Add toleration to secret-observer cronjob
A toleration needs to be added to all resources that create pods since the node-role.kubernetes.io/master taint will be restored to all master nodes. This will ensure that the pods will run on the master node. Test Plan: Install oidc-auth-apps with taint enabled on the node and verify secret-observer triggers pods restart on secret changes PASS: Install oidc-auth-apps with taint enabled PASS: Update and reapply oidc-auth-apps with taint enabled PASS: Verify that changing a secret causes its related resources to be restarted (e.g.: dex-client-secret/stx-oidc-client) Regression: System and secret-observer builds and works the same when taint is not enabled PASS: Verify oidc-auth-apps application builds and installs properly PASS: Verify updating the secret-observer cronjob schedule works the same PASS: Verify secret-observer performs pods restarts on secret changes when taint is disabled Story: 2009232 Task: 43505 Depends-On: https://review.opendev.org/c/starlingx/helm-charts/+/812510 Signed-off-by: Rafael Camargos <RafaelLucas.Camargos@windriver.com> Change-Id: Iaf6caa05943661bfabb5c7c4b92ad9f7c5a6e528
This commit is contained in:
parent
14f65f438f
commit
7d1fc8f6f0
@ -139,6 +139,10 @@ data:
|
|||||||
- secretName: "local-dex.tls"
|
- secretName: "local-dex.tls"
|
||||||
filename: "tls.crt"
|
filename: "tls.crt"
|
||||||
deploymentToRestart: "oidc-dex"
|
deploymentToRestart: "oidc-dex"
|
||||||
|
tolerations:
|
||||||
|
- key: "node-role.kubernetes.io/master"
|
||||||
|
operator: "Exists"
|
||||||
|
effect: "NoSchedule"
|
||||||
source:
|
source:
|
||||||
location: http://172.17.0.1:8080/helm_charts/stx-platform/secret-observer-0.1.0.tgz
|
location: http://172.17.0.1:8080/helm_charts/stx-platform/secret-observer-0.1.0.tgz
|
||||||
subpath: secret-observer
|
subpath: secret-observer
|
||||||
|
Loading…
Reference in New Issue
Block a user