diff --git a/manifest_staging/charts/secrets-store-csi-driver/README.md b/manifest_staging/charts/secrets-store-csi-driver/README.md index 0128d261f..c60469735 100644 --- a/manifest_staging/charts/secrets-store-csi-driver/README.md +++ b/manifest_staging/charts/secrets-store-csi-driver/README.md @@ -36,6 +36,7 @@ The following table lists the configurable parameters of the csi-secrets-store-p | `linux.crds.image.repository` | Linux crds image repository | `k8s.gcr.io/csi-secrets-store/driver-crds` | | `linux.crds.image.pullPolicy` | Linux crds image pull policy | `IfNotPresent` | | `linux.crds.image.tag` | Linux crds image tag | `v1.1.2` | +| `linux.crds.podLabels` | Linux *Pod* labels appended to CRD helm hook job pods | `{}` | | `linux.affinity` | Linux affinity | `key: type; operator: NotIn; values: [virtual-kubelet]` | | `linux.driver.resources` | The resource request/limits for the linux secrets-store container image | `limits: 200m CPU, 200Mi; requests: 50m CPU, 100Mi` | | `linux.enabled` | Install secrets store csi driver on linux nodes | true | diff --git a/manifest_staging/charts/secrets-store-csi-driver/templates/crds-upgrade-hook.yaml b/manifest_staging/charts/secrets-store-csi-driver/templates/crds-upgrade-hook.yaml index c040104dc..db23c7f6c 100644 --- a/manifest_staging/charts/secrets-store-csi-driver/templates/crds-upgrade-hook.yaml +++ b/manifest_staging/charts/secrets-store-csi-driver/templates/crds-upgrade-hook.yaml @@ -87,7 +87,11 @@ spec: name: {{ template "sscd.fullname" . }}-upgrade-crds {{- if .Values.linux.crds.annotations }} annotations: - {{ toYaml .Values.linux.crds.annotations}} + {{ toYaml .Values.linux.crds.annotations }} + {{- end }} + {{- if .Values.linux.crds.podLabels }} + labels: + {{ toYaml .Values.linux.crds.podLabels }} {{- end }} spec: serviceAccountName: {{ template "sscd.fullname" . }}-upgrade-crds diff --git a/manifest_staging/charts/secrets-store-csi-driver/templates/csidriver.yaml b/manifest_staging/charts/secrets-store-csi-driver/templates/csidriver.yaml index 2ff74ca09..91441b44d 100644 --- a/manifest_staging/charts/secrets-store-csi-driver/templates/csidriver.yaml +++ b/manifest_staging/charts/secrets-store-csi-driver/templates/csidriver.yaml @@ -10,5 +10,5 @@ spec: - Ephemeral {{- if and (semverCompare ">=1.20-0" .Capabilities.KubeVersion.Version) .Values.tokenRequests }} tokenRequests: - {{- toYaml .Values.tokenRequests | nindent 2}} + {{- toYaml .Values.tokenRequests | nindent 2 }} {{- end }} diff --git a/manifest_staging/charts/secrets-store-csi-driver/templates/keep-crds-upgrade-hook.yaml b/manifest_staging/charts/secrets-store-csi-driver/templates/keep-crds-upgrade-hook.yaml index c9ef1d72f..789b8be41 100644 --- a/manifest_staging/charts/secrets-store-csi-driver/templates/keep-crds-upgrade-hook.yaml +++ b/manifest_staging/charts/secrets-store-csi-driver/templates/keep-crds-upgrade-hook.yaml @@ -89,6 +89,10 @@ spec: annotations: {{ toYaml .Values.linux.crds.annotations}} {{- end }} + {{- if .Values.linux.crds.podLabels }} + labels: + {{ toYaml .Values.linux.crds.podLabels }} + {{- end }} spec: serviceAccountName: {{ template "sscd.fullname" . }}-keep-crds {{- if .Values.imagePullSecrets }} diff --git a/manifest_staging/charts/secrets-store-csi-driver/templates/secrets-store-csi-driver-windows.yaml b/manifest_staging/charts/secrets-store-csi-driver/templates/secrets-store-csi-driver-windows.yaml index a98a37a24..c49f87e59 100644 --- a/manifest_staging/charts/secrets-store-csi-driver/templates/secrets-store-csi-driver-windows.yaml +++ b/manifest_staging/charts/secrets-store-csi-driver/templates/secrets-store-csi-driver-windows.yaml @@ -1,4 +1,4 @@ -{{- if .Values.windows.enabled}} +{{- if .Values.windows.enabled }} kind: DaemonSet apiVersion: apps/v1 metadata: @@ -132,7 +132,7 @@ spec: {{- end }} {{- end }} {{- if .Values.windows.volumeMounts }} - {{- toYaml .Values.windows.volumeMounts | nindent 12}} + {{- toYaml .Values.windows.volumeMounts | nindent 12 }} {{- end }} {{- with .Values.windows.driver.resources }} resources: @@ -185,7 +185,7 @@ spec: {{- end }} {{- end }} {{- if .Values.windows.volumes }} - {{- toYaml .Values.windows.volumes | nindent 8}} + {{- toYaml .Values.windows.volumes | nindent 8 }} {{- end }} nodeSelector: kubernetes.io/os: windows diff --git a/manifest_staging/charts/secrets-store-csi-driver/templates/secrets-store-csi-driver.yaml b/manifest_staging/charts/secrets-store-csi-driver/templates/secrets-store-csi-driver.yaml index 4f245f2c3..dd4a41c51 100644 --- a/manifest_staging/charts/secrets-store-csi-driver/templates/secrets-store-csi-driver.yaml +++ b/manifest_staging/charts/secrets-store-csi-driver/templates/secrets-store-csi-driver.yaml @@ -1,4 +1,4 @@ -{{- if .Values.linux.enabled}} +{{- if .Values.linux.enabled }} kind: DaemonSet apiVersion: apps/v1 metadata: @@ -135,7 +135,7 @@ spec: {{- end }} {{- end }} {{- if .Values.linux.volumeMounts }} - {{- toYaml .Values.linux.volumeMounts | nindent 12}} + {{- toYaml .Values.linux.volumeMounts | nindent 12 }} {{- end }} {{- with .Values.linux.driver.resources }} resources: @@ -185,10 +185,10 @@ spec: hostPath: path: "{{ $path }}" type: DirectoryOrCreate - {{- end}} + {{- end }} {{- end }} {{- if .Values.linux.volumes }} - {{- toYaml .Values.linux.volumes | nindent 8}} + {{- toYaml .Values.linux.volumes | nindent 8 }} {{- end }} nodeSelector: kubernetes.io/os: linux diff --git a/manifest_staging/charts/secrets-store-csi-driver/values.yaml b/manifest_staging/charts/secrets-store-csi-driver/values.yaml index 8316f7a01..2b844bdcf 100644 --- a/manifest_staging/charts/secrets-store-csi-driver/values.yaml +++ b/manifest_staging/charts/secrets-store-csi-driver/values.yaml @@ -11,6 +11,7 @@ linux: tag: v1.1.2 pullPolicy: IfNotPresent annotations: {} + podLabels: {} ## Prevent the CSI driver from being scheduled on virtual-kubelet nodes affinity: @@ -68,7 +69,7 @@ linux: kubeletRootDir: /var/lib/kubelet providersDir: /var/run/secrets-store-csi-providers - additionalProvidersDirs: + additionalProvidersDirs: - /etc/kubernetes/secrets-store-csi-providers nodeSelector: {} tolerations: []