feat(argo-rollouts): Add initContainers to controller pod, allow secrets to be manipulated (#1410)

* Add initContainers to controller pod, allow secrets to be manipulated

Signed-off-by: lukepatrick <lukephilips@gmail.com>

* bump

Signed-off-by: lukepatrick <lukephilips@gmail.com>

* linting

Signed-off-by: lukepatrick <lukephilips@gmail.com>

* Update charts/argo-rollouts/templates/controller/deployment.yaml

Co-authored-by: Marco Kilchhofer <mkilchhofer@users.noreply.github.com>
Signed-off-by: lukepatrick <lukephilips@gmail.com>

Signed-off-by: lukepatrick <lukephilips@gmail.com>
Co-authored-by: Marco Kilchhofer <mkilchhofer@users.noreply.github.com>
This commit is contained in:
Luke 2022-08-26 10:40:01 -06:00 committed by GitHub
parent dd4fdef4ee
commit 19b1c138e1
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
6 changed files with 25 additions and 5 deletions

View file

@ -89,7 +89,7 @@ rules:
- create
- get
- update
# secret read access to run analysis templates which reference secrets
# secret access to run analysis templates which reference secrets, allow init containers to manipulate secrets
- apiGroups:
- ""
resources:
@ -99,6 +99,9 @@ rules:
- get
- list
- watch
- create
- patch
- update
# pod list/update needed for updating ephemeral data
- apiGroups:
- ""

View file

@ -65,6 +65,10 @@ spec:
{{- with .Values.controller.extraContainers }}
{{- toYaml . | nindent 6 }}
{{- end }}
{{- with .Values.controller.initContainers }}
initContainers:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- if .Values.controller.nodeSelector }}
nodeSelector:
{{- toYaml .Values.controller.nodeSelector | nindent 8 }}

View file

@ -66,7 +66,7 @@ rules:
- list
- watch
- patch
# secret read access to run analysis templates which reference secrets
# secret access to run analysis templates which reference secrets
# configmap access to read notification-engine configuration
- apiGroups:
- ""
@ -77,6 +77,9 @@ rules:
- get
- list
- watch
- create
- patch
- update
# pod list/update needed for updating ephemeral data
- apiGroups:
- ""