Merge branch '53-allow-setting-pod-annotations' into 'master'

Resolve "Allow setting pod annotations" Closes #53 See merge request openappstack/single-sign-on!28

Merge branch '53-allow-setting-pod-annotations' into 'master'
a23341b1 · Maarten de Waard · b9a2ebde · 79afb250 · a23341b1 · a23341b1
Commit a23341b1 authored 4 years ago by Maarten de Waard
--- a/docs/helmchart.md
+++ b/docs/helmchart.md
@@ -28,10 +28,10 @@ This table lists the variables you are most likely to change. Take a look at the

 | Parameter                            | Description                                             | Default                                 |
 | ------------------------------------ | ------------------------------------------------------- | -------------------------               |
-| `consentProviderImage.repository`    | Name of image repository to be used for consent provider| open.greenhost.net:4567/openappstack/single-sign-on/consent_provider |
-| `consentProviderImage.tag`           | Release version of consent provider image               | master                                  |
-| `loginProviderImage.repository`      | Name of image repository to be used for login provider  | open.greenhost.net:4567/openappstack/single-sign-on/login_provider |
-| `loginProviderImage.tag`             | Release version of login provider image                 | master                                  |
+| `consentProvider.image.repository`   | Name of image repository to be used for consent provider| open.greenhost.net:4567/openappstack/single-sign-on/consent_provider |
+| `consentProvider.image.tag`          | Release version of consent provider image               | master                                  |
+| `loginProvider.image.repository`     | Name of image repository to be used for login provider  | open.greenhost.net:4567/openappstack/single-sign-on/login_provider |
+| `loginProvider.image.tag`            | Release version of login provider image                 | master                                  |
 | `singleSignOnHost`                   | **FQDN of the openID Connect / oAuth2 server**          | **sso.oas.example.net**                 |
 | `userpanel.ingress.host`             | **FQDN of the userpanel**                               | **admin.oas.example.net**               |
 | `userbackend.username`               | Username of the admin user                              | admin                                   |

--- a/helmchart/single-sign-on/Chart.yaml
+++ b/helmchart/single-sign-on/Chart.yaml
 apiVersion: v1
 description: A Helm chart for OpenAppStack's Signle sign-on components
 name: single-sign-on
-version: 0.2.1
+version: 0.2.2
--- a/helmchart/single-sign-on/templates/deployment-consent.yaml
+++ b/helmchart/single-sign-on/templates/deployment-consent.yaml
@@ -13,11 +13,13 @@ spec:
    metadata:
      labels:
        app.kubernetes.io/name: {{ include "single-sign-on.name" . }}-consent
+      annotations:
+        {{- toYaml .Values.consentProvider.podAnnotations | nindent 8 }}
    spec:
      containers:
        - name: {{ .Chart.Name }}-consent
-          image: {{ .Values.consentProviderImage.repository }}:{{ .Values.consentProviderImage.tag }}
-          imagePullPolicy: {{ .Values.consentProviderImage.pullPolicy }}
+          image: {{ .Values.consentProvider.image.repository }}:{{ .Values.consentProvider.image.tag }}
+          imagePullPolicy: {{ .Values.consentProvider.image.pullPolicy }}
          env:
            - name: HYDRA_ADMIN_URL
              value: http://{{ .Release.Name }}-hydra-admin:4445

--- a/helmchart/single-sign-on/templates/deployment-login.yaml
+++ b/helmchart/single-sign-on/templates/deployment-login.yaml
@@ -13,11 +13,13 @@ spec:
    metadata:
      labels:
        app.kubernetes.io/name: {{ include "single-sign-on.name" . }}-login
+      annotations:
+        {{- toYaml .Values.loginProvider.podAnnotations | nindent 8 }}
    spec:
      containers:
        - name: {{ .Chart.Name }}-login
-          image: {{ .Values.loginProviderImage.repository }}:{{ .Values.loginProviderImage.tag }}
-          imagePullPolicy: {{ .Values.loginProviderImage.pullPolicy }}
+          image: {{ .Values.loginProvider.image.repository }}:{{ .Values.loginProvider.image.tag }}
+          imagePullPolicy: {{ .Values.loginProvider.image.pullPolicy }}
          env:
            - name: HYDRA_ADMIN_URL
              value: http://{{ .Release.Name }}-hydra-admin:4445

