From 7b0c3988a612c03145a03905ff9ecb86be49c5ac Mon Sep 17 00:00:00 2001 From: sirpalmeirao Date: Tue, 18 Jun 2024 18:36:02 +0100 Subject: [PATCH] feat: add dnsConfig to Atlantis (#397) * feat: add dnsConfig to Atlantis --------- Co-authored-by: Alvaro Palmeirao Co-authored-by: Gabriel Martinez <19713226+GMartinez-Sisti@users.noreply.github.com> --- charts/atlantis/Chart.yaml | 2 +- charts/atlantis/README.md | 2 + charts/atlantis/templates/statefulset.yaml | 19 ++++++++ charts/atlantis/values.schema.json | 53 +++++++++++++++++++++- charts/atlantis/values.yaml | 13 ++++++ 5 files changed, 87 insertions(+), 2 deletions(-) diff --git a/charts/atlantis/Chart.yaml b/charts/atlantis/Chart.yaml index 85fde63a..622f67e6 100644 --- a/charts/atlantis/Chart.yaml +++ b/charts/atlantis/Chart.yaml @@ -3,7 +3,7 @@ apiVersion: v1 appVersion: v0.28.1 description: A Helm chart for Atlantis https://www.runatlantis.io name: atlantis -version: 5.1.3 +version: 5.2.0 keywords: - terraform home: https://www.runatlantis.io diff --git a/charts/atlantis/README.md b/charts/atlantis/README.md index 0cfee6bd..02b719f3 100644 --- a/charts/atlantis/README.md +++ b/charts/atlantis/README.md @@ -94,6 +94,8 @@ extraManifests: | disableApply | bool | `false` | Disables running `atlantis apply` regardless of which flags are sent with it. | | disableApplyAll | bool | `false` | Disables running `atlantis apply` without any flags. | | disableRepoLocking | bool | `false` | Stops atlantis locking projects and or workspaces when running terraform. | +| dnsConfig | object | `{}` | Optionally specify dnsConfig for the Atlantis pod. Check values.yaml for examples. | +| dnsPolicy | string | `"ClusterFirst"` | Optionally specify dnsPolicy parameter to specify a DNS policy for a pod Check https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/#pod-s-dns-policy | | enableDiffMarkdownFormat | bool | `false` | Use Diff Markdown Format for color coding diffs. | | enableKubernetesBackend | bool | `false` | Optionally deploy rbac to allow for the serviceAccount to manage terraform state via the kubernetes backend. | | environment | object | `{}` | Environtment values to add to the Atlantis pod. Check values.yaml for examples. | diff --git a/charts/atlantis/templates/statefulset.yaml b/charts/atlantis/templates/statefulset.yaml index 98134567..5f5f7a86 100644 --- a/charts/atlantis/templates/statefulset.yaml +++ b/charts/atlantis/templates/statefulset.yaml @@ -41,6 +41,25 @@ spec: {{- toYaml .Values.podTemplate.annotations | nindent 8 }} {{- end }} spec: + {{- if and (or .Values.dnsPolicy (.Values.dnsPolicy and .Values.dnsConfig)) (ne .Values.dnsPolicy "ClusterFirst") }} + dnsPolicy: {{ .Values.dnsPolicy}} + {{- end }} + {{- if or .Values.dnsConfig (eq .Values.dnsPolicy "None") }} + {{- if not .Values.dnsConfig }} + {{- fail "dnsPolicy is set to 'None', but dnsConfig is not provided" }} + {{- end }} + dnsConfig: + nameservers: + {{- range .Values.dnsConfig.nameservers }} + - {{ . }} + {{- end }} + {{- if .Values.dnsConfig.searches }} + searches: + {{- range .Values.dnsConfig.searches }} + - {{ . }} + {{- end }} + {{- end }} + {{- end }} {{- if .Values.hostAliases }} hostAliases: {{- range .Values.hostAliases }} diff --git a/charts/atlantis/values.schema.json b/charts/atlantis/values.schema.json index 8163ab6e..164e740c 100644 --- a/charts/atlantis/values.schema.json +++ b/charts/atlantis/values.schema.json @@ -584,7 +584,7 @@ "type": [ "integer", "null" - ], + ], "description": "Set terminationGracePeriodSeconds for the StatefulSet." }, "ingress": { @@ -1050,6 +1050,39 @@ } ] }, + "dnsPolicy": { + "type": "string", + "default": "ClusterFirst", + "description": "dnsPolicy for Atlantis pods", + "enum": [ + "ClusterFirst", + "Default", + "ClusterFirstWithHostNet", + "None" + ], + "examples": [ + "ClusterFirst", + "Default", + "ClusterFirstWithHostNet", + "None" + ] + }, + "dnsConfig": { + "description": "Specify dnsConfig for Atlantis containers.", + "items": { + "$ref": "#/definitions/io.k8s.api.core.v1.DnsConfig" + }, + "type": "object", + "default": [], + "examples": [ + { + "nameservers": "8.8.8.8", + "searches": [ + "mydomain.com" + ] + } + ] + }, "hostNetwork": { "type": "boolean", "description": "Use the host's network namespace.", @@ -1232,6 +1265,24 @@ "type": "object", "additionalProperties": false }, + "io.k8s.api.core.v1.DnsConfig": { + "description": "DnsConfig ", + "properties": { + "nameservers": { + "description": "a list of IP addresses that will be used as DNS servers for the search domain.", + "items": { + "type": "string" + }, + "type": "array" + }, + "searches": { + "description": "A list of DNS search domains for hostname lookup.", + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, "io.k8s.api.core.v1.Container": { "description": "A single application container that you want to run within a pod.", "properties": { diff --git a/charts/atlantis/values.yaml b/charts/atlantis/values.yaml index 75884bc4..b5567c6e 100644 --- a/charts/atlantis/values.yaml +++ b/charts/atlantis/values.yaml @@ -608,6 +608,19 @@ hostAliases: [] # - bbb.com # ip: 10.0.0.2 +# -- Optionally specify dnsPolicy parameter to specify a DNS policy for a pod +# Check https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/#pod-s-dns-policy +dnsPolicy: "ClusterFirst" + +# -- Optionally specify dnsConfig for the Atlantis pod. +# Check values.yaml for examples. +dnsConfig: {} +# dnsConfig: +# nameservers: +# - 8.8.8.8 +# searches: +# - mydomain.com + hostNetwork: false # - These annotations will be added to all the resources.