a7f921d10b
There could be scenarios when a chart needs to create multiple service accounts. The PS modifies the helm-toolkit job-ks-user manifest so it deploys the job with multiple containers where every container manages a single service account. Also modify heat chart to align with the change. Depends-on: I12eb9341d5ff633ad4435f4938bf8c946ea388ee Change-Id: Icec59a93082ac213eed0531f129e8c44436e6ccc
33 lines
1.3 KiB
YAML
33 lines
1.3 KiB
YAML
{{/*
|
|
Licensed under the Apache License, Version 2.0 (the "License");
|
|
you may not use this file except in compliance with the License.
|
|
You may obtain a copy of the License at
|
|
|
|
http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
Unless required by applicable law or agreed to in writing, software
|
|
distributed under the License is distributed on an "AS IS" BASIS,
|
|
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
See the License for the specific language governing permissions and
|
|
limitations under the License.
|
|
*/}}
|
|
|
|
{{- define "metadata.annotations.job.ks_user" }}
|
|
helm.sh/hook: post-install,post-upgrade
|
|
helm.sh/hook-weight: "-1"
|
|
{{- end }}
|
|
|
|
{{- if .Values.manifests.job_ks_user }}
|
|
{{- $ksUserJob := dict "envAll" . "serviceName" "heat" "serviceUsers" (tuple "heat" "heat_trustee") -}}
|
|
{{- if or .Values.manifests.certificates .Values.tls.identity -}}
|
|
{{- $_ := set $ksUserJob "tlsSecret" .Values.secrets.tls.orchestration.api.internal -}}
|
|
{{- end -}}
|
|
{{- if .Values.helm3_hook }}
|
|
{{- $_ := set $ksUserJob "jobAnnotations" (include "metadata.annotations.job.ks_user" . | fromYaml) }}
|
|
{{- end }}
|
|
{{- if .Values.pod.tolerations.heat.enabled -}}
|
|
{{- $_ := set $ksUserJob "tolerationsEnabled" true -}}
|
|
{{- end -}}
|
|
{{ $ksUserJob | include "helm-toolkit.manifests.job_ks_user" }}
|
|
{{- end }}
|