.name }}
 {{- end -}}
 {{- end -}}

@ -75,10 +75,10 @@ Create the name of the server service account to use
 Create the name of the controller service account to use
 */}}
 {{- define "argo-workflows.controllerServiceAccountName" -}}
-{{- if .Values.controller.createServiceAccount -}}
-    {{ default (include "argo-workflows.fullname" .) .Values.controller.serviceAccount }}
+{{- if .Values.controller.serviceAccount.create -}}
+    {{ default (include "argo-workflows.fullname" .) .Values.controller.serviceAccount.name }}
 {{- else -}}
-    {{ default "default" .Values.controller.serviceAccount }}
+    {{ default "default" .Values.controller.serviceAccount.name }}
 {{- end -}}
 {{- end -}}

@ -107,7 +107,7 @@ Return the appropriate service layout for ingress
 - backend:
    service:
      name: {{ .serviceName }}
-      port: 
+      port:
        number: {{ .servicePort }}
  pathType: ImplementationSpecific
 {{- end -}}
--- a/charts/argo-workflows/templates/controller/workflow-controller-crb.yaml
+++ b/charts/argo-workflows/templates/controller/workflow-controller-crb.yaml
@ -18,10 +18,10 @@ roleRef:
  name: {{ template "argo-workflows.controller.fullname" . }}
 subjects:
  - kind: ServiceAccount
-    name: {{ .Values.controller.serviceAccount }}
+    name: {{ template "argo-workflows.controllerServiceAccountName" . }}
    namespace: {{ .Release.Namespace }}
 {{- if .Values.controller.workflowNamespaces }}
-{{- $uiServiceAccount := .Values.controller.serviceAccount }}
+{{- $uiServiceAccount := (include "argo-workflows.controllerServiceAccountName" .) }}
 {{- $namespace := .Release.Namespace }}
 {{- range $key := .Values.controller.workflowNamespaces }}
  {{- if not (eq $key $namespace) }}
@ -44,5 +44,5 @@ roleRef:
  name: {{ template "argo-workflows.controller.fullname" . }}-cluster-template
 subjects:
  - kind: ServiceAccount
-    name: {{ .Values.controller.serviceAccount }}
+    name: {{ template "argo-workflows.controllerServiceAccountName" . }}
    namespace: {{ .Release.Namespace }}
--- a/charts/argo-workflows/templates/controller/workflow-controller-sa.yaml
+++ b/charts/argo-workflows/templates/controller/workflow-controller-sa.yaml
@ -2,7 +2,7 @@ apiVersion: v1
 kind: ServiceAccount
 metadata:
  name: {{ template "argo-workflows.controllerServiceAccountName" . }}
-  {{ with .Values.controller.serviceAccountAnnotations }}
+  {{ with .Values.controller.serviceAccount.annotations }}
  annotations:
    {{- toYaml .| nindent 4 }}
  {{- end }}
--- a/charts/argo-workflows/templates/controller/workflow-controller-service.yaml
+++ b/charts/argo-workflows/templates/controller/workflow-controller-service.yaml
@ -16,14 +16,14 @@ metadata:
 spec:
  ports:
  {{- if .Values.controller.metricsConfig.enabled }}
-  - name: {{ .Values.controller.metricsServicePortName }}
-    port: {{ .Values.controller.metricsServicePort }}
+  - name: {{ .Values.controller.metricsConfig.servicePortName }}
+    port: {{ .Values.controller.metricsConfig.servicePort }}
    protocol: TCP
    targetPort: {{ .Values.controller.metricsConfig.port }}
  {{- end }}
  {{- if .Values.controller.telemetryConfig.enabled }}
-  - name: {{ .Values.controller.telemetryServicePortName }}
-    port: {{ .Values.controller.telemetryServicePort }}
+  - name: {{ .Values.controller.telemetryConfig.servicePortName }}
+    port: {{ .Values.controller.telemetryConfig.servicePort }}
    protocol: TCP
    targetPort: {{ .Values.controller.telemetryConfig.port }}
  {{- end }}
--- a/charts/argo-workflows/templates/controller/workflow-controller-servicemonitor.yaml
+++ b/charts/argo-workflows/templates/controller/workflow-controller-servicemonitor.yaml
@ -10,14 +10,14 @@ metadata:
    {{- end }}
 spec:
  endpoints:
-  {{- with .Values.controller.metricsConfig.enabled }}
+  {{- if .Values.controller.metricsConfig.enabled }}
    - port: metrics
-      path: {{ . }}
+      path: {{ .Values.controller.metricsConfig.path }}
      interval: 30s
  {{- end }}
-  {{- with .Values.controller.telemetryConfig.enabled }}
+  {{- if .Values.controller.telemetryConfig.enabled }}
    - port: telemetry
-      path: {{ . }}
+      path: {{ .Values.controller.telemetryConfig.path }}
      interval: 30s
  {{- end }}
  namespaceSelector:
--- a/charts/argo-workflows/templates/server/server-crb.yaml
+++ b/charts/argo-workflows/templates/server/server-crb.yaml
@ -1,4 +1,4 @@
-{{- if and .Values.server.enabled .Values.server.createServiceAccount -}}
+{{- if and .Values.server.enabled .Values.server.serviceAccount.create -}}
 apiVersion: rbac.authorization.k8s.io/v1
 {{- if .Values.singleNamespace }}
 kind: RoleBinding
@ -19,7 +19,7 @@ roleRef:
  name: {{ template "argo-workflows.server.fullname" . }}
 subjects:
 - kind: ServiceAccount
-  name: {{ .Values.server.serviceAccount }}
+  name: {{ template "argo-workflows.serverServiceAccountName" . }}
  namespace: {{ .Release.Namespace }}
 ---
 apiVersion: rbac.authorization.k8s.io/v1
@ -34,6 +34,6 @@ roleRef:
  name: {{ template "argo-workflows.server.fullname" . }}-cluster-template
 subjects:
 - kind: ServiceAccount
-  name: {{ .Values.server.serviceAccount }}
+  name: {{ template "argo-workflows.serverServiceAccountName" . }}
  namespace: {{ .Release.Namespace }}
 {{- end -}}
--- a/charts/argo-workflows/templates/server/server-deployment.yaml
+++ b/charts/argo-workflows/templates/server/server-deployment.yaml
@ -24,7 +24,7 @@ spec:
        {{- toYaml .Values.server.podAnnotations | nindent 8 }}
      {{- end }}
    spec:
-      serviceAccountName: {{ .Values.server.serviceAccount | quote }}
+      serviceAccountName: {{ template "argo-workflows.serverServiceAccountName" . }}
      {{- with .Values.server.podSecurityContext }}
      securityContext:
        {{- toYaml . | nindent 8 }}
--- a/charts/argo-workflows/templates/server/server-sa.yaml
+++ b/charts/argo-workflows/templates/server/server-sa.yaml
@ -1,9 +1,9 @@
-{{- if and .Values.server.enabled .Values.server.createServiceAccount -}}
+{{- if and .Values.server.enabled .Values.server.serviceAccount.create -}}
 apiVersion: v1
 kind: ServiceAccount
 metadata:
  name: {{ template "argo-workflows.serverServiceAccountName" . }}
-  {{- with .Values.server.serviceAccountAnnotations  }}
+  {{- with .Values.server.serviceAccount.annotations  }}
  annotations:
    {{- toYaml . | indent 4 }}
  {{- end }}
--- a/charts/argo-workflows/values.yaml
+++ b/charts/argo-workflows/values.yaml
@ -44,6 +44,8 @@ controller:
    enabled: false
    path: /metrics
    port: 9090
+    servicePort: 8080
+    servicePortName: metrics
  # the controller container's securityContext
  securityContext:
    readOnlyRootFilesystem: true
@ -84,12 +86,16 @@ controller:
    enabled: false
    path: /telemetry
    port: 8081
+    servicePort: 8081
+    servicePortName: telemetry
  serviceMonitor:
    enabled: false
    additionalLabels: {}
-  serviceAccount: argo
-  # Service account annotations
-  serviceAccountAnnotations: {}
+  serviceAccount:
+    create: true
+    name: argo
+    # Annotations applied to created service account
+    annotations: {}
  name: workflow-controller
  workflowNamespaces:
    - default
@ -106,10 +112,6 @@ controller:
    level: info
    globallevel: "0"
  serviceType: ClusterIP
-  metricsServicePort: 8080
-  metricsServicePortName: metrics
-  telemetryServicePort: 8081
-  telemetryServicePortName: telemetry
  # Annotations to be applied to the controller Service
  serviceAnnotations: {}
  # Optional labels to add to the controller Service
@ -183,12 +185,10 @@ server:
  serviceType: ClusterIP
  servicePort: 2746
  # servicePortName: http
-  serviceAccount: argo-server
-  # Whether to create the service account with the name specified in
-  # server.serviceAccount and bind it to the server role.
-  createServiceAccount: true
-  # Service account annotations
-  serviceAccountAnnotations: {}
+  serviceAccount:
+    create: true
+    name: argo-server
+    annotations: {}
  # Annotations to be applied to the UI Service
  serviceAnnotations: {}
  # Optional labels to add to the UI Service