Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

helm: add imagePullSecrets for helm charts #3906

Merged
merged 1 commit into from
Jun 16, 2023
Merged

helm: add imagePullSecrets for helm charts #3906

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions charts/ceph-csi-cephfs/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -121,6 +121,7 @@ charts and their default values.
| `nodeplugin.name` | Specifies the nodeplugin name | `nodeplugin` |
| `nodeplugin.updateStrategy` | Specifies the update Strategy. If you are using ceph-fuse client set this value to OnDelete | `RollingUpdate` |
| `nodeplugin.priorityClassName` | Set user created priorityclassName for csi plugin pods. default is system-node-critical which is highest priority | `system-node-critical` |
| `nodeplugin.imagePullSecrets` | Specifies imagePullSecrets for containers | `[]` |
| `nodeplugin.profiling.enabled` | Specifies whether profiling should be enabled | `false` |
| `nodeplugin.registrar.image.repository` | Node-Registrar image repository URL | `registry.k8s.io/sig-storage/csi-node-driver-registrar` |
| `nodeplugin.registrar.image.tag` | Image tag | `v2.8.0` |
Expand All @@ -141,6 +142,7 @@ charts and their default values.
| `provisioner.setmetadata` | Set metadata on volume | `true` |
| `provisioner.priorityClassName` | Set user created priorityclassName for csi provisioner pods. Default is `system-cluster-critical` which is less priority than `system-node-critical` | `system-cluster-critical` |
| `provisioner.enableHostNetwork` | Specifies whether hostNetwork is enabled for provisioner pod. | `false` |
| `provisioner.imagePullSecrets` | Specifies imagePullSecrets for containers | `[]` |
| `provisioner.profiling.enabled` | Specifies whether profiling should be enabled | `false` |
| `provisioner.provisioner.image.repository` | Specifies the csi-provisioner image repository URL | `registry.k8s.io/sig-storage/csi-provisioner` |
| `provisioner.provisioner.image.tag` | Specifies image tag | `v3.5.0` |
Expand Down
4 changes: 4 additions & 0 deletions charts/ceph-csi-cephfs/templates/nodeplugin-daemonset.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -37,6 +37,10 @@ spec:
# to use e.g. Rook orchestrated cluster, and mons' FQDN is
# resolved through k8s service, set dns policy to cluster first
dnsPolicy: ClusterFirstWithHostNet
{{- if .Values.nodeplugin.imagePullSecrets }}
imagePullSecrets:
{{ toYaml .Values.nodeplugin.imagePullSecrets | indent 8 -}}
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Could you show in an example what value you would pass? I would expect something like this instead:

 - name: {{ .Values.nodeplugin.imagePullSecrets }}

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Here you should provide an array like:

imagePullSecrets:
  - name: my-secret-a
  - name: my-secret-b

This part in fact is copied from csi-driver-nfs:

https://github.com/kubernetes-csi/csi-driver-nfs/blob/862cb036e3f0d7c3fe28d2b127a6f96335b15309/charts/v4.3.0/csi-driver-nfs/values.yaml#L127-L131

https://github.com/kubernetes-csi/csi-driver-nfs/blob/862cb036e3f0d7c3fe28d2b127a6f96335b15309/charts/v4.3.0/csi-driver-nfs/templates/csi-nfs-controller.yaml#L20-L23

And It is a recommended way rather than:

imagePullSecrets:
  - name: {{ .Values.nodeplugin.imagePullSecret }}

In this way you can not provide multiple secrets. And maybe there are other fields (no just name only).

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ok, thanks for the clarification!

{{- end }}
containers:
- name: driver-registrar
# This is necessary only for systems with SELinux, where
Expand Down
4 changes: 4 additions & 0 deletions charts/ceph-csi-cephfs/templates/provisioner-deployment.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -61,6 +61,10 @@ spec:
hostNetwork: {{ .Values.provisioner.enableHostNetwork }}
{{- if .Values.provisioner.priorityClassName }}
priorityClassName: {{ .Values.provisioner.priorityClassName }}
{{- end }}
{{- if .Values.provisioner.imagePullSecrets }}
imagePullSecrets:
{{ toYaml .Values.provisioner.imagePullSecrets | indent 8 -}}
{{- end }}
containers:
- name: csi-provisioner
Expand Down
10 changes: 10 additions & 0 deletions charts/ceph-csi-cephfs/values.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -81,6 +81,11 @@ nodeplugin:
loadBalancerIP: ""
loadBalancerSourceRanges: []

## Reference to one or more secrets to be used when pulling images
##
imagePullSecrets: []
# - name: "image-pull-secret"

profiling:
enabled: false

Expand Down Expand Up @@ -168,6 +173,11 @@ provisioner:
loadBalancerIP: ""
loadBalancerSourceRanges: []

## Reference to one or more secrets to be used when pulling images
##
imagePullSecrets: []
# - name: "image-pull-secret"

profiling:
enabled: false

Expand Down
2 changes: 2 additions & 0 deletions charts/ceph-csi-rbd/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -123,6 +123,7 @@ charts and their default values.
| `nodeplugin.name` | Specifies the nodeplugins name | `nodeplugin` |
| `nodeplugin.updateStrategy` | Specifies the update Strategy. If you are using ceph-fuse client set this value to OnDelete | `RollingUpdate` |
| `nodeplugin.priorityClassName` | Set user created priorityclassName for csi plugin pods. default is system-node-critical which is highest priority | `system-node-critical` |
| `nodeplugin.imagePullSecrets` | Specifies imagePullSecrets for containers | `[]` |
| `nodeplugin.profiling.enabled` | Specifies whether profiling should be enabled | `false` |
| `nodeplugin.registrar.image.repository` | Node Registrar image repository URL | `registry.k8s.io/sig-storage/csi-node-driver-registrar` |
| `nodeplugin.registrar.image.tag` | Image tag | `v2.8.0` |
Expand All @@ -147,6 +148,7 @@ charts and their default values.
| `provisioner.setmetadata` | Set metadata on volume | `true` |
| `provisioner.priorityClassName` | Set user created priorityclassName for csi provisioner pods. Default is `system-cluster-critical` which is less priority than `system-node-critical` | `system-cluster-critical` |
| `provisioner.enableHostNetwork` | Specifies whether hostNetwork is enabled for provisioner pod. | `false` |
| `provisioner.imagePullSecrets` | Specifies imagePullSecrets for containers | `[]` |
| `provisioner.profiling.enabled` | Specifies whether profiling should be enabled | `false` |
| `provisioner.provisioner.image.repository` | Specifies the csi-provisioner image repository URL | `registry.k8s.io/sig-storage/csi-provisioner` |
| `provisioner.provisioner.image.tag` | Specifies image tag | `v3.5.0` |
Expand Down
4 changes: 4 additions & 0 deletions charts/ceph-csi-rbd/templates/nodeplugin-daemonset.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -37,6 +37,10 @@ spec:
# to use e.g. Rook orchestrated cluster, and mons' FQDN is
# resolved through k8s service, set dns policy to cluster first
dnsPolicy: ClusterFirstWithHostNet
{{- if .Values.nodeplugin.imagePullSecrets }}
imagePullSecrets:
{{ toYaml .Values.nodeplugin.imagePullSecrets | indent 8 -}}
{{- end }}
containers:
- name: driver-registrar
# This is necessary only for systems with SELinux, where
Expand Down
4 changes: 4 additions & 0 deletions charts/ceph-csi-rbd/templates/provisioner-deployment.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -61,6 +61,10 @@ spec:
hostNetwork: {{ .Values.provisioner.enableHostNetwork }}
{{- if .Values.provisioner.priorityClassName }}
priorityClassName: {{ .Values.provisioner.priorityClassName }}
{{- end }}
{{- if .Values.provisioner.imagePullSecrets }}
imagePullSecrets:
{{ toYaml .Values.provisioner.imagePullSecrets | indent 8 -}}
{{- end }}
containers:
- name: csi-provisioner
Expand Down
10 changes: 10 additions & 0 deletions charts/ceph-csi-rbd/values.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -103,6 +103,11 @@ nodeplugin:
loadBalancerIP: ""
loadBalancerSourceRanges: []

## Reference to one or more secrets to be used when pulling images
##
imagePullSecrets: []
# - name: "image-pull-secret"

profiling:
# enable profiling to check for memory leaks
enabled: false
Expand Down Expand Up @@ -200,6 +205,11 @@ provisioner:
loadBalancerIP: ""
loadBalancerSourceRanges: []

## Reference to one or more secrets to be used when pulling images
##
imagePullSecrets: []
# - name: "image-pull-secret"

profiling:
# enable profiling to check for memory leaks
enabled: false
Expand Down