From ef4b75c3f6278ec50f2dca2fe8db75c518fa101d Mon Sep 17 00:00:00 2001 From: Yee Hing Tong Date: Fri, 25 Jun 2021 08:24:50 -0700 Subject: [PATCH] Admin secrets (#1087) * add stringdata Signed-off-by: wild-endeavor * extra dash Signed-off-by: wild-endeavor * wrong file Signed-off-by: wild-endeavor * make helm Signed-off-by: wild-endeavor Co-authored-by: Haytham Abuelfutuh --- deployment/eks/flyte_helm_generated.yaml | 5 +++-- deployment/gcp/flyte_helm_generated.yaml | 5 +++-- deployment/sandbox/flyte_helm_generated.yaml | 5 +++-- helm/README.md | 1 + helm/templates/admin/deployment.yaml | 2 +- helm/templates/admin/secret-auth.yaml | 6 +++++- helm/values.yaml | 1 + 7 files changed, 17 insertions(+), 8 deletions(-) diff --git a/deployment/eks/flyte_helm_generated.yaml b/deployment/eks/flyte_helm_generated.yaml index 7164108395..387af2d0b7 100644 --- a/deployment/eks/flyte_helm_generated.yaml +++ b/deployment/eks/flyte_helm_generated.yaml @@ -54,9 +54,10 @@ metadata: apiVersion: v1 kind: Secret metadata: - name: flyte-admin-auth + name: flyte-admin-secrets namespace: flyte type: Opaque +stringData: --- # Source: flyte/templates/common/secret.yaml apiVersion: v1 @@ -1421,7 +1422,7 @@ spec: name: resource-templates - name: auth secret: - secretName: flyte-admin-auth + secretName: flyte-admin-secrets affinity: podAntiAffinity: requiredDuringSchedulingIgnoredDuringExecution: diff --git a/deployment/gcp/flyte_helm_generated.yaml b/deployment/gcp/flyte_helm_generated.yaml index 84c12ffb78..7fd82928e4 100644 --- a/deployment/gcp/flyte_helm_generated.yaml +++ b/deployment/gcp/flyte_helm_generated.yaml @@ -116,9 +116,10 @@ metadata: apiVersion: v1 kind: Secret metadata: - name: flyte-admin-auth + name: flyte-admin-secrets namespace: flyte type: Opaque +stringData: --- # Source: flyte/templates/propeller/secret-auth.yaml apiVersion: v1 @@ -3259,7 +3260,7 @@ spec: name: resource-templates - name: auth secret: - secretName: flyte-admin-auth + secretName: flyte-admin-secrets --- # Source: flyte/templates/console/deployment.yaml apiVersion: apps/v1 diff --git a/deployment/sandbox/flyte_helm_generated.yaml b/deployment/sandbox/flyte_helm_generated.yaml index a2fd512bab..10a5c5c5d6 100644 --- a/deployment/sandbox/flyte_helm_generated.yaml +++ b/deployment/sandbox/flyte_helm_generated.yaml @@ -180,9 +180,10 @@ type: Opaque apiVersion: v1 kind: Secret metadata: - name: flyte-admin-auth + name: flyte-admin-secrets namespace: flyte type: Opaque +stringData: --- # Source: flyte/templates/propeller/secret-auth.yaml apiVersion: v1 @@ -3424,7 +3425,7 @@ spec: name: resource-templates - name: auth secret: - secretName: flyte-admin-auth + secretName: flyte-admin-secrets --- # Source: flyte/templates/console/deployment.yaml apiVersion: apps/v1 diff --git a/helm/README.md b/helm/README.md index 9849d7a9ca..d7b57b0300 100644 --- a/helm/README.md +++ b/helm/README.md @@ -130,6 +130,7 @@ helm upgrade -f values-sandbox.yaml flyte . | flyteadmin.podAnnotations | object | `{}` | Annotations for Flyteadmin pods | | flyteadmin.replicaCount | int | `1` | Replicas count for Flyteadmin deployment | | flyteadmin.resources | object | `{"limits":{"cpu":"250m","ephemeral-storage":"100Mi","memory":"500Mi"},"requests":{"cpu":"10m","ephemeral-storage":"50Mi","memory":"50Mi"}}` | Default resources requests and limits for Flyteadmin deployment | +| flyteadmin.secrets | object | `{}` | | | flyteadmin.service | object | `{"annotations":{"projectcontour.io/upstream-protocol.h2c":"grpc"},"loadBalancerSourceRanges":[],"type":"ClusterIP"}` | Service settings for Flyteadmin | | flyteadmin.serviceAccount | object | `{"annotations":{},"create":true,"imagePullSecrets":{}}` | Configuration for service accounts for FlyteAdmin | | flyteadmin.serviceAccount.annotations | object | `{}` | Annotations for ServiceAccount attached to Flyteadmin pods | diff --git a/helm/templates/admin/deployment.yaml b/helm/templates/admin/deployment.yaml index d479e1852a..f39469c3b1 100755 --- a/helm/templates/admin/deployment.yaml +++ b/helm/templates/admin/deployment.yaml @@ -144,7 +144,7 @@ spec: {{- end }} - name: auth secret: - secretName: flyte-admin-auth + secretName: flyte-admin-secrets {{- with .Values.flyteadmin.nodeSelector }} nodeSelector: {{ toYaml . | nindent 8 }} {{- end }} diff --git a/helm/templates/admin/secret-auth.yaml b/helm/templates/admin/secret-auth.yaml index 0d5bf72fca..7e5a29467c 100644 --- a/helm/templates/admin/secret-auth.yaml +++ b/helm/templates/admin/secret-auth.yaml @@ -1,6 +1,10 @@ apiVersion: v1 kind: Secret metadata: - name: flyte-admin-auth + name: flyte-admin-secrets namespace: {{ template "flyte.namespace" . }} type: Opaque +stringData: +{{- with .Values.flyteadmin.secrets -}} +{{ toYaml . | nindent 2 }} +{{- end }} diff --git a/helm/values.yaml b/helm/values.yaml index 591e880c1b..c94afa42e2 100755 --- a/helm/values.yaml +++ b/helm/values.yaml @@ -56,6 +56,7 @@ flyteadmin: tolerations: [] # -- affinity for Flyteadmin deployment affinity: {} + secrets: {} # # DATACATALOG SETTINGS