From e80a71c51287511c6ae5609558ada5abbcccbe40 Mon Sep 17 00:00:00 2001 From: Pradeep Lakshmi Narasimha Date: Thu, 19 Sep 2024 13:26:03 +0530 Subject: [PATCH] feature: Added test.imagePullSecrets config in values.yaml (#11180) (#11195) Signed-off-by: Pradeep Lakshmi Narasimha --- charts/kyverno/Chart.yaml | 2 ++ charts/kyverno/README.md | 1 + .../templates/tests/admission-controller-liveness.yaml | 4 ++++ .../kyverno/templates/tests/admission-controller-metrics.yaml | 4 ++++ .../templates/tests/admission-controller-readiness.yaml | 4 ++++ .../kyverno/templates/tests/cleanup-controller-liveness.yaml | 4 ++++ .../kyverno/templates/tests/cleanup-controller-metrics.yaml | 4 ++++ .../kyverno/templates/tests/cleanup-controller-readiness.yaml | 4 ++++ .../kyverno/templates/tests/reports-controller-metrics.yaml | 4 ++++ charts/kyverno/values.yaml | 4 ++++ 10 files changed, 35 insertions(+) diff --git a/charts/kyverno/Chart.yaml b/charts/kyverno/Chart.yaml index 8adb331b28..57a4b819ee 100644 --- a/charts/kyverno/Chart.yaml +++ b/charts/kyverno/Chart.yaml @@ -41,6 +41,8 @@ annotations: description: ImagePullSecrets made globally configurable - kind: removed description: Deprecated configuration `features.reports.chunkSize` was removed + - kind: added + description: ImagePullSecrets made configurable for tests dependencies: - name: grafana version: v0.0.0 diff --git a/charts/kyverno/README.md b/charts/kyverno/README.md index 195997c50f..c2c6252f5c 100644 --- a/charts/kyverno/README.md +++ b/charts/kyverno/README.md @@ -728,6 +728,7 @@ The chart values are organised per component. | test.image.repository | string | `"busybox"` | Image repository | | test.image.tag | string | `"1.35"` | Image tag Defaults to `latest` if omitted | | test.image.pullPolicy | string | `nil` | Image pull policy Defaults to image.pullPolicy if omitted | +| test.imagePullSecrets | list | `[]` | Image pull secrets | | test.resources.limits | object | `{"cpu":"100m","memory":"256Mi"}` | Pod resource limits | | test.resources.requests | object | `{"cpu":"10m","memory":"64Mi"}` | Pod resource requests | | test.securityContext | object | `{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"privileged":false,"readOnlyRootFilesystem":true,"runAsGroup":65534,"runAsNonRoot":true,"runAsUser":65534,"seccompProfile":{"type":"RuntimeDefault"}}` | Security context for the test containers | diff --git a/charts/kyverno/templates/tests/admission-controller-liveness.yaml b/charts/kyverno/templates/tests/admission-controller-liveness.yaml index 9823fe3e9f..756a3092b5 100644 --- a/charts/kyverno/templates/tests/admission-controller-liveness.yaml +++ b/charts/kyverno/templates/tests/admission-controller-liveness.yaml @@ -10,6 +10,10 @@ metadata: {{- include "kyverno.test.annotations" . | nindent 4 }} spec: restartPolicy: Never + {{- with .Values.test.imagePullSecrets | default .Values.global.imagePullSecrets }} + imagePullSecrets: + {{- tpl (toYaml .) $ | nindent 4 }} + {{- end }} containers: - name: test image: {{ template "kyverno.test.image" . }} diff --git a/charts/kyverno/templates/tests/admission-controller-metrics.yaml b/charts/kyverno/templates/tests/admission-controller-metrics.yaml index 9f9dc41536..44d6c6aa49 100644 --- a/charts/kyverno/templates/tests/admission-controller-metrics.yaml +++ b/charts/kyverno/templates/tests/admission-controller-metrics.yaml @@ -10,6 +10,10 @@ metadata: {{- include "kyverno.test.annotations" . | nindent 4 }} spec: restartPolicy: Never + {{- with .Values.test.imagePullSecrets | default .Values.global.imagePullSecrets }} + imagePullSecrets: + {{- tpl (toYaml .) $ | nindent 4 }} + {{- end }} containers: - name: test image: {{ template "kyverno.test.image" . }} diff --git a/charts/kyverno/templates/tests/admission-controller-readiness.yaml b/charts/kyverno/templates/tests/admission-controller-readiness.yaml index 1ef6ca2078..093a0a28ae 100644 --- a/charts/kyverno/templates/tests/admission-controller-readiness.yaml +++ b/charts/kyverno/templates/tests/admission-controller-readiness.yaml @@ -10,6 +10,10 @@ metadata: {{- include "kyverno.test.annotations" . | nindent 4 }} spec: restartPolicy: Never + {{- with .Values.test.imagePullSecrets | default .Values.global.imagePullSecrets }} + imagePullSecrets: + {{- tpl (toYaml .) $ | nindent 4 }} + {{- end }} containers: - name: test image: {{ template "kyverno.test.image" . }} diff --git a/charts/kyverno/templates/tests/cleanup-controller-liveness.yaml b/charts/kyverno/templates/tests/cleanup-controller-liveness.yaml index 8bf743fc73..a667f6b20a 100644 --- a/charts/kyverno/templates/tests/cleanup-controller-liveness.yaml +++ b/charts/kyverno/templates/tests/cleanup-controller-liveness.yaml @@ -10,6 +10,10 @@ metadata: {{- include "kyverno.test.annotations" . | nindent 4 }} spec: restartPolicy: Never + {{- with .Values.test.imagePullSecrets | default .Values.global.imagePullSecrets }} + imagePullSecrets: + {{- tpl (toYaml .) $ | nindent 4 }} + {{- end }} containers: - name: test image: {{ template "kyverno.test.image" . }} diff --git a/charts/kyverno/templates/tests/cleanup-controller-metrics.yaml b/charts/kyverno/templates/tests/cleanup-controller-metrics.yaml index b6ceb868dc..080d7e8137 100644 --- a/charts/kyverno/templates/tests/cleanup-controller-metrics.yaml +++ b/charts/kyverno/templates/tests/cleanup-controller-metrics.yaml @@ -10,6 +10,10 @@ metadata: {{- include "kyverno.test.annotations" . | nindent 4 }} spec: restartPolicy: Never + {{- with .Values.test.imagePullSecrets | default .Values.global.imagePullSecrets }} + imagePullSecrets: + {{- tpl (toYaml .) $ | nindent 4 }} + {{- end }} containers: - name: test image: {{ template "kyverno.test.image" . }} diff --git a/charts/kyverno/templates/tests/cleanup-controller-readiness.yaml b/charts/kyverno/templates/tests/cleanup-controller-readiness.yaml index 80cbc84097..e5ef16e435 100644 --- a/charts/kyverno/templates/tests/cleanup-controller-readiness.yaml +++ b/charts/kyverno/templates/tests/cleanup-controller-readiness.yaml @@ -10,6 +10,10 @@ metadata: {{- include "kyverno.test.annotations" . | nindent 4 }} spec: restartPolicy: Never + {{- with .Values.test.imagePullSecrets | default .Values.global.imagePullSecrets }} + imagePullSecrets: + {{- tpl (toYaml .) $ | nindent 4 }} + {{- end }} containers: - name: test image: {{ template "kyverno.test.image" . }} diff --git a/charts/kyverno/templates/tests/reports-controller-metrics.yaml b/charts/kyverno/templates/tests/reports-controller-metrics.yaml index 5fdf658469..386e11f3f0 100644 --- a/charts/kyverno/templates/tests/reports-controller-metrics.yaml +++ b/charts/kyverno/templates/tests/reports-controller-metrics.yaml @@ -10,6 +10,10 @@ metadata: {{- include "kyverno.test.annotations" . | nindent 4 }} spec: restartPolicy: Never + {{- with .Values.test.imagePullSecrets | default .Values.global.imagePullSecrets }} + imagePullSecrets: + {{- tpl (toYaml .) $ | nindent 4 }} + {{- end }} containers: - name: test image: {{ template "kyverno.test.image" . }} diff --git a/charts/kyverno/values.yaml b/charts/kyverno/values.yaml index da1571a387..8201aa9e9f 100644 --- a/charts/kyverno/values.yaml +++ b/charts/kyverno/values.yaml @@ -443,6 +443,10 @@ test: # Defaults to image.pullPolicy if omitted pullPolicy: ~ + # -- Image pull secrets + imagePullSecrets: [] + # - name: secretName + resources: # -- Pod resource limits limits: