From 06e36e12fa3ae00ed54a4bcc4ecdbcb0336b64ee Mon Sep 17 00:00:00 2001 From: odubajDT Date: Fri, 29 Sep 2023 13:18:50 +0200 Subject: [PATCH] simplify helm values Signed-off-by: odubajDT --- lifecycle-operator/chart/README.md | 124 +++++------ lifecycle-operator/chart/doc.yaml | 168 +++++++-------- .../chart/templates/deployment.yaml | 82 +++---- .../templates/lifecycle-manager-config.yaml | 10 +- .../chart/templates/scheduler-config.yaml | 4 +- lifecycle-operator/chart/values.yaml | 202 +++++++++--------- 6 files changed, 293 insertions(+), 297 deletions(-) diff --git a/lifecycle-operator/chart/README.md b/lifecycle-operator/chart/README.md index f7be7cec17..bca1c05ee7 100644 --- a/lifecycle-operator/chart/README.md +++ b/lifecycle-operator/chart/README.md @@ -8,74 +8,74 @@ as well as the concept of application health checks ### Keptn Scheduler -| Name | Description | Value | -| -------------------------------------------------------------------------------- | -------------------------------------------------------------- | ------------------------- | -| `scheduler.scheduler.containerSecurityContext` | Sets security context | | -| `scheduler.scheduler.env.otelCollectorUrl` | sets url for open telemetry collector | `otel-collector:4317` | -| `scheduler.scheduler.image.repository` | set image repository for scheduler | `ghcr.io/keptn/scheduler` | -| `scheduler.scheduler.image.tag` | set image tag for scheduler | `v0.8.2` | -| `scheduler.scheduler.imagePullPolicy` | set image pull policy for scheduler | `Always` | -| `scheduler.scheduler.livenessProbe` | customizable liveness probe for the scheduler | | -| `scheduler.scheduler.readinessProbe` | customizable readiness probe for the scheduler | | -| `scheduler.scheduler.resources` | sets cpu and memory resurces/limits for scheduler | | -| `schedulerConfig.schedulerConfigYaml.leaderElection.leaderElect` | enables leader election for multiple replicas of the scheduler | `false` | -| `schedulerConfig.schedulerConfigYaml.profiles[0].plugins.permit.enabled[0].name` | enables permit plugin | `KLCPermit` | -| `schedulerConfig.schedulerConfigYaml.profiles[0].schedulerName` | changes scheduler name | `keptn-scheduler` | -| `scheduler.nodeSelector` | adds node selectors for scheduler | `{}` | -| `scheduler.replicas` | modifies replicas | `1` | -| `scheduler.tolerations` | adds tolerations for scheduler | `[]` | -| `scheduler.topologySpreadConstraints` | add topology constraints for scheduler | `[]` | +| Name | Description | Value | +| ------------------------------------------------------------ | -------------------------------------------------------------- | ------------------------- | +| `scheduler.containerSecurityContext` | Sets security context | | +| `scheduler.env.otelCollectorUrl` | sets url for open telemetry collector | `otel-collector:4317` | +| `scheduler.image.repository` | set image repository for scheduler | `ghcr.io/keptn/scheduler` | +| `scheduler.image.tag` | set image tag for scheduler | `v0.8.2` | +| `scheduler.imagePullPolicy` | set image pull policy for scheduler | `Always` | +| `scheduler.livenessProbe` | customizable liveness probe for the scheduler | | +| `scheduler.readinessProbe` | customizable readiness probe for the scheduler | | +| `scheduler.resources` | sets cpu and memory resurces/limits for scheduler | | +| `schedulerConfig.leaderElection.leaderElect` | enables leader election for multiple replicas of the scheduler | `false` | +| `schedulerConfig.profiles[0].plugins.permit.enabled[0].name` | enables permit plugin | `KLCPermit` | +| `schedulerConfig.profiles[0].schedulerName` | changes scheduler name | `keptn-scheduler` | +| `scheduler.nodeSelector` | adds node selectors for scheduler | `{}` | +| `scheduler.replicas` | modifies replicas | `1` | +| `scheduler.tolerations` | adds tolerations for scheduler | `[]` | +| `scheduler.topologySpreadConstraints` | add topology constraints for scheduler | `[]` | ### Keptn Lifecycle Operator common -| Name | Description | Value | -| ---------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------- | -| `lifecycleManagerConfig.controllerManagerConfigYaml.health.healthProbeBindAddress` | setup on what address to start the default health handler | `:8081` | -| `lifecycleManagerConfig.controllerManagerConfigYaml.leaderElection.leaderElect` | enable leader election for multiple replicas of the lifecycle operator | `true` | -| `lifecycleManagerConfig.controllerManagerConfigYaml.leaderElection.resourceName` | define LeaderElectionID | `6b866dd9.keptn.sh` | -| `lifecycleManagerConfig.controllerManagerConfigYaml.metrics.bindAddress` | MetricsBindAddress is the TCP address that the controller should bind to for serving prometheus metrics. It can be set to "0" to disable the metrics serving. | `127.0.0.1:8080` | -| `lifecycleManagerConfig.controllerManagerConfigYaml.webhook.port` | setup port for the lifecycle operator admission webhook | `9443` | -| `lifecycleOperator.replicas` | customize number of installed lifecycle operator replicas | `1` | -| `lifecycleOperatorMetricsService` | Adjust settings here to change the k8s service for scraping Prometheus metrics | | -| `lifecycleWebhookService` | Mutating Webhook Configurations for lifecycle Operator | | -| `lifecycleWebhookService.ports[0].port` | | `443` | -| `lifecycleWebhookService.ports[0].protocol` | | `TCP` | -| `lifecycleWebhookService.ports[0].targetPort` | | `9443` | -| `lifecycleWebhookService.type` | | `ClusterIP` | -| `lifecycleOperator.nodeSelector` | add custom nodes selector to lifecycle operator | `{}` | -| `lifecycleOperator.tolerations` | add custom tolerations to lifecycle operator | `[]` | -| `lifecycleOperator.topologySpreadConstraints` | add custom topology constraints to lifecycle operator | `[]` | +| Name | Description | Value | +| ------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------- | +| `lifecycleManagerConfig.health.healthProbeBindAddress` | setup on what address to start the default health handler | `:8081` | +| `lifecycleManagerConfig.leaderElection.leaderElect` | enable leader election for multiple replicas of the lifecycle operator | `true` | +| `lifecycleManagerConfig.leaderElection.resourceName` | define LeaderElectionID | `6b866dd9.keptn.sh` | +| `lifecycleManagerConfig.metrics.bindAddress` | MetricsBindAddress is the TCP address that the controller should bind to for serving prometheus metrics. It can be set to "0" to disable the metrics serving. | `127.0.0.1:8080` | +| `lifecycleManagerConfig.webhook.port` | setup port for the lifecycle operator admission webhook | `9443` | +| `lifecycleOperator.replicas` | customize number of installed lifecycle operator replicas | `1` | +| `lifecycleOperatorMetricsService` | Adjust settings here to change the k8s service for scraping Prometheus metrics | | +| `lifecycleWebhookService` | Mutating Webhook Configurations for lifecycle Operator | | +| `lifecycleWebhookService.ports[0].port` | | `443` | +| `lifecycleWebhookService.ports[0].protocol` | | `TCP` | +| `lifecycleWebhookService.ports[0].targetPort` | | `9443` | +| `lifecycleWebhookService.type` | | `ClusterIP` | +| `lifecycleOperator.nodeSelector` | add custom nodes selector to lifecycle operator | `{}` | +| `lifecycleOperator.tolerations` | add custom tolerations to lifecycle operator | `[]` | +| `lifecycleOperator.topologySpreadConstraints` | add custom topology constraints to lifecycle operator | `[]` | ### Keptn Lifecycle Operator controller -| Name | Description | Value | -| ----------------------------------------------------------------------------- | ----------------------------------------------------------- | ------------------------------------- | -| `lifecycleOperator.manager.containerSecurityContext` | Sets security context privileges | | -| `lifecycleOperator.manager.containerSecurityContext.allowPrivilegeEscalation` | | `false` | -| `lifecycleOperator.manager.containerSecurityContext.capabilities.drop` | | `["ALL"]` | -| `lifecycleOperator.manager.containerSecurityContext.privileged` | | `false` | -| `lifecycleOperator.manager.containerSecurityContext.runAsGroup` | | `65532` | -| `lifecycleOperator.manager.containerSecurityContext.runAsNonRoot` | | `true` | -| `lifecycleOperator.manager.containerSecurityContext.runAsUser` | | `65532` | -| `lifecycleOperator.manager.containerSecurityContext.seccompProfile.type` | | `RuntimeDefault` | -| `lifecycleOperator.manager.env.keptnAppControllerLogLevel` | sets the log level of Keptn App Controller | `0` | -| `lifecycleOperator.manager.env.keptnAppCreationRequestControllerLogLevel` | sets the log level of Keptn App Creation Request Controller | `0` | -| `lifecycleOperator.manager.env.keptnAppVersionControllerLogLevel` | sets the log level of Keptn AppVersion Controller | `0` | -| `lifecycleOperator.manager.env.keptnEvaluationControllerLogLevel` | sets the log level of Keptn Evaluation Controller | `0` | -| `lifecycleOperator.manager.env.keptnTaskControllerLogLevel` | sets the log level of Keptn Task Controller | `0` | -| `lifecycleOperator.manager.env.keptnTaskDefinitionControllerLogLevel` | sets the log level of Keptn TaskDefinition Controller | `0` | -| `lifecycleOperator.manager.env.keptnWorkloadControllerLogLevel` | sets the log level of Keptn Workload Controller | `0` | -| `lifecycleOperator.manager.env.keptnWorkloadInstanceControllerLogLevel` | sets the log level of Keptn WorkloadInstance Controller | `0` | -| `lifecycleOperator.manager.env.optionsControllerLogLevel` | sets the log level of Keptn Options Controller | `0` | -| `lifecycleOperator.manager.env.otelCollectorUrl` | Sets the URL for the open telemetry collector | `otel-collector:4317` | -| `lifecycleOperator.manager.env.functionRunnerImage` | specify image for deno task runtime | `ghcr.io/keptn/deno-runtime:v1.0.1` | -| `lifecycleOperator.manager.env.pythonRunnerImage` | specify image for python task runtime | `ghcr.io/keptn/python-runtime:v1.0.0` | -| `lifecycleOperator.manager.image.repository` | specify registry for manager image | `ghcr.io/keptn/lifecycle-operator` | -| `lifecycleOperator.manager.image.tag` | select tag for manager image | `v0.8.2` | -| `lifecycleOperator.manager.imagePullPolicy` | specify pull policy for manager image | `Always` | -| `lifecycleOperator.manager.livenessProbe` | custom livenessprobe for manager container | | -| `lifecycleOperator.manager.readinessProbe` | custom readinessprobe for manager container | | -| `lifecycleOperator.manager.resources` | specify limits and requests for manager container | | +| Name | Description | Value | +| --------------------------------------------------------------------- | ----------------------------------------------------------- | ------------------------------------- | +| `lifecycleOperator.containerSecurityContext` | Sets security context privileges | | +| `lifecycleOperator.containerSecurityContext.allowPrivilegeEscalation` | | `false` | +| `lifecycleOperator.containerSecurityContext.capabilities.drop` | | `["ALL"]` | +| `lifecycleOperator.containerSecurityContext.privileged` | | `false` | +| `lifecycleOperator.containerSecurityContext.runAsGroup` | | `65532` | +| `lifecycleOperator.containerSecurityContext.runAsNonRoot` | | `true` | +| `lifecycleOperator.containerSecurityContext.runAsUser` | | `65532` | +| `lifecycleOperator.containerSecurityContext.seccompProfile.type` | | `RuntimeDefault` | +| `lifecycleOperator.env.keptnAppControllerLogLevel` | sets the log level of Keptn App Controller | `0` | +| `lifecycleOperator.env.keptnAppCreationRequestControllerLogLevel` | sets the log level of Keptn App Creation Request Controller | `0` | +| `lifecycleOperator.env.keptnAppVersionControllerLogLevel` | sets the log level of Keptn AppVersion Controller | `0` | +| `lifecycleOperator.env.keptnEvaluationControllerLogLevel` | sets the log level of Keptn Evaluation Controller | `0` | +| `lifecycleOperator.env.keptnTaskControllerLogLevel` | sets the log level of Keptn Task Controller | `0` | +| `lifecycleOperator.env.keptnTaskDefinitionControllerLogLevel` | sets the log level of Keptn TaskDefinition Controller | `0` | +| `lifecycleOperator.env.keptnWorkloadControllerLogLevel` | sets the log level of Keptn Workload Controller | `0` | +| `lifecycleOperator.env.keptnWorkloadInstanceControllerLogLevel` | sets the log level of Keptn WorkloadInstance Controller | `0` | +| `lifecycleOperator.env.optionsControllerLogLevel` | sets the log level of Keptn Options Controller | `0` | +| `lifecycleOperator.env.otelCollectorUrl` | Sets the URL for the open telemetry collector | `otel-collector:4317` | +| `lifecycleOperator.env.functionRunnerImage` | specify image for deno task runtime | `ghcr.io/keptn/deno-runtime:v1.0.1` | +| `lifecycleOperator.env.pythonRunnerImage` | specify image for python task runtime | `ghcr.io/keptn/python-runtime:v1.0.0` | +| `lifecycleOperator.image.repository` | specify registry for manager image | `ghcr.io/keptn/lifecycle-operator` | +| `lifecycleOperator.image.tag` | select tag for manager image | `v0.8.2` | +| `lifecycleOperator.imagePullPolicy` | specify pull policy for manager image | `Always` | +| `lifecycleOperator.livenessProbe` | custom livenessprobe for manager container | | +| `lifecycleOperator.readinessProbe` | custom readinessprobe for manager container | | +| `lifecycleOperator.resources` | specify limits and requests for manager container | | ### Global diff --git a/lifecycle-operator/chart/doc.yaml b/lifecycle-operator/chart/doc.yaml index b49703e06b..dbbb2ea12c 100644 --- a/lifecycle-operator/chart/doc.yaml +++ b/lifecycle-operator/chart/doc.yaml @@ -1,40 +1,40 @@ # yamllint disable rule:line-length ## @section Keptn Scheduler -## @extra scheduler.scheduler.containerSecurityContext Sets security context -## @skip scheduler.scheduler.containerSecurityContext.allowPrivilegeEscalation -## @skip scheduler.scheduler.containerSecurityContext.capabilities.drop -## @skip scheduler.scheduler.containerSecurityContext.privileged -## @skip scheduler.scheduler.containerSecurityContext.readOnlyRootFilesystem -## @skip scheduler.scheduler.containerSecurityContext.runAsNonRoot -## @skip scheduler.scheduler.containerSecurityContext.runAsUser -## @skip scheduler.scheduler.containerSecurityContext.seccompProfile.type - -## @param scheduler.scheduler.env.otelCollectorUrl sets url for open telemetry collector - -## @param scheduler.scheduler.image.repository set image repository for scheduler -## @param scheduler.scheduler.image.tag set image tag for scheduler -## @param scheduler.scheduler.imagePullPolicy set image pull policy for scheduler - -## @extra scheduler.scheduler.livenessProbe customizable liveness probe for the scheduler -## @skip scheduler.scheduler.livenessProbe.httpGet.path -## @skip scheduler.scheduler.livenessProbe.httpGet.port -## @skip scheduler.scheduler.livenessProbe.httpGet.scheme -## @skip scheduler.scheduler.livenessProbe.initialDelaySeconds - -## @extra scheduler.scheduler.readinessProbe customizable readiness probe for the scheduler -## @skip scheduler.scheduler.readinessProbe.httpGet.path -## @skip scheduler.scheduler.readinessProbe.httpGet.port -## @skip scheduler.scheduler.readinessProbe.httpGet.scheme - -## @extra scheduler.scheduler.resources sets cpu and memory resurces/limits for scheduler -## @skip scheduler.scheduler.resources.limits.cpu -## @skip scheduler.scheduler.resources.limits.memory -## @skip scheduler.scheduler.resources.requests.cpu -## @skip scheduler.scheduler.resources.requests.memory - -## @param schedulerConfig.schedulerConfigYaml.leaderElection.leaderElect enables leader election for multiple replicas of the scheduler -## @param schedulerConfig.schedulerConfigYaml.profiles[0].plugins.permit.enabled[0].name enables permit plugin -## @param schedulerConfig.schedulerConfigYaml.profiles[0].schedulerName changes scheduler name +## @extra scheduler.containerSecurityContext Sets security context +## @skip scheduler.containerSecurityContext.allowPrivilegeEscalation +## @skip scheduler.containerSecurityContext.capabilities.drop +## @skip scheduler.containerSecurityContext.privileged +## @skip scheduler.containerSecurityContext.readOnlyRootFilesystem +## @skip scheduler.containerSecurityContext.runAsNonRoot +## @skip scheduler.containerSecurityContext.runAsUser +## @skip scheduler.containerSecurityContext.seccompProfile.type + +## @param scheduler.env.otelCollectorUrl sets url for open telemetry collector + +## @param scheduler.image.repository set image repository for scheduler +## @param scheduler.image.tag set image tag for scheduler +## @param scheduler.imagePullPolicy set image pull policy for scheduler + +## @extra scheduler.livenessProbe customizable liveness probe for the scheduler +## @skip scheduler.livenessProbe.httpGet.path +## @skip scheduler.livenessProbe.httpGet.port +## @skip scheduler.livenessProbe.httpGet.scheme +## @skip scheduler.livenessProbe.initialDelaySeconds + +## @extra scheduler.readinessProbe customizable readiness probe for the scheduler +## @skip scheduler.readinessProbe.httpGet.path +## @skip scheduler.readinessProbe.httpGet.port +## @skip scheduler.readinessProbe.httpGet.scheme + +## @extra scheduler.resources sets cpu and memory resurces/limits for scheduler +## @skip scheduler.resources.limits.cpu +## @skip scheduler.resources.limits.memory +## @skip scheduler.resources.requests.cpu +## @skip scheduler.resources.requests.memory + +## @param schedulerConfig.leaderElection.leaderElect enables leader election for multiple replicas of the scheduler +## @param schedulerConfig.profiles[0].plugins.permit.enabled[0].name enables permit plugin +## @param schedulerConfig.profiles[0].schedulerName changes scheduler name ## @param scheduler.nodeSelector adds node selectors for scheduler ## @param scheduler.replicas modifies replicas @@ -43,11 +43,11 @@ ## @section Keptn Lifecycle Operator common -## @param lifecycleManagerConfig.controllerManagerConfigYaml.health.healthProbeBindAddress setup on what address to start the default health handler -## @param lifecycleManagerConfig.controllerManagerConfigYaml.leaderElection.leaderElect enable leader election for multiple replicas of the lifecycle operator -## @param lifecycleManagerConfig.controllerManagerConfigYaml.leaderElection.resourceName define LeaderElectionID -## @param lifecycleManagerConfig.controllerManagerConfigYaml.metrics.bindAddress MetricsBindAddress is the TCP address that the controller should bind to for serving prometheus metrics. It can be set to "0" to disable the metrics serving. -## @param lifecycleManagerConfig.controllerManagerConfigYaml.webhook.port setup port for the lifecycle operator admission webhook +## @param lifecycleManagerConfig.health.healthProbeBindAddress setup on what address to start the default health handler +## @param lifecycleManagerConfig.leaderElection.leaderElect enable leader election for multiple replicas of the lifecycle operator +## @param lifecycleManagerConfig.leaderElection.resourceName define LeaderElectionID +## @param lifecycleManagerConfig.metrics.bindAddress MetricsBindAddress is the TCP address that the controller should bind to for serving prometheus metrics. It can be set to "0" to disable the metrics serving. +## @param lifecycleManagerConfig.webhook.port setup port for the lifecycle operator admission webhook ## @param lifecycleOperator.replicas customize number of installed lifecycle operator replicas @@ -69,50 +69,50 @@ ## @param lifecycleOperator.topologySpreadConstraints add custom topology constraints to lifecycle operator ## @section Keptn Lifecycle Operator controller -## @extra lifecycleOperator.manager.containerSecurityContext Sets security context privileges -## @param lifecycleOperator.manager.containerSecurityContext.allowPrivilegeEscalation -## @param lifecycleOperator.manager.containerSecurityContext.capabilities.drop -## @param lifecycleOperator.manager.containerSecurityContext.privileged -## @param lifecycleOperator.manager.containerSecurityContext.runAsGroup -## @param lifecycleOperator.manager.containerSecurityContext.runAsNonRoot -## @param lifecycleOperator.manager.containerSecurityContext.runAsUser -## @param lifecycleOperator.manager.containerSecurityContext.seccompProfile.type - -## @param lifecycleOperator.manager.env.keptnAppControllerLogLevel sets the log level of Keptn App Controller -## @param lifecycleOperator.manager.env.keptnAppCreationRequestControllerLogLevel sets the log level of Keptn App Creation Request Controller -## @param lifecycleOperator.manager.env.keptnAppVersionControllerLogLevel sets the log level of Keptn AppVersion Controller -## @param lifecycleOperator.manager.env.keptnEvaluationControllerLogLevel sets the log level of Keptn Evaluation Controller -## @param lifecycleOperator.manager.env.keptnTaskControllerLogLevel sets the log level of Keptn Task Controller -## @param lifecycleOperator.manager.env.keptnTaskDefinitionControllerLogLevel sets the log level of Keptn TaskDefinition Controller -## @param lifecycleOperator.manager.env.keptnWorkloadControllerLogLevel sets the log level of Keptn Workload Controller -## @param lifecycleOperator.manager.env.keptnWorkloadInstanceControllerLogLevel sets the log level of Keptn WorkloadInstance Controller -## @param lifecycleOperator.manager.env.optionsControllerLogLevel sets the log level of Keptn Options Controller - -## @param lifecycleOperator.manager.env.otelCollectorUrl Sets the URL for the open telemetry collector -## @param lifecycleOperator.manager.env.functionRunnerImage specify image for deno task runtime -## @param lifecycleOperator.manager.env.pythonRunnerImage specify image for python task runtime - -## @param lifecycleOperator.manager.image.repository specify registry for manager image -## @param lifecycleOperator.manager.image.tag select tag for manager image -## @param lifecycleOperator.manager.imagePullPolicy specify pull policy for manager image - -## @extra lifecycleOperator.manager.livenessProbe custom livenessprobe for manager container -## @skip lifecycleOperator.manager.livenessProbe.httpGet.path -## @skip lifecycleOperator.manager.livenessProbe.httpGet.port -## @skip lifecycleOperator.manager.livenessProbe.initialDelaySeconds -## @skip lifecycleOperator.manager.livenessProbe.periodSeconds - -## @extra lifecycleOperator.manager.readinessProbe custom readinessprobe for manager container -## @skip lifecycleOperator.manager.readinessProbe.httpGet.path -## @skip lifecycleOperator.manager.readinessProbe.httpGet.port -## @skip lifecycleOperator.manager.readinessProbe.initialDelaySeconds -## @skip lifecycleOperator.manager.readinessProbe.periodSeconds - -## @extra lifecycleOperator.manager.resources specify limits and requests for manager container -## @skip lifecycleOperator.manager.resources.limits.cpu -## @skip lifecycleOperator.manager.resources.limits.memory -## @skip lifecycleOperator.manager.resources.requests.cpu -## @skip lifecycleOperator.manager.resources.requests.memory +## @extra lifecycleOperator.containerSecurityContext Sets security context privileges +## @param lifecycleOperator.containerSecurityContext.allowPrivilegeEscalation +## @param lifecycleOperator.containerSecurityContext.capabilities.drop +## @param lifecycleOperator.containerSecurityContext.privileged +## @param lifecycleOperator.containerSecurityContext.runAsGroup +## @param lifecycleOperator.containerSecurityContext.runAsNonRoot +## @param lifecycleOperator.containerSecurityContext.runAsUser +## @param lifecycleOperator.containerSecurityContext.seccompProfile.type + +## @param lifecycleOperator.env.keptnAppControllerLogLevel sets the log level of Keptn App Controller +## @param lifecycleOperator.env.keptnAppCreationRequestControllerLogLevel sets the log level of Keptn App Creation Request Controller +## @param lifecycleOperator.env.keptnAppVersionControllerLogLevel sets the log level of Keptn AppVersion Controller +## @param lifecycleOperator.env.keptnEvaluationControllerLogLevel sets the log level of Keptn Evaluation Controller +## @param lifecycleOperator.env.keptnTaskControllerLogLevel sets the log level of Keptn Task Controller +## @param lifecycleOperator.env.keptnTaskDefinitionControllerLogLevel sets the log level of Keptn TaskDefinition Controller +## @param lifecycleOperator.env.keptnWorkloadControllerLogLevel sets the log level of Keptn Workload Controller +## @param lifecycleOperator.env.keptnWorkloadInstanceControllerLogLevel sets the log level of Keptn WorkloadInstance Controller +## @param lifecycleOperator.env.optionsControllerLogLevel sets the log level of Keptn Options Controller + +## @param lifecycleOperator.env.otelCollectorUrl Sets the URL for the open telemetry collector +## @param lifecycleOperator.env.functionRunnerImage specify image for deno task runtime +## @param lifecycleOperator.env.pythonRunnerImage specify image for python task runtime + +## @param lifecycleOperator.image.repository specify registry for manager image +## @param lifecycleOperator.image.tag select tag for manager image +## @param lifecycleOperator.imagePullPolicy specify pull policy for manager image + +## @extra lifecycleOperator.livenessProbe custom livenessprobe for manager container +## @skip lifecycleOperator.livenessProbe.httpGet.path +## @skip lifecycleOperator.livenessProbe.httpGet.port +## @skip lifecycleOperator.livenessProbe.initialDelaySeconds +## @skip lifecycleOperator.livenessProbe.periodSeconds + +## @extra lifecycleOperator.readinessProbe custom readinessprobe for manager container +## @skip lifecycleOperator.readinessProbe.httpGet.path +## @skip lifecycleOperator.readinessProbe.httpGet.port +## @skip lifecycleOperator.readinessProbe.initialDelaySeconds +## @skip lifecycleOperator.readinessProbe.periodSeconds + +## @extra lifecycleOperator.resources specify limits and requests for manager container +## @skip lifecycleOperator.resources.limits.cpu +## @skip lifecycleOperator.resources.limits.memory +## @skip lifecycleOperator.resources.requests.cpu +## @skip lifecycleOperator.resources.requests.memory ## @section Global ## Current available parameters: kubernetesClusterDomain, imagePullSecrets, schedulingGatesEnabled diff --git a/lifecycle-operator/chart/templates/deployment.yaml b/lifecycle-operator/chart/templates/deployment.yaml index 5d0bc2c745..1f0fe19c73 100644 --- a/lifecycle-operator/chart/templates/deployment.yaml +++ b/lifecycle-operator/chart/templates/deployment.yaml @@ -58,46 +58,46 @@ spec: fieldRef: fieldPath: metadata.name - name: FUNCTION_RUNNER_IMAGE - value: {{ .Values.lifecycleOperator.manager.env.functionRunnerImage | quote }} + value: {{ .Values.lifecycleOperator.env.functionRunnerImage | quote }} - name: PYTHON_RUNNER_IMAGE - value: {{ .Values.lifecycleOperator.manager.env.pythonRunnerImage | quote }} + value: {{ .Values.lifecycleOperator.env.pythonRunnerImage | quote }} - name: OTEL_COLLECTOR_URL - value: {{ .Values.lifecycleOperator.manager.env.otelCollectorUrl | quote }} + value: {{ .Values.lifecycleOperator.env.otelCollectorUrl | quote }} - name: KEPTN_APP_CONTROLLER_LOG_LEVEL - value: {{ .Values.lifecycleOperator.manager.env.keptnAppControllerLogLevel | quote + value: {{ .Values.lifecycleOperator.env.keptnAppControllerLogLevel | quote }} - name: KEPTN_APP_CREATION_REQUEST_CONTROLLER_LOG_LEVEL - value: {{ .Values.lifecycleOperator.manager.env.keptnAppCreationRequestControllerLogLevel + value: {{ .Values.lifecycleOperator.env.keptnAppCreationRequestControllerLogLevel | quote }} - name: KEPTN_APP_VERSION_CONTROLLER_LOG_LEVEL - value: {{ .Values.lifecycleOperator.manager.env.keptnAppVersionControllerLogLevel + value: {{ .Values.lifecycleOperator.env.keptnAppVersionControllerLogLevel | quote }} - name: KEPTN_EVALUATION_CONTROLLER_LOG_LEVEL - value: {{ .Values.lifecycleOperator.manager.env.keptnEvaluationControllerLogLevel + value: {{ .Values.lifecycleOperator.env.keptnEvaluationControllerLogLevel | quote }} - name: KEPTN_TASK_CONTROLLER_LOG_LEVEL - value: {{ .Values.lifecycleOperator.manager.env.keptnTaskControllerLogLevel | quote + value: {{ .Values.lifecycleOperator.env.keptnTaskControllerLogLevel | quote }} - name: KEPTN_TASK_DEFINITION_CONTROLLER_LOG_LEVEL - value: {{ .Values.lifecycleOperator.manager.env.keptnTaskDefinitionControllerLogLevel + value: {{ .Values.lifecycleOperator.env.keptnTaskDefinitionControllerLogLevel | quote }} - name: KEPTN_WORKLOAD_CONTROLLER_LOG_LEVEL - value: {{ .Values.lifecycleOperator.manager.env.keptnWorkloadControllerLogLevel + value: {{ .Values.lifecycleOperator.env.keptnWorkloadControllerLogLevel | quote }} - name: KEPTN_WORKLOAD_INSTANCE_CONTROLLER_LOG_LEVEL - value: {{ .Values.lifecycleOperator.manager.env.keptnWorkloadInstanceControllerLogLevel + value: {{ .Values.lifecycleOperator.env.keptnWorkloadInstanceControllerLogLevel | quote }} - name: OPTIONS_CONTROLLER_LOG_LEVEL - value: {{ .Values.lifecycleOperator.manager.env.optionsControllerLogLevel | quote + value: {{ .Values.lifecycleOperator.env.optionsControllerLogLevel | quote }} - name: SCHEDULING_GATES_ENABLED value: {{ .Values.schedulingGatesEnabled | quote }} - name: KUBERNETES_CLUSTER_DOMAIN value: {{ .Values.kubernetesClusterDomain }} - image: {{ .Values.lifecycleOperator.manager.image.repository }}:{{ .Values.lifecycleOperator.manager.image.tag + image: {{ .Values.lifecycleOperator.image.repository }}:{{ .Values.lifecycleOperator.image.tag | default .Chart.AppVersion }} - imagePullPolicy: {{ .Values.lifecycleOperator.manager.imagePullPolicy }} + imagePullPolicy: {{ .Values.lifecycleOperator.imagePullPolicy }} name: manager ports: - containerPort: 9443 @@ -106,29 +106,29 @@ spec: - containerPort: 2222 name: metrics protocol: TCP - resources: {{- toYaml .Values.lifecycleOperator.manager.resources | nindent 10 }} + resources: {{- toYaml .Values.lifecycleOperator.resources | nindent 10 }} securityContext: - allowPrivilegeEscalation: {{ .Values.lifecycleOperator.manager.containerSecurityContext.allowPrivilegeEscalation + allowPrivilegeEscalation: {{ .Values.lifecycleOperator.containerSecurityContext.allowPrivilegeEscalation }} - capabilities: {{- include "tplvalues.render" (dict "value" .Values.lifecycleOperator.manager.containerSecurityContext.capabilities + capabilities: {{- include "tplvalues.render" (dict "value" .Values.lifecycleOperator.containerSecurityContext.capabilities "context" $) | nindent 12 }} - privileged: {{ .Values.lifecycleOperator.manager.containerSecurityContext.privileged + privileged: {{ .Values.lifecycleOperator.containerSecurityContext.privileged }} - runAsGroup: {{ .Values.lifecycleOperator.manager.containerSecurityContext.runAsGroup + runAsGroup: {{ .Values.lifecycleOperator.containerSecurityContext.runAsGroup }} - runAsNonRoot: {{ .Values.lifecycleOperator.manager.containerSecurityContext.runAsNonRoot + runAsNonRoot: {{ .Values.lifecycleOperator.containerSecurityContext.runAsNonRoot }} - runAsUser: {{ .Values.lifecycleOperator.manager.containerSecurityContext.runAsUser + runAsUser: {{ .Values.lifecycleOperator.containerSecurityContext.runAsUser }} - seccompProfile: {{- include "tplvalues.render" (dict "value" .Values.lifecycleOperator.manager.containerSecurityContext.seccompProfile + seccompProfile: {{- include "tplvalues.render" (dict "value" .Values.lifecycleOperator.containerSecurityContext.seccompProfile "context" $) | nindent 12 }} volumeMounts: - mountPath: /tmp/k8s-webhook-server/serving-certs/ name: certs-dir - mountPath: /tmp/metrics-adapter/serving-certs name: adapter-certs-dir - {{- if .Values.lifecycleOperator.manager.livenessProbe }} - livenessProbe: {{- include "tplvalues.render" (dict "value" .Values.lifecycleOperator.manager.livenessProbe "context" $) | nindent 10 }} + {{- if .Values.lifecycleOperator.livenessProbe }} + livenessProbe: {{- include "tplvalues.render" (dict "value" .Values.lifecycleOperator.livenessProbe "context" $) | nindent 10 }} {{- else }} livenessProbe: httpGet: @@ -137,8 +137,8 @@ spec: initialDelaySeconds: 15 periodSeconds: 20 {{- end }} - {{- if .Values.lifecycleOperator.manager.readinessProbe }} - readinessProbe: {{- include "tplvalues.render" (dict "value" .Values.lifecycleOperator.manager.readinessProbe "context" $) | nindent 10 }} + {{- if .Values.lifecycleOperator.readinessProbe }} + readinessProbe: {{- include "tplvalues.render" (dict "value" .Values.lifecycleOperator.readinessProbe "context" $) | nindent 10 }} {{- else }} readinessProbe: httpGet: @@ -195,34 +195,34 @@ spec: - --config=/etc/kubernetes/scheduler-config.yaml env: - name: OTEL_COLLECTOR_URL - value: {{ .Values.scheduler.scheduler.env.otelCollectorUrl | quote }} + value: {{ .Values.scheduler.env.otelCollectorUrl | quote }} - name: KUBERNETES_CLUSTER_DOMAIN value: {{ .Values.kubernetesClusterDomain }} - image: {{ .Values.scheduler.scheduler.image.repository }}:{{ .Values.scheduler.scheduler.image.tag + image: {{ .Values.scheduler.image.repository }}:{{ .Values.scheduler.image.tag | default .Chart.AppVersion }} - imagePullPolicy: {{ .Values.scheduler.scheduler.imagePullPolicy }} + imagePullPolicy: {{ .Values.scheduler.imagePullPolicy }} name: scheduler - resources: {{- toYaml .Values.scheduler.scheduler.resources | nindent 10 }} + resources: {{- toYaml .Values.scheduler.resources | nindent 10 }} securityContext: - allowPrivilegeEscalation: {{ .Values.scheduler.scheduler.containerSecurityContext.allowPrivilegeEscalation + allowPrivilegeEscalation: {{ .Values.scheduler.containerSecurityContext.allowPrivilegeEscalation }} - capabilities: {{- include "tplvalues.render" (dict "value" .Values.scheduler.scheduler.containerSecurityContext.capabilities + capabilities: {{- include "tplvalues.render" (dict "value" .Values.scheduler.containerSecurityContext.capabilities "context" $) | nindent 12 }} - privileged: {{ .Values.scheduler.scheduler.containerSecurityContext.privileged + privileged: {{ .Values.scheduler.containerSecurityContext.privileged }} - readOnlyRootFilesystem: {{ .Values.scheduler.scheduler.containerSecurityContext.readOnlyRootFilesystem + readOnlyRootFilesystem: {{ .Values.scheduler.containerSecurityContext.readOnlyRootFilesystem }} - runAsNonRoot: {{ .Values.scheduler.scheduler.containerSecurityContext.runAsNonRoot + runAsNonRoot: {{ .Values.scheduler.containerSecurityContext.runAsNonRoot }} - runAsUser: {{ .Values.scheduler.scheduler.containerSecurityContext.runAsUser }} - seccompProfile: {{- include "tplvalues.render" (dict "value" .Values.scheduler.scheduler.containerSecurityContext.seccompProfile + runAsUser: {{ .Values.scheduler.containerSecurityContext.runAsUser }} + seccompProfile: {{- include "tplvalues.render" (dict "value" .Values.scheduler.containerSecurityContext.seccompProfile "context" $) | nindent 12 }} volumeMounts: - mountPath: /etc/kubernetes name: scheduler-config readOnly: true - {{- if .Values.scheduler.scheduler.livenessProbe }} - livenessProbe: {{- include "tplvalues.render" (dict "value" .Values.scheduler.scheduler.livenessProbe "context" $) | nindent 10 }} + {{- if .Values.scheduler.livenessProbe }} + livenessProbe: {{- include "tplvalues.render" (dict "value" .Values.scheduler.livenessProbe "context" $) | nindent 10 }} {{- else }} livenessProbe: httpGet: @@ -231,8 +231,8 @@ spec: scheme: HTTPS initialDelaySeconds: 15 {{- end }} - {{- if .Values.scheduler.scheduler.readinessProbe }} - readinessProbe: {{- include "tplvalues.render" (dict "value" .Values.scheduler.scheduler.readinessProbe "context" $) | nindent 10 }} + {{- if .Values.scheduler.readinessProbe }} + readinessProbe: {{- include "tplvalues.render" (dict "value" .Values.scheduler.readinessProbe "context" $) | nindent 10 }} {{- else }} readinessProbe: httpGet: diff --git a/lifecycle-operator/chart/templates/lifecycle-manager-config.yaml b/lifecycle-operator/chart/templates/lifecycle-manager-config.yaml index cd6362d7d6..9419e18e32 100644 --- a/lifecycle-operator/chart/templates/lifecycle-manager-config.yaml +++ b/lifecycle-operator/chart/templates/lifecycle-manager-config.yaml @@ -9,17 +9,17 @@ data: controller_manager_config.yaml: | apiVersion: controller-runtime.sigs.k8s.io/v1alpha1 health: - healthProbeBindAddress: {{ .Values.lifecycleManagerConfig.controllerManagerConfigYaml.health.healthProbeBindAddress + healthProbeBindAddress: {{ .Values.lifecycleManagerConfig.health.healthProbeBindAddress | quote }} kind: ControllerManagerConfig leaderElection: - leaderElect: {{ .Values.lifecycleManagerConfig.controllerManagerConfigYaml.leaderElection.leaderElect + leaderElect: {{ .Values.lifecycleManagerConfig.leaderElection.leaderElect }} - resourceName: {{ .Values.lifecycleManagerConfig.controllerManagerConfigYaml.leaderElection.resourceName + resourceName: {{ .Values.lifecycleManagerConfig.leaderElection.resourceName | quote }} metrics: - bindAddress: {{ .Values.lifecycleManagerConfig.controllerManagerConfigYaml.metrics.bindAddress + bindAddress: {{ .Values.lifecycleManagerConfig.metrics.bindAddress | quote }} webhook: - port: {{ .Values.lifecycleManagerConfig.controllerManagerConfigYaml.webhook.port + port: {{ .Values.lifecycleManagerConfig.webhook.port }} \ No newline at end of file diff --git a/lifecycle-operator/chart/templates/scheduler-config.yaml b/lifecycle-operator/chart/templates/scheduler-config.yaml index 978b4391f8..c08f483792 100644 --- a/lifecycle-operator/chart/templates/scheduler-config.yaml +++ b/lifecycle-operator/chart/templates/scheduler-config.yaml @@ -11,8 +11,8 @@ data: apiVersion: kubescheduler.config.k8s.io/v1beta3 kind: KubeSchedulerConfiguration leaderElection: - leaderElect: {{ .Values.schedulerConfig.schedulerConfigYaml.leaderElection.leaderElect + leaderElect: {{ .Values.schedulerConfig.leaderElection.leaderElect }} - profiles: {{ toYaml .Values.schedulerConfig.schedulerConfigYaml.profiles | nindent + profiles: {{ toYaml .Values.schedulerConfig.profiles | nindent 6 }} {{- end }} \ No newline at end of file diff --git a/lifecycle-operator/chart/values.yaml b/lifecycle-operator/chart/values.yaml index ee181ba09b..db25d08290 100644 --- a/lifecycle-operator/chart/values.yaml +++ b/lifecycle-operator/chart/values.yaml @@ -2,65 +2,63 @@ imagePullSecrets: [] kubernetesClusterDomain: cluster.local schedulingGatesEnabled: false lifecycleManagerConfig: - controllerManagerConfigYaml: - health: - healthProbeBindAddress: :8081 - leaderElection: - leaderElect: true - resourceName: 6b866dd9.keptn.sh - metrics: - bindAddress: 127.0.0.1:8080 - webhook: - port: 9443 + health: + healthProbeBindAddress: :8081 + leaderElection: + leaderElect: true + resourceName: 6b866dd9.keptn.sh + metrics: + bindAddress: 127.0.0.1:8080 + webhook: + port: 9443 lifecycleOperator: - manager: - containerSecurityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - privileged: false - runAsGroup: 65532 - runAsNonRoot: true - runAsUser: 65532 - seccompProfile: - type: RuntimeDefault - env: - functionRunnerImage: ghcr.io/keptn/deno-runtime:v1.0.1 - keptnAppControllerLogLevel: "0" - keptnAppCreationRequestControllerLogLevel: "0" - keptnAppVersionControllerLogLevel: "0" - keptnEvaluationControllerLogLevel: "0" - keptnTaskControllerLogLevel: "0" - keptnTaskDefinitionControllerLogLevel: "0" - keptnWorkloadControllerLogLevel: "0" - keptnWorkloadInstanceControllerLogLevel: "0" - optionsControllerLogLevel: "0" - otelCollectorUrl: otel-collector:4317 - pythonRunnerImage: ghcr.io/keptn/python-runtime:v1.0.0 - image: - repository: ghcr.io/keptn/lifecycle-operator - tag: v0.8.2 - imagePullPolicy: Always - livenessProbe: - httpGet: - path: /healthz - port: 8081 - initialDelaySeconds: 15 - periodSeconds: 20 - readinessProbe: - httpGet: - path: /readyz - port: 8081 - initialDelaySeconds: 5 - periodSeconds: 10 - resources: - limits: - cpu: 500m - memory: 128Mi - requests: - cpu: 5m - memory: 64Mi + containerSecurityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + privileged: false + runAsGroup: 65532 + runAsNonRoot: true + runAsUser: 65532 + seccompProfile: + type: RuntimeDefault + env: + functionRunnerImage: ghcr.io/keptn/deno-runtime:v1.0.1 + keptnAppControllerLogLevel: "0" + keptnAppCreationRequestControllerLogLevel: "0" + keptnAppVersionControllerLogLevel: "0" + keptnEvaluationControllerLogLevel: "0" + keptnTaskControllerLogLevel: "0" + keptnTaskDefinitionControllerLogLevel: "0" + keptnWorkloadControllerLogLevel: "0" + keptnWorkloadInstanceControllerLogLevel: "0" + optionsControllerLogLevel: "0" + otelCollectorUrl: otel-collector:4317 + pythonRunnerImage: ghcr.io/keptn/python-runtime:v1.0.0 + image: + repository: ghcr.io/keptn/lifecycle-operator + tag: v0.8.2 + imagePullPolicy: Always + livenessProbe: + httpGet: + path: /healthz + port: 8081 + initialDelaySeconds: 15 + periodSeconds: 20 + readinessProbe: + httpGet: + path: /readyz + port: 8081 + initialDelaySeconds: 5 + periodSeconds: 10 + resources: + limits: + cpu: 500m + memory: 128Mi + requests: + cpu: 5m + memory: 64Mi nodeSelector: {} replicas: 1 tolerations: [] @@ -81,51 +79,49 @@ lifecycleWebhookService: scheduler: nodeSelector: {} replicas: 1 - scheduler: - containerSecurityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - privileged: false - readOnlyRootFilesystem: true - runAsNonRoot: true - runAsUser: 65532 - seccompProfile: - type: RuntimeDefault - env: - otelCollectorUrl: otel-collector:4317 - image: - repository: ghcr.io/keptn/scheduler - tag: v0.8.2 - imagePullPolicy: Always - livenessProbe: - httpGet: - path: /healthz - port: 10259 - scheme: HTTPS - initialDelaySeconds: 15 - readinessProbe: - httpGet: - path: /healthz - port: 10259 - scheme: HTTPS - resources: - limits: - cpu: 300m - memory: 100Mi - requests: - cpu: 100m - memory: 20Mi + containerSecurityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + privileged: false + readOnlyRootFilesystem: true + runAsNonRoot: true + runAsUser: 65532 + seccompProfile: + type: RuntimeDefault + env: + otelCollectorUrl: otel-collector:4317 + image: + repository: ghcr.io/keptn/scheduler + tag: v0.8.2 + imagePullPolicy: Always + livenessProbe: + httpGet: + path: /healthz + port: 10259 + scheme: HTTPS + initialDelaySeconds: 15 + readinessProbe: + httpGet: + path: /healthz + port: 10259 + scheme: HTTPS + resources: + limits: + cpu: 300m + memory: 100Mi + requests: + cpu: 100m + memory: 20Mi tolerations: [] topologySpreadConstraints: [] schedulerConfig: - schedulerConfigYaml: - leaderElection: - leaderElect: false - profiles: - - plugins: - permit: - enabled: - - name: KLCPermit - schedulerName: keptn-scheduler + leaderElection: + leaderElect: false + profiles: + - plugins: + permit: + enabled: + - name: KLCPermit + schedulerName: keptn-scheduler