diff --git a/.github/actions/deploy-keptn-on-cluster/values/values-integration-allowed-namespaces.yaml b/.github/actions/deploy-keptn-on-cluster/values/values-integration-allowed-namespaces.yaml index 050a9f6f52..4b6bf8df08 100644 --- a/.github/actions/deploy-keptn-on-cluster/values/values-integration-allowed-namespaces.yaml +++ b/.github/actions/deploy-keptn-on-cluster/values/values-integration-allowed-namespaces.yaml @@ -10,11 +10,10 @@ metricsOperator: enabled: false lifecycleOperator: - lifecycleOperator: - imagePullPolicy: Never - image: - tag: $TAG - env: - functionRunnerImage: localhost:5000/keptn/deno-runtime:$TAG - pythonRunnerImage: localhost:5000/keptn/python-runtime:$TAG + imagePullPolicy: Never + image: + tag: $TAG + env: + functionRunnerImage: localhost:5000/keptn/deno-runtime:$TAG + pythonRunnerImage: localhost:5000/keptn/python-runtime:$TAG allowedNamespaces: [allowed-ns-test] diff --git a/.github/actions/deploy-keptn-on-cluster/values/values-integration-cert-manager.yaml b/.github/actions/deploy-keptn-on-cluster/values/values-integration-cert-manager.yaml index 1e19f48579..8a6dd831b7 100644 --- a/.github/actions/deploy-keptn-on-cluster/values/values-integration-cert-manager.yaml +++ b/.github/actions/deploy-keptn-on-cluster/values/values-integration-cert-manager.yaml @@ -10,10 +10,9 @@ metricsOperator: enabled: false lifecycleOperator: - lifecycleOperator: - imagePullPolicy: Never - image: - tag: $TAG - env: - functionRunnerImage: localhost:5000/keptn/deno-runtime:$TAG - pythonRunnerImage: localhost:5000/keptn/python-runtime:$TAG + imagePullPolicy: Never + image: + tag: $TAG + env: + functionRunnerImage: localhost:5000/keptn/deno-runtime:$TAG + pythonRunnerImage: localhost:5000/keptn/python-runtime:$TAG diff --git a/.github/actions/deploy-keptn-on-cluster/values/values-integration-cert_manager_io_off.yaml b/.github/actions/deploy-keptn-on-cluster/values/values-integration-cert_manager_io_off.yaml index 74a9994450..9d7033a607 100644 --- a/.github/actions/deploy-keptn-on-cluster/values/values-integration-cert_manager_io_off.yaml +++ b/.github/actions/deploy-keptn-on-cluster/values/values-integration-cert_manager_io_off.yaml @@ -13,10 +13,9 @@ metricsOperator: lifecycleOperator: promotionTasksEnabled: true - lifecycleOperator: - imagePullPolicy: Never - image: - tag: $TAG - env: - functionRunnerImage: localhost:5000/keptn/deno-runtime:$TAG - pythonRunnerImage: localhost:5000/keptn/python-runtime:$TAG + imagePullPolicy: Never + image: + tag: $TAG + env: + functionRunnerImage: localhost:5000/keptn/deno-runtime:$TAG + pythonRunnerImage: localhost:5000/keptn/python-runtime:$TAG diff --git a/.github/actions/deploy-keptn-on-cluster/values/values-integration-cert_manager_io_on.yaml b/.github/actions/deploy-keptn-on-cluster/values/values-integration-cert_manager_io_on.yaml index d8b3772155..17750ebe1b 100644 --- a/.github/actions/deploy-keptn-on-cluster/values/values-integration-cert_manager_io_on.yaml +++ b/.github/actions/deploy-keptn-on-cluster/values/values-integration-cert_manager_io_on.yaml @@ -11,10 +11,9 @@ metricsOperator: lifecycleOperator: promotionTasksEnabled: true - lifecycleOperator: - imagePullPolicy: Never - image: - tag: $TAG - env: - functionRunnerImage: localhost:5000/keptn/deno-runtime:$TAG - pythonRunnerImage: localhost:5000/keptn/python-runtime:$TAG + imagePullPolicy: Never + image: + tag: $TAG + env: + functionRunnerImage: localhost:5000/keptn/deno-runtime:$TAG + pythonRunnerImage: localhost:5000/keptn/python-runtime:$TAG diff --git a/.github/actions/deploy-keptn-on-cluster/values/values-integration-lifecycle.yaml b/.github/actions/deploy-keptn-on-cluster/values/values-integration-lifecycle.yaml index 35d527110c..74b27eab46 100644 --- a/.github/actions/deploy-keptn-on-cluster/values/values-integration-lifecycle.yaml +++ b/.github/actions/deploy-keptn-on-cluster/values/values-integration-lifecycle.yaml @@ -11,10 +11,9 @@ metricsOperator: lifecycleOperator: promotionTasksEnabled: true - lifecycleOperator: - imagePullPolicy: Never - image: - tag: $TAG - env: - functionRunnerImage: localhost:5000/keptn/deno-runtime:$TAG - pythonRunnerImage: localhost:5000/keptn/python-runtime:$TAG + imagePullPolicy: Never + image: + tag: $TAG + env: + functionRunnerImage: localhost:5000/keptn/deno-runtime:$TAG + pythonRunnerImage: localhost:5000/keptn/python-runtime:$TAG diff --git a/.github/actions/deploy-keptn-on-cluster/values/values.yaml b/.github/actions/deploy-keptn-on-cluster/values/values.yaml index f9bce607d1..50c978d19d 100644 --- a/.github/actions/deploy-keptn-on-cluster/values/values.yaml +++ b/.github/actions/deploy-keptn-on-cluster/values/values.yaml @@ -12,10 +12,9 @@ metricsOperator: lifecycleOperator: promotionTasksEnabled: true - lifecycleOperator: - imagePullPolicy: Never - image: - tag: $TAG - env: - functionRunnerImage: localhost:5000/keptn/deno-runtime:$TAG - pythonRunnerImage: localhost:5000/keptn/python-runtime:$TAG + imagePullPolicy: Never + image: + tag: $TAG + env: + functionRunnerImage: localhost:5000/keptn/deno-runtime:$TAG + pythonRunnerImage: localhost:5000/keptn/python-runtime:$TAG diff --git a/.github/scripts/.helm-tests/default/values.yaml b/.github/scripts/.helm-tests/default/values.yaml index 95331bdd3b..6d02007ac9 100644 --- a/.github/scripts/.helm-tests/default/values.yaml +++ b/.github/scripts/.helm-tests/default/values.yaml @@ -3,10 +3,9 @@ certManager: tag: v0.0.0 lifecycleOperator: enabled: true - lifecycleOperator: - image: - tag: v0.0.0 - imagePullPolicy: Never + image: + tag: v0.0.0 + imagePullPolicy: Never metricsOperator: enabled: true image: diff --git a/.github/scripts/.helm-tests/lifecycle-only/values.yaml b/.github/scripts/.helm-tests/lifecycle-only/values.yaml index dc7b03c573..d01ead3ad8 100644 --- a/.github/scripts/.helm-tests/lifecycle-only/values.yaml +++ b/.github/scripts/.helm-tests/lifecycle-only/values.yaml @@ -4,12 +4,11 @@ global: lifecycleOperator: enabled: true promotionTasksEnabled: true - lifecycleOperator: - image: - repository: busybox - tag: 1.37 - imagePullPolicy: Always - hostNetwork: true + image: + repository: busybox + tag: 1.37 + imagePullPolicy: Always + hostNetwork: true deniedNamespaces: ["foo", "bar"] metricsOperator: diff --git a/.github/scripts/.helm-tests/lifecycle-with-certs/values.yaml b/.github/scripts/.helm-tests/lifecycle-with-certs/values.yaml index d71ffc7844..a580a2db90 100644 --- a/.github/scripts/.helm-tests/lifecycle-with-certs/values.yaml +++ b/.github/scripts/.helm-tests/lifecycle-with-certs/values.yaml @@ -3,9 +3,8 @@ certManager: tag: v0.0.0 lifecycleOperator: enabled: true - lifecycleOperator: - image: - tag: v0.0.0 - imagePullPolicy: Never + image: + tag: v0.0.0 + imagePullPolicy: Never metricsOperator: enabled: false diff --git a/.github/scripts/.helm-tests/local-global-precedence/values.yaml b/.github/scripts/.helm-tests/local-global-precedence/values.yaml index 7b4b8a77a8..4bfb18c7f3 100644 --- a/.github/scripts/.helm-tests/local-global-precedence/values.yaml +++ b/.github/scripts/.helm-tests/local-global-precedence/values.yaml @@ -1,10 +1,9 @@ lifecycleOperator: annotations: test-annotation: "local" # will be used - lifecycleOperator: - image: - registry: "local-registry.io" # will be used - imagePullPolicy: Never # will be used + image: + registry: "local-registry.io" # will be used + imagePullPolicy: Never # will be used metricsOperator: annotations: test-annotation: "local" # will be used diff --git a/docs/blog/posts/keptn-helm-umbrella-charts/values.yaml b/docs/blog/posts/keptn-helm-umbrella-charts/values.yaml index f4513cae2a..5a9a9e7307 100644 --- a/docs/blog/posts/keptn-helm-umbrella-charts/values.yaml +++ b/docs/blog/posts/keptn-helm-umbrella-charts/values.yaml @@ -6,7 +6,8 @@ certManager: lifecycleOperator: enabled: false # installation of lifecycle-operator is disabled - metricsOperator: + +metricsOperator: replicas: 3 # installing 3 replicas of metrics-operator annotations: # setting custom annotations for metrics-operator myMetricsKey: metricsValue1 diff --git a/lifecycle-operator/chart/README.md b/lifecycle-operator/chart/README.md index 97430f7c93..271cc4e67a 100644 --- a/lifecycle-operator/chart/README.md +++ b/lifecycle-operator/chart/README.md @@ -11,64 +11,59 @@ and application health checks ### Global parameters -| Name | Description | Value | -| ------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------- | -| `global.certManagerEnabled` | Enable this value to install Keptn Certificate Manager | `true` | -| `global.imageRegistry` | Global container image registry | `ghcr.io` | -| `global.imagePullSecrets` | Global Docker registry secret names as an array | `[]` | -| `global.imagePullPolicy` | select global image pull policy | `""` | -| `global.commonLabels` | Common labels to add to all Keptn resources. Evaluated as a template | `{}` | -| `global.commonAnnotations` | Common annotations to add to all Keptn resources. Evaluated as a template | `{}` | -| `global.caInjectionAnnotations` | CA injection annotations for cert-manager.io configuration | `{}` | -| `global.openShift.enabled` | Enable this value to install on Openshift | `false` | -| `lifecycleOperatorConfig.health.healthProbeBindAddress` | setup on what address to start the default health handler | `:8081` | -| `lifecycleOperatorConfig.leaderElection.leaderElect` | enable leader election for multiple replicas of the lifecycle operator | `true` | -| `lifecycleOperatorConfig.leaderElection.resourceName` | define LeaderElectionID | `6b866dd9.keptn.sh` | -| `lifecycleOperatorConfig.metrics.bindAddress` | MetricsBindAddress is the TCP address that the controller should bind to for serving prometheus metrics. It can be set to "0" to disable the metrics serving. | `127.0.0.1:8080` | -| `lifecycleOperatorConfig.webhook.port` | setup port for the lifecycle operator admission webhook | `9443` | -| `lifecycleWebhookService` | Mutating Webhook Configurations for lifecycle Operator | | -| `lifecycleWebhookService.ports[0].port` | | `443` | -| `lifecycleWebhookService.ports[0].protocol` | | `TCP` | -| `lifecycleWebhookService.ports[0].targetPort` | | `9443` | -| `lifecycleWebhookService.type` | | `ClusterIP` | - -### Keptn Lifecycle Operator controller - -| Name | Description | Value | -| --------------------------------------------------------------------- | ------------------------------------------------------------------------------ | ------------------------------------- | -| `lifecycleOperator.containerSecurityContext` | Sets security context privileges | | -| `lifecycleOperator.containerSecurityContext.allowPrivilegeEscalation` | | `false` | -| `lifecycleOperator.containerSecurityContext.capabilities.drop` | | `["ALL"]` | -| `lifecycleOperator.containerSecurityContext.privileged` | | `false` | -| `lifecycleOperator.containerSecurityContext.runAsGroup` | | `65532` | -| `lifecycleOperator.containerSecurityContext.runAsNonRoot` | | `true` | -| `lifecycleOperator.containerSecurityContext.runAsUser` | | `65532` | -| `lifecycleOperator.containerSecurityContext.seccompProfile.type` | | `RuntimeDefault` | -| `lifecycleOperator.env.functionRunnerImage` | specify image for deno task runtime | `ghcr.io/keptn/deno-runtime:v3.0.1` | -| `lifecycleOperator.env.keptnAppControllerLogLevel` | sets the log level of Keptn App Controller | `0` | -| `lifecycleOperator.env.keptnAppCreationRequestControllerLogLevel` | sets the log level of Keptn App Creation Request Controller | `0` | -| `lifecycleOperator.env.keptnAppVersionControllerLogLevel` | sets the log level of Keptn AppVersion Controller | `0` | -| `lifecycleOperator.env.keptnEvaluationControllerLogLevel` | sets the log level of Keptn Evaluation Controller | `0` | -| `lifecycleOperator.env.keptnTaskControllerLogLevel` | sets the log level of Keptn Task Controller | `0` | -| `lifecycleOperator.env.keptnTaskDefinitionControllerLogLevel` | sets the log level of Keptn TaskDefinition Controller | `0` | -| `lifecycleOperator.env.keptnWorkloadControllerLogLevel` | sets the log level of Keptn Workload Controller | `0` | -| `lifecycleOperator.env.keptnWorkloadVersionControllerLogLevel` | sets the log level of Keptn WorkloadVersion Controller | `0` | -| `lifecycleOperator.env.keptnDoraMetricsPort` | sets the port for accessing lifecycle metrics in prometheus format | `2222` | -| `lifecycleOperator.env.optionsControllerLogLevel` | sets the log level of Keptn Options Controller | `0` | -| `lifecycleOperator.env.pythonRunnerImage` | specify image for python task runtime | `ghcr.io/keptn/python-runtime:v1.0.8` | -| `lifecycleOperator.image.registry` | specify the container registry for the lifecycle-operator image | `""` | -| `lifecycleOperator.image.repository` | specify registry for manager image | `keptn/lifecycle-operator` | -| `lifecycleOperator.image.tag` | select tag for manager image | `v2.0.0` | -| `lifecycleOperator.image.imagePullPolicy` | specify pull policy for the manager image. This overrides global values | `""` | -| `lifecycleOperator.livenessProbe` | custom liveness probe for manager container | | -| `lifecycleOperator.readinessProbe` | custom readinessprobe for manager container | | -| `lifecycleOperator.resources` | specify limits and requests for manager container | | -| `lifecycleOperator.nodeSelector` | add custom nodes selector to lifecycle operator | `{}` | -| `lifecycleOperator.replicas` | customize number of installed lifecycle operator replicas | `1` | -| `lifecycleOperator.tolerations` | add custom tolerations to lifecycle operator | `[]` | -| `lifecycleOperator.topologySpreadConstraints` | add custom topology constraints to lifecycle operator | `[]` | -| `lifecycleOperator.hostNetwork` | Sets hostNetwork option for lifecycle operator | `false` | -| `lifecycleOperatorMetricsService` | Adjust settings here to change the k8s service for scraping Prometheus metrics | | +| Name | Description | Value | +| --------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------- | +| `global.certManagerEnabled` | Enable this value to install Keptn Certificate Manager | `true` | +| `global.imageRegistry` | Global container image registry | `ghcr.io` | +| `global.imagePullSecrets` | Global Docker registry secret names as an array | `[]` | +| `global.imagePullPolicy` | select global image pull policy | `""` | +| `global.commonLabels` | Common labels to add to all Keptn resources. Evaluated as a template | `{}` | +| `global.commonAnnotations` | Common annotations to add to all Keptn resources. Evaluated as a template | `{}` | +| `global.caInjectionAnnotations` | CA injection annotations for cert-manager.io configuration | `{}` | +| `global.openShift.enabled` | Enable this value to install on Openshift | `false` | +| `config.health.healthProbeBindAddress` | setup on what address to start the default health handler | `:8081` | +| `config.leaderElection.leaderElect` | enable leader election for multiple replicas of the lifecycle operator | `true` | +| `config.leaderElection.resourceName` | define LeaderElectionID | `6b866dd9.keptn.sh` | +| `config.metrics.bindAddress` | MetricsBindAddress is the TCP address that the controller should bind to for serving prometheus metrics. It can be set to "0" to disable the metrics serving. | `127.0.0.1:8080` | +| `config.webhook.port` | setup port for the lifecycle operator admission webhook | `9443` | +| `webhookService` | Mutating Webhook Configurations for lifecycle Operator | | +| `webhookService.ports[0].port` | | `443` | +| `webhookService.ports[0].protocol` | | `TCP` | +| `webhookService.ports[0].targetPort` | | `9443` | +| `webhookService.type` | | `ClusterIP` | +| `containerSecurityContext` | Sets security context privileges | | +| `containerSecurityContext.allowPrivilegeEscalation` | | `false` | +| `containerSecurityContext.capabilities.drop` | | `["ALL"]` | +| `containerSecurityContext.privileged` | | `false` | +| `containerSecurityContext.runAsGroup` | | `65532` | +| `containerSecurityContext.runAsNonRoot` | | `true` | +| `containerSecurityContext.runAsUser` | | `65532` | +| `containerSecurityContext.seccompProfile.type` | | `RuntimeDefault` | +| `env.functionRunnerImage` | specify image for deno task runtime | `ghcr.io/keptn/deno-runtime:v3.0.1` | +| `env.keptnAppControllerLogLevel` | sets the log level of Keptn App Controller | `0` | +| `env.keptnAppCreationRequestControllerLogLevel` | sets the log level of Keptn App Creation Request Controller | `0` | +| `env.keptnAppVersionControllerLogLevel` | sets the log level of Keptn AppVersion Controller | `0` | +| `env.keptnEvaluationControllerLogLevel` | sets the log level of Keptn Evaluation Controller | `0` | +| `env.keptnTaskControllerLogLevel` | sets the log level of Keptn Task Controller | `0` | +| `env.keptnTaskDefinitionControllerLogLevel` | sets the log level of Keptn TaskDefinition Controller | `0` | +| `env.keptnWorkloadControllerLogLevel` | sets the log level of Keptn Workload Controller | `0` | +| `env.keptnWorkloadVersionControllerLogLevel` | sets the log level of Keptn WorkloadVersion Controller | `0` | +| `env.keptnDoraMetricsPort` | sets the port for accessing lifecycle metrics in prometheus format | `2222` | +| `env.optionsControllerLogLevel` | sets the log level of Keptn Options Controller | `0` | +| `env.pythonRunnerImage` | specify image for python task runtime | `ghcr.io/keptn/python-runtime:v1.0.8` | +| `image.registry` | specify the container registry for the lifecycle-operator image | `""` | +| `image.repository` | specify registry for manager image | `keptn/lifecycle-operator` | +| `image.tag` | select tag for manager image | `v2.0.0` | +| `image.imagePullPolicy` | specify pull policy for the manager image. This overrides global values | `""` | +| `livenessProbe` | custom liveness probe for manager container | | +| `readinessProbe` | custom readinessprobe for manager container | | +| `resources` | specify limits and requests for manager container | | +| `nodeSelector` | add custom nodes selector to lifecycle operator | `{}` | +| `replicas` | customize number of installed lifecycle operator replicas | `1` | +| `tolerations` | add custom tolerations to lifecycle operator | `[]` | +| `topologySpreadConstraints` | add custom topology constraints to lifecycle operator | `[]` | +| `hostNetwork` | Sets hostNetwork option for lifecycle operator | `false` | +| `operatorMetricsService` | Adjust settings here to change the k8s service for scraping Prometheus metrics | | ### Global diff --git a/lifecycle-operator/chart/templates/_helpers.tpl b/lifecycle-operator/chart/templates/_helpers.tpl index 3d454fe3c5..c5a49fc30c 100644 --- a/lifecycle-operator/chart/templates/_helpers.tpl +++ b/lifecycle-operator/chart/templates/_helpers.tpl @@ -1,6 +1,6 @@ {{/* Return the proper Image Registry Secret Names for lifecycle operator */}} -{{- define "lifecycleOperator.imagePullSecrets" -}} -{{ include "common.images.renderPullSecrets" (dict "images" (list .Values.lifecycleOperator.image) "context" $) }} +{{- define "imagePullSecrets" -}} +{{ include "common.images.renderPullSecrets" (dict "images" (list .Values.image) "context" $) }} {{- end -}} diff --git a/lifecycle-operator/chart/templates/deployment.yaml b/lifecycle-operator/chart/templates/deployment.yaml index 7e6e5a24bb..e8c6952582 100644 --- a/lifecycle-operator/chart/templates/deployment.yaml +++ b/lifecycle-operator/chart/templates/deployment.yaml @@ -20,7 +20,7 @@ metadata: {{- include "common.labels.standard" ( dict "context" . ) | nindent 4 }} {{- include "common.annotations" ( dict "context" . ) }} spec: - replicas: {{ .Values.lifecycleOperator.replicas }} + replicas: {{ .Values.replicas }} selector: matchLabels: control-plane: lifecycle-operator @@ -53,37 +53,37 @@ spec: fieldRef: fieldPath: metadata.name - name: FUNCTION_RUNNER_IMAGE - value: {{ .Values.lifecycleOperator.env.functionRunnerImage | quote }} + value: {{ .Values.env.functionRunnerImage | quote }} - name: PYTHON_RUNNER_IMAGE - value: {{ .Values.lifecycleOperator.env.pythonRunnerImage | quote }} + value: {{ .Values.env.pythonRunnerImage | quote }} - name: KEPTN_APP_CONTROLLER_LOG_LEVEL - value: {{ .Values.lifecycleOperator.env.keptnAppControllerLogLevel | quote + value: {{ .Values.env.keptnAppControllerLogLevel | quote }} - name: KEPTN_APP_CREATION_REQUEST_CONTROLLER_LOG_LEVEL - value: {{ .Values.lifecycleOperator.env.keptnAppCreationRequestControllerLogLevel + value: {{ .Values.env.keptnAppCreationRequestControllerLogLevel | quote }} - name: KEPTN_APP_VERSION_CONTROLLER_LOG_LEVEL - value: {{ .Values.lifecycleOperator.env.keptnAppVersionControllerLogLevel + value: {{ .Values.env.keptnAppVersionControllerLogLevel | quote }} - name: KEPTN_EVALUATION_CONTROLLER_LOG_LEVEL - value: {{ .Values.lifecycleOperator.env.keptnEvaluationControllerLogLevel + value: {{ .Values.env.keptnEvaluationControllerLogLevel | quote }} - name: KEPTN_TASK_CONTROLLER_LOG_LEVEL - value: {{ .Values.lifecycleOperator.env.keptnTaskControllerLogLevel | quote + value: {{ .Values.env.keptnTaskControllerLogLevel | quote }} - name: KEPTN_TASK_DEFINITION_CONTROLLER_LOG_LEVEL - value: {{ .Values.lifecycleOperator.env.keptnTaskDefinitionControllerLogLevel + value: {{ .Values.env.keptnTaskDefinitionControllerLogLevel | quote }} - name: KEPTN_WORKLOAD_CONTROLLER_LOG_LEVEL - value: {{ .Values.lifecycleOperator.env.keptnWorkloadControllerLogLevel + value: {{ .Values.env.keptnWorkloadControllerLogLevel | quote }} - name: KEPTN_WORKLOAD_VERSION_CONTROLLER_LOG_LEVEL - value: {{ .Values.lifecycleOperator.env.keptnWorkloadVersionControllerLogLevel + value: {{ .Values.env.keptnWorkloadVersionControllerLogLevel | quote }} - name: KEPTN_DORA_METRICS_PORT - value: {{ .Values.lifecycleOperator.env.keptnDoraMetricsPort | quote }} + value: {{ .Values.env.keptnDoraMetricsPort | quote }} - name: OPTIONS_CONTROLLER_LOG_LEVEL - value: {{ .Values.lifecycleOperator.env.optionsControllerLogLevel | quote + value: {{ .Values.env.optionsControllerLogLevel | quote }} - name: PROMOTION_TASKS_ENABLED value: {{ .Values.promotionTasksEnabled | quote @@ -92,8 +92,8 @@ spec: value: {{ .Values.kubernetesClusterDomain }} - name: CERT_MANAGER_ENABLED value: {{ .Values.global.certManagerEnabled | quote }} - image: {{ include "common.images.image" ( dict "imageRoot" .Values.lifecycleOperator.image "global" .Values.global ) }} - imagePullPolicy: {{ .Values.lifecycleOperator.image.imagePullPolicy | default (.Values.global.imagePullPolicy | default "IfNotPresent") }} + image: {{ include "common.images.image" ( dict "imageRoot" .Values.image "global" .Values.global ) }} + imagePullPolicy: {{ .Values.image.imagePullPolicy | default (.Values.global.imagePullPolicy | default "IfNotPresent") }} name: lifecycle-operator ports: - containerPort: 9443 @@ -102,29 +102,29 @@ spec: - containerPort: 2222 name: metrics protocol: TCP - resources: {{- toYaml .Values.lifecycleOperator.resources | nindent 10 }} + resources: {{- toYaml .Values.resources | nindent 10 }} securityContext: - allowPrivilegeEscalation: {{ .Values.lifecycleOperator.containerSecurityContext.allowPrivilegeEscalation + allowPrivilegeEscalation: {{ .Values.containerSecurityContext.allowPrivilegeEscalation }} - capabilities: {{- include "common.tplvalues.render" (dict "value" .Values.lifecycleOperator.containerSecurityContext.capabilities + capabilities: {{- include "common.tplvalues.render" (dict "value" .Values.containerSecurityContext.capabilities "context" $) | nindent 12 }} - privileged: {{ .Values.lifecycleOperator.containerSecurityContext.privileged + privileged: {{ .Values.containerSecurityContext.privileged }} {{- if not .Values.global.openShift.enabled }} - runAsGroup: {{ .Values.lifecycleOperator.containerSecurityContext.runAsGroup + runAsGroup: {{ .Values.containerSecurityContext.runAsGroup }} - runAsUser: {{ .Values.lifecycleOperator.containerSecurityContext.runAsUser + runAsUser: {{ .Values.containerSecurityContext.runAsUser }} {{- end }} - runAsNonRoot: {{ .Values.lifecycleOperator.containerSecurityContext.runAsNonRoot + runAsNonRoot: {{ .Values.containerSecurityContext.runAsNonRoot }} - seccompProfile: {{- include "common.tplvalues.render" (dict "value" .Values.lifecycleOperator.containerSecurityContext.seccompProfile + seccompProfile: {{- include "common.tplvalues.render" (dict "value" .Values.containerSecurityContext.seccompProfile "context" $) | nindent 12 }} volumeMounts: - name: keptn-certs mountPath: /tmp/webhook/certs/ - {{- if .Values.lifecycleOperator.livenessProbe }} - livenessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.lifecycleOperator.livenessProbe "context" $) | nindent 10 }} + {{- if .Values.livenessProbe }} + livenessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.livenessProbe "context" $) | nindent 10 }} {{- else }} livenessProbe: httpGet: @@ -133,8 +133,8 @@ spec: initialDelaySeconds: 15 periodSeconds: 20 {{- end }} - {{- if .Values.lifecycleOperator.readinessProbe }} - readinessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.lifecycleOperator.readinessProbe "context" $) | nindent 10 }} + {{- if .Values.readinessProbe }} + readinessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.readinessProbe "context" $) | nindent 10 }} {{- else }} readinessProbe: httpGet: @@ -143,22 +143,22 @@ spec: initialDelaySeconds: 5 periodSeconds: 10 {{- end }} - {{- include "lifecycleOperator.imagePullSecrets" . | nindent 6 }} + {{- include "imagePullSecrets" . | nindent 6 }} securityContext: runAsNonRoot: true serviceAccountName: lifecycle-operator terminationGracePeriodSeconds: 10 - hostNetwork: {{ .Values.lifecycleOperator.hostNetwork }} + hostNetwork: {{ .Values.hostNetwork }} volumes: - name: keptn-certs secret: secretName: keptn-certs -{{- if .Values.lifecycleOperator.topologySpreadConstraints }} - topologySpreadConstraints: {{- include "common.tplvalues.render" (dict "value" .Values.lifecycleOperator.topologySpreadConstraints "context" $) | nindent 8 }} +{{- if .Values.topologySpreadConstraints }} + topologySpreadConstraints: {{- include "common.tplvalues.render" (dict "value" .Values.topologySpreadConstraints "context" $) | nindent 8 }} {{- end }} -{{- if .Values.lifecycleOperator.nodeSelector }} - nodeSelector: {{- include "common.tplvalues.render" ( dict "value" .Values.lifecycleOperator.nodeSelector "context" $) | nindent 8 }} +{{- if .Values.nodeSelector }} + nodeSelector: {{- include "common.tplvalues.render" ( dict "value" .Values.nodeSelector "context" $) | nindent 8 }} {{- end }} -{{- if .Values.lifecycleOperator.tolerations }} - tolerations: {{- include "common.tplvalues.render" (dict "value" .Values.lifecycleOperator.tolerations "context" .) | nindent 8 }} +{{- if .Values.tolerations }} + tolerations: {{- include "common.tplvalues.render" (dict "value" .Values.tolerations "context" .) | nindent 8 }} {{- end }} diff --git a/lifecycle-operator/chart/templates/lifecycle-manager-config.yaml b/lifecycle-operator/chart/templates/lifecycle-manager-config.yaml index 66a7255553..ffe685be33 100644 --- a/lifecycle-operator/chart/templates/lifecycle-manager-config.yaml +++ b/lifecycle-operator/chart/templates/lifecycle-manager-config.yaml @@ -13,17 +13,17 @@ data: controller_manager_config.yaml: | apiVersion: controller-runtime.sigs.k8s.io/v1alpha1 health: - healthProbeBindAddress: {{ .Values.lifecycleOperatorConfig.health.healthProbeBindAddress + healthProbeBindAddress: {{ .Values.config.health.healthProbeBindAddress | quote }} kind: ControllerManagerConfig leaderElection: - leaderElect: {{ .Values.lifecycleOperatorConfig.leaderElection.leaderElect + leaderElect: {{ .Values.config.leaderElection.leaderElect }} - resourceName: {{ .Values.lifecycleOperatorConfig.leaderElection.resourceName + resourceName: {{ .Values.config.leaderElection.resourceName | quote }} metrics: - bindAddress: {{ .Values.lifecycleOperatorConfig.metrics.bindAddress + bindAddress: {{ .Values.config.metrics.bindAddress | quote }} webhook: - port: {{ .Values.lifecycleOperatorConfig.webhook.port + port: {{ .Values.config.webhook.port }} \ No newline at end of file diff --git a/lifecycle-operator/chart/templates/lifecycle-operator-metrics-service.yaml b/lifecycle-operator/chart/templates/lifecycle-operator-metrics-service.yaml index 62d55783d3..520d211537 100644 --- a/lifecycle-operator/chart/templates/lifecycle-operator-metrics-service.yaml +++ b/lifecycle-operator/chart/templates/lifecycle-operator-metrics-service.yaml @@ -11,9 +11,9 @@ metadata: control-plane: lifecycle-operator {{- include "common.labels.standard" ( dict "context" . ) | nindent 4 }} spec: - type: {{ .Values.lifecycleOperatorMetricsService.type }} + type: {{ .Values.operatorMetricsService.type }} selector: control-plane: lifecycle-operator {{- include "common.selectorLabels" ( dict "context" . ) | nindent 4 }} ports: - {{- .Values.lifecycleOperatorMetricsService.ports | toYaml | nindent 2 -}} \ No newline at end of file + {{- .Values.operatorMetricsService.ports | toYaml | nindent 2 -}} \ No newline at end of file diff --git a/lifecycle-operator/chart/templates/lifecycle-webhook-service.yaml b/lifecycle-operator/chart/templates/lifecycle-webhook-service.yaml index 80a4757489..7c6438a364 100644 --- a/lifecycle-operator/chart/templates/lifecycle-webhook-service.yaml +++ b/lifecycle-operator/chart/templates/lifecycle-webhook-service.yaml @@ -10,9 +10,9 @@ metadata: labels: {{- include "common.labels.standard" ( dict "context" . ) | nindent 4 }} spec: - type: {{ .Values.lifecycleWebhookService.type }} + type: {{ .Values.webhookService.type }} selector: control-plane: lifecycle-operator {{- include "common.selectorLabels" ( dict "context" . ) | nindent 4 }} ports: - {{- .Values.lifecycleWebhookService.ports | toYaml | nindent 2 -}} \ No newline at end of file + {{- .Values.webhookService.ports | toYaml | nindent 2 -}} \ No newline at end of file diff --git a/lifecycle-operator/chart/values.yaml b/lifecycle-operator/chart/values.yaml index 1ebe25578a..413f2b8d0f 100644 --- a/lifecycle-operator/chart/values.yaml +++ b/lifecycle-operator/chart/values.yaml @@ -30,139 +30,137 @@ global: ## @param global.openShift.enabled Enable this value to install on Openshift enabled: false -lifecycleOperatorConfig: +config: health: -## @param lifecycleOperatorConfig.health.healthProbeBindAddress setup on what address to start the default health handler +## @param config.health.healthProbeBindAddress setup on what address to start the default health handler healthProbeBindAddress: :8081 leaderElection: -## @param lifecycleOperatorConfig.leaderElection.leaderElect enable leader election for multiple replicas of the lifecycle operator +## @param config.leaderElection.leaderElect enable leader election for multiple replicas of the lifecycle operator leaderElect: true -## @param lifecycleOperatorConfig.leaderElection.resourceName define LeaderElectionID +## @param config.leaderElection.resourceName define LeaderElectionID resourceName: 6b866dd9.keptn.sh metrics: -## @param lifecycleOperatorConfig.metrics.bindAddress MetricsBindAddress is the TCP address that the controller should bind to for serving prometheus metrics. It can be set to "0" to disable the metrics serving. +## @param config.metrics.bindAddress MetricsBindAddress is the TCP address that the controller should bind to for serving prometheus metrics. It can be set to "0" to disable the metrics serving. bindAddress: 127.0.0.1:8080 webhook: -## @param lifecycleOperatorConfig.webhook.port setup port for the lifecycle operator admission webhook +## @param config.webhook.port setup port for the lifecycle operator admission webhook port: 9443 -## @extra lifecycleWebhookService Mutating Webhook Configurations for lifecycle Operator -lifecycleWebhookService: +## @extra webhookService Mutating Webhook Configurations for lifecycle Operator +webhookService: ports: -## @param lifecycleWebhookService.ports[0].port +## @param webhookService.ports[0].port - port: 443 -## @param lifecycleWebhookService.ports[0].protocol +## @param webhookService.ports[0].protocol protocol: TCP -## @param lifecycleWebhookService.ports[0].targetPort +## @param webhookService.ports[0].targetPort targetPort: 9443 -## @param lifecycleWebhookService.type +## @param webhookService.type type: ClusterIP -## @section Keptn Lifecycle Operator controller -## @extra lifecycleOperator.containerSecurityContext Sets security context privileges -lifecycleOperator: - containerSecurityContext: -## @param lifecycleOperator.containerSecurityContext.allowPrivilegeEscalation - allowPrivilegeEscalation: false - capabilities: -## @param lifecycleOperator.containerSecurityContext.capabilities.drop - drop: - - ALL -## @param lifecycleOperator.containerSecurityContext.privileged - privileged: false -## @param lifecycleOperator.containerSecurityContext.runAsGroup - runAsGroup: 65532 -## @param lifecycleOperator.containerSecurityContext.runAsNonRoot - runAsNonRoot: true -## @param lifecycleOperator.containerSecurityContext.runAsUser - runAsUser: 65532 - seccompProfile: -## @param lifecycleOperator.containerSecurityContext.seccompProfile.type - type: RuntimeDefault -## @param lifecycleOperator.env.functionRunnerImage specify image for deno task runtime - env: - functionRunnerImage: ghcr.io/keptn/deno-runtime:v3.0.1 -## @param lifecycleOperator.env.keptnAppControllerLogLevel sets the log level of Keptn App Controller - keptnAppControllerLogLevel: "0" -## @param lifecycleOperator.env.keptnAppCreationRequestControllerLogLevel sets the log level of Keptn App Creation Request Controller - keptnAppCreationRequestControllerLogLevel: "0" -## @param lifecycleOperator.env.keptnAppVersionControllerLogLevel sets the log level of Keptn AppVersion Controller - keptnAppVersionControllerLogLevel: "0" -## @param lifecycleOperator.env.keptnEvaluationControllerLogLevel sets the log level of Keptn Evaluation Controller - keptnEvaluationControllerLogLevel: "0" -## @param lifecycleOperator.env.keptnTaskControllerLogLevel sets the log level of Keptn Task Controller - keptnTaskControllerLogLevel: "0" -## @param lifecycleOperator.env.keptnTaskDefinitionControllerLogLevel sets the log level of Keptn TaskDefinition Controller - keptnTaskDefinitionControllerLogLevel: "0" -## @param lifecycleOperator.env.keptnWorkloadControllerLogLevel sets the log level of Keptn Workload Controller - keptnWorkloadControllerLogLevel: "0" -## @param lifecycleOperator.env.keptnWorkloadVersionControllerLogLevel sets the log level of Keptn WorkloadVersion Controller - keptnWorkloadVersionControllerLogLevel: "0" -## @param lifecycleOperator.env.keptnDoraMetricsPort sets the port for accessing lifecycle metrics in prometheus format - keptnDoraMetricsPort: "2222" -## @param lifecycleOperator.env.optionsControllerLogLevel sets the log level of Keptn Options Controller - optionsControllerLogLevel: "0" -## @param lifecycleOperator.env.pythonRunnerImage specify image for python task runtime - pythonRunnerImage: ghcr.io/keptn/python-runtime:v1.0.8 - image: -## @param lifecycleOperator.image.registry specify the container registry for the lifecycle-operator image - registry: "" -## @param lifecycleOperator.image.repository specify registry for manager image - repository: keptn/lifecycle-operator -## @param lifecycleOperator.image.tag select tag for manager image - tag: v2.0.0 # x-release-please-version -## @param lifecycleOperator.image.imagePullPolicy specify pull policy for the manager image. This overrides global values - imagePullPolicy: "" -## @extra lifecycleOperator.livenessProbe custom liveness probe for manager container -## @skip lifecycleOperator.livenessProbe.httpGet.path -## @skip lifecycleOperator.livenessProbe.httpGet.port -## @skip lifecycleOperator.livenessProbe.initialDelaySeconds -## @skip lifecycleOperator.livenessProbe.periodSeconds - livenessProbe: - httpGet: - path: /healthz - port: 8081 - initialDelaySeconds: 15 - periodSeconds: 20 -## @extra lifecycleOperator.readinessProbe custom readinessprobe for manager container -## @skip lifecycleOperator.readinessProbe.httpGet.path -## @skip lifecycleOperator.readinessProbe.httpGet.port -## @skip lifecycleOperator.readinessProbe.initialDelaySeconds -## @skip lifecycleOperator.readinessProbe.periodSeconds - readinessProbe: - httpGet: - path: /readyz - port: 8081 - initialDelaySeconds: 5 - periodSeconds: 10 -## @extra lifecycleOperator.resources specify limits and requests for manager container -## @skip lifecycleOperator.resources.limits.cpu -## @skip lifecycleOperator.resources.limits.memory -## @skip lifecycleOperator.resources.requests.cpu -## @skip lifecycleOperator.resources.requests.memory - resources: - limits: - cpu: 500m - memory: 128Mi - requests: - cpu: 5m - memory: 64Mi -## @param lifecycleOperator.nodeSelector add custom nodes selector to lifecycle operator - nodeSelector: {} -## @param lifecycleOperator.replicas customize number of installed lifecycle operator replicas - replicas: 1 -## @param lifecycleOperator.tolerations add custom tolerations to lifecycle operator - tolerations: [] -## @param lifecycleOperator.topologySpreadConstraints add custom topology constraints to lifecycle operator - topologySpreadConstraints: [] -## @param lifecycleOperator.hostNetwork Sets hostNetwork option for lifecycle operator - hostNetwork: false -## @extra lifecycleOperatorMetricsService Adjust settings here to change the k8s service for scraping Prometheus metrics -## @skip lifecycleOperatorMetricsService.ports[0].name -## @skip lifecycleOperatorMetricsService.ports[0].port -## @skip lifecycleOperatorMetricsService.ports[0].protocol -## @skip lifecycleOperatorMetricsService.ports[0].targetPort -## @skip lifecycleOperatorMetricsService.type -lifecycleOperatorMetricsService: +## @extra containerSecurityContext Sets security context privileges +containerSecurityContext: +## @param containerSecurityContext.allowPrivilegeEscalation + allowPrivilegeEscalation: false + capabilities: +## @param containerSecurityContext.capabilities.drop + drop: + - ALL +## @param containerSecurityContext.privileged + privileged: false +## @param containerSecurityContext.runAsGroup + runAsGroup: 65532 +## @param containerSecurityContext.runAsNonRoot + runAsNonRoot: true +## @param containerSecurityContext.runAsUser + runAsUser: 65532 + seccompProfile: +## @param containerSecurityContext.seccompProfile.type + type: RuntimeDefault +## @param env.functionRunnerImage specify image for deno task runtime +env: + functionRunnerImage: ghcr.io/keptn/deno-runtime:v3.0.1 +## @param env.keptnAppControllerLogLevel sets the log level of Keptn App Controller + keptnAppControllerLogLevel: "0" +## @param env.keptnAppCreationRequestControllerLogLevel sets the log level of Keptn App Creation Request Controller + keptnAppCreationRequestControllerLogLevel: "0" +## @param env.keptnAppVersionControllerLogLevel sets the log level of Keptn AppVersion Controller + keptnAppVersionControllerLogLevel: "0" +## @param env.keptnEvaluationControllerLogLevel sets the log level of Keptn Evaluation Controller + keptnEvaluationControllerLogLevel: "0" +## @param env.keptnTaskControllerLogLevel sets the log level of Keptn Task Controller + keptnTaskControllerLogLevel: "0" +## @param env.keptnTaskDefinitionControllerLogLevel sets the log level of Keptn TaskDefinition Controller + keptnTaskDefinitionControllerLogLevel: "0" +## @param env.keptnWorkloadControllerLogLevel sets the log level of Keptn Workload Controller + keptnWorkloadControllerLogLevel: "0" +## @param env.keptnWorkloadVersionControllerLogLevel sets the log level of Keptn WorkloadVersion Controller + keptnWorkloadVersionControllerLogLevel: "0" +## @param env.keptnDoraMetricsPort sets the port for accessing lifecycle metrics in prometheus format + keptnDoraMetricsPort: "2222" +## @param env.optionsControllerLogLevel sets the log level of Keptn Options Controller + optionsControllerLogLevel: "0" +## @param env.pythonRunnerImage specify image for python task runtime + pythonRunnerImage: ghcr.io/keptn/python-runtime:v1.0.8 +image: +## @param image.registry specify the container registry for the lifecycle-operator image + registry: "" +## @param image.repository specify registry for manager image + repository: keptn/lifecycle-operator +## @param image.tag select tag for manager image + tag: v2.0.0 # x-release-please-version +## @param image.imagePullPolicy specify pull policy for the manager image. This overrides global values + imagePullPolicy: "" +## @extra livenessProbe custom liveness probe for manager container +## @skip livenessProbe.httpGet.path +## @skip livenessProbe.httpGet.port +## @skip livenessProbe.initialDelaySeconds +## @skip livenessProbe.periodSeconds +livenessProbe: + httpGet: + path: /healthz + port: 8081 + initialDelaySeconds: 15 + periodSeconds: 20 +## @extra readinessProbe custom readinessprobe for manager container +## @skip readinessProbe.httpGet.path +## @skip readinessProbe.httpGet.port +## @skip readinessProbe.initialDelaySeconds +## @skip readinessProbe.periodSeconds +readinessProbe: + httpGet: + path: /readyz + port: 8081 + initialDelaySeconds: 5 + periodSeconds: 10 +## @extra resources specify limits and requests for manager container +## @skip resources.limits.cpu +## @skip resources.limits.memory +## @skip resources.requests.cpu +## @skip resources.requests.memory +resources: + limits: + cpu: 500m + memory: 128Mi + requests: + cpu: 5m + memory: 64Mi +## @param nodeSelector add custom nodes selector to lifecycle operator +nodeSelector: {} +## @param replicas customize number of installed lifecycle operator replicas +replicas: 1 +## @param tolerations add custom tolerations to lifecycle operator +tolerations: [] +## @param topologySpreadConstraints add custom topology constraints to lifecycle operator +topologySpreadConstraints: [] +## @param hostNetwork Sets hostNetwork option for lifecycle operator +hostNetwork: false +## @extra operatorMetricsService Adjust settings here to change the k8s service for scraping Prometheus metrics +## @skip operatorMetricsService.ports[0].name +## @skip operatorMetricsService.ports[0].port +## @skip operatorMetricsService.ports[0].protocol +## @skip operatorMetricsService.ports[0].targetPort +## @skip operatorMetricsService.type +operatorMetricsService: ports: - name: metrics port: 2222