Merge pull request #31 from TJM:fix/cleanup-opts

docs: update documentation, no functional changes
TJM · Apr 21, 2022 · c1fc08d · c1fc08d
2 parents 1f23808 + e83ab94
commit c1fc08d
Show file tree

Hide file tree

Showing 5 changed files with 15 additions and 45 deletions.
diff --git a/README.md b/README.md
@@ -8,16 +8,18 @@ images from a private GCR repository.
 
 NOTE: We are using this code in the production environment. You may use it at your own risk.
 
+See helm chart readme: [charts/vault-gcp-secrets/README.md]<charts/vault-gcp-secrets/README.md>
+
 ## Prerequisites
 
 * Google Cloud Platform (GCP) Account setup with Vault
 * AppRole or Kubernetes authentication to Vault
 
 ## Installation
 
-* helm repo add vault-gcp-secrets https://tjm.github.io/vault-gcp-secrets/
-* helm repo update
-* helm install vault-gcp-secrets/vault-gcp-secrets
+* `helm repo add vault-gcp-secrets https://tjm.github.io/vault-gcp-secrets/`
+* `helm repo update`
+* `helm install vault-gcp-secrets vault-gcp-secrets/vault-gcp-secrets`
 
 NOTE: You will most likely need to set some values, like authentication method, path, etc.
 

diff --git a/charts/vault-gcp-secrets/Chart.yaml b/charts/vault-gcp-secrets/Chart.yaml
@@ -5,5 +5,5 @@ home: https://github.com/TJM/vault-gcp-secrets
 # icon: https://raw.githubusercontent.com/TJM/vault-gcp-secrets/master/assets/logo.png
 maintainers:
   - name: TJM  # Tommy McNeely
-version: 0.8.0
+version: 0.8.1
 appVersion: 1.10.0  # REMINDER: update README and values.yaml
diff --git a/charts/vault-gcp-secrets/README.md b/charts/vault-gcp-secrets/README.md
@@ -10,8 +10,6 @@ NOTE: We are using this code in the production environment. You may use it at yo
 
 | Value | Description | Default |
 | ----- | ----------- | ------- |
-| `replicaCount` | Number of replications which should be created. | `1` |
-| `deploymentStrategy` | Deployment strategy which should be used. | `{}` |
 | `image.repository` | The repository of the Docker image. | `ghcr.io/tjm/vault-gcp-secrets` |
 | `image.tag` | The tag of the Docker image which should be used. | `v1.10.0` |
 | `image.pullPolicy` | The pull policy for the Docker image, | `IfNotPresent` |
@@ -21,11 +19,10 @@ NOTE: We are using this code in the production environment. You may use it at yo
 | `fullnameOverride` | Override the name of the app. | `""` |
 | `environmentVars` | Pass environment variables from a secret to the containers. | `[]` |
 | `vault.address` | The address where Vault listen on (e.g. `http://vault.example.com`). | `"http://vault:8200"` |
-| `vault.authMethod` | The authentication method, which should be used by the operator. Can be `kubernetes` ([Kubernetes auth method](https://www.vaultproject.io/docs/auth/kubernetes.html)), or `approle` ([AppRole auth method](https://www.vaultproject.io/docs/auth/approle)). | `kubernetes` |
-| `vault.kubernetesPath` | If the Kubernetes auth method is used, this is the path where the Kubernetes auth method is enabled. | `auth/kubernetes` |
+| `vault.authMethod` | The authentication method, which should be used by the operator. Can be `kubernetes` ([Kubernetes auth method](https://www.vaultproject.io/docs/auth/kubernetes.html)), or `approle` ([AppRole auth method](https://www.vaultproject.io/docs/auth/approle)). NOTE: `approle` requires `vault.credentialSecretName` and `kubernetes` requires `vault.kubernetesRole`  | `kubernetes` |
+| `vault.authMountPath` | Authentication Mount Path in Vault (which defaults to auth/(authMethod)) | `null` |
+| `vault.credentialSecretName` | Secret used for approle authentication, must be used for approle authMethod. Must have keys `role_id` and `secret_id`. | `null` |
 | `vault.kubernetesRole` | The name of the role which is configured for the Kubernetes auth method. | `vault-gcp-secrets` |
-| `vault.appRolePath` | If the AppRole auth method is used, this is the path where the AppRole auth method is enabled. | `auth/approle` |
-| `vault.reconciliationTime` | The time after which the reconcile function for the CR is rerun. If the value is 0, automatic reconciliation is skipped. | `0` |
 | `rbac.create` | Create RBAC object, enable Role and Role binding creation. | `true` |
 | `rbac.createrole` | Finetune RBAC, enable or disable Role creation. NOTE: ignored when `rbac.create` is not `true`. | `true` |
 | `serviceAccount.create` | Create the service account. | `true` |
@@ -34,16 +31,10 @@ NOTE: We are using this code in the production environment. You may use it at yo
 | `podSecurityContext`: | Security context policies to add to the operator pod. | `{}` |
 | `securityContext`: | Security context policies to add to the containers. | `{}` |
 | `podLabels` | Additional labels for the vault-gcp-secrets pod(s). | `{}` |
-| `testPodAnnotations` | Annotations for vault-gcp-secrets-test-connection pod. | `{}` |
-| `testPodLabels` | Additional labels for the vault-gcp-secrets-test-connection pod. | `{}` |
-| `resources` | Set resources for the operator. | `{}` |
+| `resources` | Set resources for the operator. (see values.yaml for example) | `{}` |
 | `volumes` | Provide additional volumns for the container. | `[]` |
 | `nodeSelector` | Set a node selector. | `{}` |
 | `tolerations` | Set tolerations. | `[]` |
-| `serviceMonitor.enabled` | Enable the creation of a ServiceMonitor for the Prometheus Operator. | `false` |
-| `serviceMonitor.labels` | Additional labels which should be set for the ServiceMonitor. | `{}` |
-| `serviceMonitor.interval` | Scrape interval. | `10s` |
-| `serviceMonitor.scrapeTimeout` | Scrape timeout. | `10s` |
-| `serviceMonitor.honorLabels` | Honor labels option. | `true` |
-| `serviceMonitor.relabelings` | Additional relabeling config for the ServiceMonitor. | `[]` |
 | `priorityClassName` | Optionally attach priority class to pod spec. | `null` |
+| `replicaCount` | Number of replications which should be created (recommend leaving this as 1). | `1` |
+| `deploymentStrategy` | Deployment strategy which should be used. | `{}` |
diff --git a/charts/vault-gcp-secrets/templates/_helpers.tpl b/charts/vault-gcp-secrets/templates/_helpers.tpl
@@ -61,24 +61,6 @@ Additional pod annotations
 {{- end }}
 {{- end -}}
 
-{{/*
-Additional test-connection pod annotations
-*/}}
-{{- define "vault-gcp-secrets.testPodAnnotations" -}}
-{{- if .Values.testPodAnnotations }}
-{{- toYaml .Values.testPodAnnotations }}
-{{- end }}
-{{- end }}
-
-{{/*
-Additional test-connection pod labels
-*/}}
-{{- define "vault-gcp-secrets.testPodLabels" -}}
-{{- if .Values.testPodLabels }}
-{{- toYaml .Values.testPodLabels }}
-{{- end }}
-{{- end }}
-
 {{/*
 Create the name of the service account to use.
 */}}

diff --git a/charts/vault-gcp-secrets/values.yaml b/charts/vault-gcp-secrets/values.yaml
@@ -1,8 +1,5 @@
 # Values for vault-gcp-secrets
 
-replicaCount: 1
-deploymentStrategy: {}
-
 image:
   repository: ghcr.io/tjm/vault-gcp-secrets
   tag: v1.10.0
@@ -92,11 +89,6 @@ podSecurityContext: {}
 
 securityContext: {}
 
-# Annotations for the vault-gcp-secrets-test-connection pod
-testPodAnnotations: {}
-
-# Additional labels for the vault-gcp-secrets-test-connection pod
-testPodLabels: {}
 
 resources: {}
   # We usually recommend not to specify default resources and to leave this as a conscious
@@ -123,3 +115,6 @@ nodeSelector: {}
 tolerations: []
 
 affinity: {}
+
+replicaCount: 1  # Don't change this
+deploymentStrategy: {}