From 00bfb2e84a3cbbce501d5e23cf112772cae6eb0e Mon Sep 17 00:00:00 2001 From: Adam Jacques Date: Tue, 21 Mar 2023 06:37:08 -0700 Subject: [PATCH] Fix several Helm YAML issues with extraModules and extraInitContainers (#9709) * Fix indention issue for DaemonSets when using extraModules and extraInitContainers * Improve documentation * Unify and fix templating * Enable support for the opentelemetry from values.yaml --- .../templates/controller-daemonset.yaml | 19 ++++++++----------- .../templates/controller-deployment.yaml | 2 +- charts/ingress-nginx/values.yaml | 2 ++ 3 files changed, 11 insertions(+), 12 deletions(-) diff --git a/charts/ingress-nginx/templates/controller-daemonset.yaml b/charts/ingress-nginx/templates/controller-daemonset.yaml index efa273dac..bce21a7d6 100644 --- a/charts/ingress-nginx/templates/controller-daemonset.yaml +++ b/charts/ingress-nginx/templates/controller-daemonset.yaml @@ -178,17 +178,14 @@ spec: {{- end }} {{- if .Values.controller.extraModules }} {{- range .Values.controller.extraModules }} - - name: {{ .Name }} - image: {{ .Image }} - command: ['sh', '-c', '/usr/local/bin/init_module.sh'] - {{- if (or $.Values.controller.containerSecurityContext .containerSecurityContext) }} - securityContext: {{ .containerSecurityContext | default $.Values.controller.containerSecurityContext | toYaml | nindent 14 }} - {{- end }} - volumeMounts: - - name: modules - mountPath: /modules_mount + {{ $containerSecurityContext := .containerSecurityContext | default $.Values.controller.containerSecurityContext }} +{{ include "extraModules" (dict "name" .name "image" .image "containerSecurityContext" $containerSecurityContext) | indent 8 }} {{- end }} {{- end }} + {{- if .Values.controller.opentelemetry.enabled}} + {{ $otelContainerSecurityContext := $.Values.controller.opentelemetry.containerSecurityContext | default $.Values.controller.containerSecurityContext }} + {{- include "extraModules" (dict "name" "opentelemetry" "image" .Values.controller.opentelemetry.image "containerSecurityContext" $otelContainerSecurityContext) | nindent 8}} + {{- end}} {{- end }} {{- if .Values.controller.hostNetwork }} hostNetwork: {{ .Values.controller.hostNetwork }} @@ -207,9 +204,9 @@ spec: {{- end }} serviceAccountName: {{ template "ingress-nginx.serviceAccountName" . }} terminationGracePeriodSeconds: {{ .Values.controller.terminationGracePeriodSeconds }} - {{- if (or .Values.controller.customTemplate.configMapName .Values.controller.extraVolumeMounts .Values.controller.admissionWebhooks.enabled .Values.controller.extraVolumes .Values.controller.extraModules) }} + {{- if (or .Values.controller.customTemplate.configMapName .Values.controller.extraVolumeMounts .Values.controller.admissionWebhooks.enabled .Values.controller.extraVolumes .Values.controller.extraModules .Values.controller.opentelemetry.enabled) }} volumes: - {{- if .Values.controller.extraModules }} + {{- if (or .Values.controller.extraModules .Values.controller.opentelemetry.enabled)}} - name: modules emptyDir: {} {{- end }} diff --git a/charts/ingress-nginx/templates/controller-deployment.yaml b/charts/ingress-nginx/templates/controller-deployment.yaml index 36d7670e3..323d87623 100644 --- a/charts/ingress-nginx/templates/controller-deployment.yaml +++ b/charts/ingress-nginx/templates/controller-deployment.yaml @@ -185,7 +185,7 @@ spec: {{- if .Values.controller.extraModules }} {{- range .Values.controller.extraModules }} {{ $containerSecurityContext := .containerSecurityContext | default $.Values.controller.containerSecurityContext }} - {{- include "extraModules" (dict "name" .name "image" .image "containerSecurityContext" $containerSecurityContext | nindent 8) }} +{{ include "extraModules" (dict "name" .name "image" .image "containerSecurityContext" $containerSecurityContext) | indent 8 }} {{- end }} {{- end }} {{- if .Values.controller.opentelemetry.enabled}} diff --git a/charts/ingress-nginx/values.yaml b/charts/ingress-nginx/values.yaml index f043c17cb..1a538f810 100644 --- a/charts/ingress-nginx/values.yaml +++ b/charts/ingress-nginx/values.yaml @@ -527,6 +527,8 @@ controller: # -- Modules, which are mounted into the core nginx image. See values.yaml for a sample to add opentelemetry module extraModules: [] + # - name: mytestmodule + # image: registry.k8s.io/ingress-nginx/mytestmodule # containerSecurityContext: # allowPrivilegeEscalation: false #