--- a/helmchart/single-sign-on/templates/deployment-userbackend.yaml
+++ b/helmchart/single-sign-on/templates/deployment-userbackend.yaml
@@ -13,14 +13,16 @@ spec:
    metadata:
      labels:
        app.kubernetes.io/name: {{ include "single-sign-on.name" . }}-userbackend
+      annotations:
+        {{- toYaml .Values.userbackend.podAnnotations | nindent 8 }}
    spec:
      containers:
        - name: {{ .Chart.Name }}-userbackend-db
-          image: {{ .Values.userbackend.postgresImage }}:{{ .Values.userbackend.postgresTag }}
-          imagePullPolicy: {{ .Values.userbackend.postgresPullPolicy }}
+          image: {{ .Values.userbackend.postgres.image.repository }}:{{ .Values.userbackend.postgres.image.tag }}
+          imagePullPolicy: {{ .Values.userbackend.postgres.image.pullPolicy }}
          env:
            - name: POSTGRES_PASSWORD
-              value: {{ .Values.userbackend.postgresPassword }}
+              value: {{ .Values.userbackend.postgres.password }}
          volumeMounts:
            - name: database
              mountPath: /var/lib/postgresql/data
@@ -33,7 +35,7 @@ spec:
            - name: DATABASE_USER
              value: "postgres"
            - name: DATABASE_PASSWORD
-              value: {{ default .Values.userbackend.postgresPassword }}
+              value: {{ default .Values.userbackend.postgres.password }}
            - name: DATABASE_NAME
              value: "postgres"
            - name: DATABASE_HOST

--- a/helmchart/single-sign-on/templates/deployment-userfrontend.yaml
+++ b/helmchart/single-sign-on/templates/deployment-userfrontend.yaml
@@ -13,6 +13,8 @@ spec:
    metadata:
      labels:
        app.kubernetes.io/name: {{ include "single-sign-on.name" . }}-userpanel
+      annotations:
+        {{- toYaml .Values.userpanel.podAnnotations | nindent 8 }}
    spec:
      containers:
        - name: {{ .Chart.Name }}-userpanel

--- a/helmchart/single-sign-on/values.yaml
+++ b/helmchart/single-sign-on/values.yaml
 replicaCount: 1

-consentProviderImage:
-  # consentProviderImage.tag and consentProviderImage.pullPolicy should be the same as
-  # loginProviderImage.tag and loginProviderImage.pullPolicy as the images are released
-  # together in order to guarantee compatibility
-  << : &IMAGE_DEFAULTS_SSO { tag: "master", pullPolicy: "Always" }
-  repository: "open.greenhost.net:4567/openappstack/single-sign-on/consent_provider"
+consentProvider:
+  image:
+    # consentProvider.image.tag and consentProvider.image.pullPolicy should be the same as
+    # loginProvider.image.tag and loginProvider.image.pullPolicy as the images are released
+    # together in order to guarantee compatibility
+    << : &IMAGE_DEFAULTS_SSO { tag: "master", pullPolicy: "Always" }
+    repository: "open.greenhost.net:4567/openappstack/single-sign-on/consent_provider"
+  podAnnotations: {}

-loginProviderImage:
-  << : *IMAGE_DEFAULTS_SSO
-  repository: "open.greenhost.net:4567/openappstack/single-sign-on/login_provider"
+loginProvider:
+  image:
+    << : *IMAGE_DEFAULTS_SSO
+    repository: "open.greenhost.net:4567/openappstack/single-sign-on/login_provider"
+  podAnnotations: {}

 # singleSignOnHost is the FQDN that will be used by the ingress to make the consent and
 # the login provider accessible by user agents. For now it is recommended to set it to the
@@ -30,6 +34,7 @@ userpanel:
  ingress:
    # userpanel.ingress.host is the FQDN of the userpanel application
    host: admin.oas.example.net
+  podAnnotations: {}

 userbackend:
  image:
@@ -45,17 +50,20 @@ userbackend:
  password: "YouReallyNeedToChangeThis"
  # username.email is email address of the admin user
  email: "admin@example.net"
-  postgresImage: postgres
-  postgresTag: 11
-  postgresPullPolicy: Always
-  # userbackend.postgresPassword is the root password of the postgress db that is
-  # created and used by the userbackend
-  postgresPassword: "postgres"
+  postgres:
+    image:
+      repository: postgres
+      tag: 11
+      pullPolicy: Always
+    # userbackend.postgres.password is the root password of the
+    # postgress db that is created and used by the userbackend
+    password: "postgres"
  persistence:
    enabled: true
    size: 1Gi
    storageClass: "-"
    annotations: {}
+  podAnnotations: {}

 hydra:
  maester: