diff --git a/CHANGELOG.md b/CHANGELOG.md index 889aeaa..38cb066 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -3,6 +3,7 @@ Features: * Added configurable podDisruptionBudget for injector [GH-653](https://github.com/hashicorp/vault-helm/pull/653) * Make terminationGracePeriodSeconds configurable for server [GH-659](https://github.com/hashicorp/vault-helm/pull/659) +* Added configurable update strategy for injector [GH-661](https://github.com/hashicorp/vault-helm/pull/661) ## 0.18.0 (November 17th, 2021) diff --git a/templates/_helpers.tpl b/templates/_helpers.tpl index 731119a..12afeab 100644 --- a/templates/_helpers.tpl +++ b/templates/_helpers.tpl @@ -308,6 +308,21 @@ Sets the injector node selector for pod placement {{- end }} {{- end -}} +{{/* +Sets the injector deployment update strategy +*/}} +{{- define "injector.strategy" -}} + {{- if .Values.injector.strategy }} + strategy: + {{- $tp := typeOf .Values.injector.strategy }} + {{- if eq $tp "string" }} + {{ tpl .Values.injector.strategy . | nindent 4 | trim }} + {{- else }} + {{- toYaml .Values.injector.strategy | nindent 4 }} + {{- end }} + {{- end }} +{{- end -}} + {{/* Sets extra pod annotations */}} diff --git a/templates/injector-deployment.yaml b/templates/injector-deployment.yaml index aefbf08..95e2c2d 100644 --- a/templates/injector-deployment.yaml +++ b/templates/injector-deployment.yaml @@ -17,6 +17,7 @@ spec: app.kubernetes.io/name: {{ template "vault.name" . }}-agent-injector app.kubernetes.io/instance: {{ .Release.Name }} component: webhook + {{ template "injector.strategy" . }} template: metadata: labels: diff --git a/test/unit/injector-deployment.bats b/test/unit/injector-deployment.bats index 3bae2af..740c17a 100755 --- a/test/unit/injector-deployment.bats +++ b/test/unit/injector-deployment.bats @@ -721,3 +721,32 @@ load _helpers yq -r 'map(select(.name=="AGENT_INJECT_TEMPLATE_STATIC_SECRET_RENDER_INTERVAL")) | .[] .value' | tee /dev/stderr) [ "${value}" = "1m" ] } + +@test "injector/deployment: strategy default" { + cd `chart_dir` + local actual=$(helm template \ + --show-only templates/injector-deployment.yaml \ + . | tee /dev/stderr | + yq -r '.spec.strategy' | tee /dev/stderr) + [ "${actual}" = "null" ] +} + +@test "injector/deployment: strategy set as string" { + cd `chart_dir` + local actual=$(helm template \ + --show-only templates/injector-deployment.yaml \ + --set="injector.strategy=testing" \ + . | tee /dev/stderr | + yq -r '.spec.strategy' | tee /dev/stderr) + [ "${actual}" = "testing" ] +} + +@test "injector/deployment: strategy can be set as YAML" { + cd `chart_dir` + local actual=$(helm template \ + --show-only templates/injector-deployment.yaml \ + --set 'injector.strategy.rollingUpdate.maxUnavailable=1' \ + . | tee /dev/stderr | + yq -r '.spec.strategy.rollingUpdate.maxUnavailable' | tee /dev/stderr) + [ "${actual}" = "1" ] +} diff --git a/values.schema.json b/values.schema.json index c3b2a27..5ef61e7 100644 --- a/values.schema.json +++ b/values.schema.json @@ -349,6 +349,12 @@ } } }, + "strategy": { + "type": [ + "object", + "string" + ] + }, "tolerations": { "type": [ "null", diff --git a/values.yaml b/values.yaml index 713b858..6f88ff8 100644 --- a/values.yaml +++ b/values.yaml @@ -205,6 +205,15 @@ injector: # podDisruptionBudget: # maxUnavailable: 1 + # strategy for updating the deployment. This can be a multi-line string or a + # YAML map. + strategy: {} + # strategy: | + # rollingUpdate: + # maxSurge: 25% + # maxUnavailable: 25% + # type: RollingUpdate + server: # If not set to true, Vault server will not be installed. See vault.mode in _helpers.tpl for implementation details enabled: true