diff --git a/incubator/kube-downscaler/Chart.yaml b/incubator/kube-downscaler/Chart.yaml index d6570c67207b..16c3a472e4d1 100644 --- a/incubator/kube-downscaler/Chart.yaml +++ b/incubator/kube-downscaler/Chart.yaml @@ -1,6 +1,6 @@ name: kube-downscaler apiVersion: v1 -version: 0.4.2 +version: 0.5.0 appVersion: 19.10.1 description: A Helm chart for kube-downscaler home: https://github.com/hjacobs/kube-downscaler diff --git a/incubator/kube-downscaler/README.md b/incubator/kube-downscaler/README.md index 3e61a291b874..05c3c942abb9 100644 --- a/incubator/kube-downscaler/README.md +++ b/incubator/kube-downscaler/README.md @@ -42,29 +42,32 @@ The command removes all the Kubernetes components associated with the chart and The following tables lists the configurable parameters of the kube-downscaler chart and their default values. -| Parameter | Description | Default | -| ----------------------- | ---------------------------------------------------------------------------------------------------- | --------------------------------------- | -| `replicaCount` | Number of replicas to run | `1` | -| `name` | How to name resources created by this chart | `kube-downscaler` | -| `debug.enable` | Do you want to start the downscaler in debug mode | `false` | -| `namespace.active_in` | Which namespace does the downscaler scans for deployment/statefulsets to downscale (`''` equals all) | `''` | -| `interval` | Interval between scans, in seconds | `60` | -| `image.repository` | Downscaler container image repository | `hjacobs/kube-downscaler` | -| `image.tag` | Downscaler container image tag | `19.10.1` | -| `image.pullPolicy` | Downscaler container image pull policy | `IfNotPresent` | -| `nodeSelector` | Node labels for downscaler pod assignment | `{}` | -| `tolerations` | Downscaler pod toleration for taints | `[]` | -| `affinity` | Downscaler pod affinity | `{}` | -| `podAnnotations` | Annotations to be added to downscaler pod | `{}` | -| `podLabels` | Labels to be added to downscaler pod | `{}` | -| `resources` | Downscaler pod resource requests & limits | `{}` | -| `securityContext` | SecurityContext to apply to the downscaler pod | `{}` | -| `rbac.create` | If true, create & use RBAC resources | `true` | -| `rbac.serviceAccountName` | ServiceAccount downscaler will use (ignored if rbac.create=true) | `default` | -| `downscaleResources` | Resources the downscaler is allowed to manage | `[deployments, statefulsets]` | -| `excludedDeployments` | Deployments to exclude from the downscaler | `[]` | -| `excludedNamespaces` | Namespaces to exclude from the downscaler | `[]` | -| `extraArgs` | Add extra args to docker command | `[]` | +| Parameter | Description | Default | +| ---------------------------- | ------------------------------------------------------------------------------------------------------- | ----------------------------- | +| `replicaCount` | Number of replicas to run | `1` | +| `name` | How to name resources created by this chart | `kube-downscaler` | +| `debug.enable` | Do you want to start the downscaler in debug mode | `false` | +| `namespace.active_in` | Which namespace does the downscaler scans for deployment/statefulsets to downscale (`''` equals all) | `''` | +| `interval` | Interval between scans, in seconds | `60` | +| `image.repository` | Downscaler container image repository | `hjacobs/kube-downscaler` | +| `image.tag` | Downscaler container image tag | `19.10.1` | +| `image.pullPolicy` | Downscaler container image pull policy | `IfNotPresent` | +| `nodeSelector` | Node labels for downscaler pod assignment | `{}` | +| `tolerations` | Downscaler pod toleration for taints | `[]` | +| `affinity` | Downscaler pod affinity | `{}` | +| `podAnnotations` | Annotations to be added to downscaler pod | `{}` | +| `podLabels` | Labels to be added to downscaler pod | `{}` | +| `resources` | Downscaler pod resource requests & limits | `{}` | +| `securityContext` | SecurityContext to apply to the downscaler pod | `{}` | +| `rbac.create` | If true, create & use RBAC resources | `true` | +| `serviceAccount.create` | If true, create & use a ServiceAccount | `""` | +| `serviceAccount.name` | Custom ServiceAccount name | `""` | +| `serviceAccount.annotations` | Custom annotations for the ServiceAccount. Ignored if serviceAccount.create is false. | `{}` | +| `imagePullSecretsNames` | List of names for imagePullSecrets to use. | `[]` | +| `downscaleResources` | Resources the downscaler is allowed to manage | `[deployments, statefulsets]` | +| `excludedDeployments` | Deployments to exclude from the downscaler | `[]` | +| `excludedNamespaces` | Namespaces to exclude from the downscaler | `[]` | +| `extraArgs` | Add extra args to docker command | `[]` | > **Tip**: You can use the default [values.yaml](values.yaml) diff --git a/incubator/kube-downscaler/templates/_helpers.tpl b/incubator/kube-downscaler/templates/_helpers.tpl index cba3528d3fc8..26f54207a597 100644 --- a/incubator/kube-downscaler/templates/_helpers.tpl +++ b/incubator/kube-downscaler/templates/_helpers.tpl @@ -29,3 +29,10 @@ Create chart name and version as used by the chart label. {{- define "kube-downscaler.chart" -}} {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} {{- end -}} + +{{/* +Create the name of the service account to use +*/}} +{{- define "kube-downscaler.serviceAccountName" -}} +{{ default (include "kube-downscaler.fullname" .) .Values.serviceAccount.name }} +{{- end -}} diff --git a/incubator/kube-downscaler/templates/clusterrolebinding.yaml b/incubator/kube-downscaler/templates/clusterrolebinding.yaml index 749bbb591f01..af92be266410 100644 --- a/incubator/kube-downscaler/templates/clusterrolebinding.yaml +++ b/incubator/kube-downscaler/templates/clusterrolebinding.yaml @@ -14,6 +14,6 @@ roleRef: name: "{{ template "kube-downscaler.fullname" . }}" subjects: - kind: ServiceAccount - name: "{{ template "kube-downscaler.fullname" . }}" + name: {{ include "kube-downscaler.serviceAccountName" . }} namespace: {{ .Release.Namespace }} {{- end -}} diff --git a/incubator/kube-downscaler/templates/deployment.yaml b/incubator/kube-downscaler/templates/deployment.yaml index be7daa3fc9d6..9cca5dfaa562 100644 --- a/incubator/kube-downscaler/templates/deployment.yaml +++ b/incubator/kube-downscaler/templates/deployment.yaml @@ -52,6 +52,12 @@ spec: {{- end }} resources: {{ toYaml .Values.resources | indent 12 }} + {{- with .Values.imagePullSecretsNames }} + imagePullSecrets: + {{- range $secretName := . }} + - name: {{ $secretName }} + {{- end }} + {{- end }} {{- with .Values.securityContext }} securityContext: {{ toYaml . | indent 8 }} @@ -68,4 +74,6 @@ spec: tolerations: {{ toYaml . | indent 8 }} {{- end }} - serviceAccountName: {{ if .Values.rbac.create }}{{ template "kube-downscaler.fullname" . }}{{ else }}"{{ .Values.rbac.serviceAccountName }}"{{ end }} + {{- if or .Values.serviceAccount.create .Values.serviceAccount.name }} + serviceAccountName: {{ include "kube-downscaler.serviceAccountName" . }} + {{- end }} diff --git a/incubator/kube-downscaler/templates/serviceaccount.yaml b/incubator/kube-downscaler/templates/serviceaccount.yaml index a517d4ebf0a8..f025e36e7c76 100644 --- a/incubator/kube-downscaler/templates/serviceaccount.yaml +++ b/incubator/kube-downscaler/templates/serviceaccount.yaml @@ -1,11 +1,16 @@ -{{ if .Values.rbac.create -}} +{{ if .Values.serviceAccount.create -}} apiVersion: v1 kind: ServiceAccount metadata: - name: {{ include "kube-downscaler.fullname" . }} + name: {{ include "kube-downscaler.serviceAccountName" . }} + namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: {{ include "kube-downscaler.name" . }} helm.sh/chart: {{ include "kube-downscaler.chart" . }} app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- with .Values.serviceAccount.annotations }} + annotations: +{{ toYaml . | indent 4 }} +{{- end}} {{- end -}} diff --git a/incubator/kube-downscaler/values.yaml b/incubator/kube-downscaler/values.yaml index 4076e1c01385..fc0c676f9076 100644 --- a/incubator/kube-downscaler/values.yaml +++ b/incubator/kube-downscaler/values.yaml @@ -29,14 +29,23 @@ interval: 60 rbac: # If true, create & use RBAC resources create: true - # Ignored if rbac.create is true - serviceAccountName: default + +serviceAccount: + # If true, create & use a ServiceAccount + create: true + # If not set and create is true, a name is generated using the fullname template + name: "" + # Custom annotations for the ServiceAccount. Ignored if serviceAccount.create is false. + annotations: {} image: repository: hjacobs/kube-downscaler tag: 19.10.1 pullPolicy: IfNotPresent +# Names of imagePullSecrets to use. +imagePullSecretsNames: [] + resources: limits: {} requests: {}