Skip to content

feat(annotations): allow user-provided service annotations #249

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
andrewazores merged 1 commit into from
May 29, 2025
Merged

feat(annotations): allow user-provided service annotations #249

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 4 additions & 0 deletions charts/cryostat/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -79,6 +79,7 @@ certificate issuance and rotation.
| `core.podAnnotations` | Annotations to be applied to the Cryostat Pods | `{}` |
| `core.service.type` | Type of Service to create for the Cryostat application | `ClusterIP` |
| `core.service.httpPort` | Port number to expose on the Service for Cryostat's HTTP server | `8181` |
| `core.service.annotations` | Annotations to be applied to the Service for Cryostat's HTTP server | `{}` |
| `core.debug.log.level` | Log level for troubleshooting and debugging | `INFO` |
| `core.sslProxied` | Enables SSL Proxied Environment Variables, useful when you are offloading SSL/TLS at External Loadbalancer instead of Ingress | `false` |
| `core.ingress.enabled` | Whether to create an Ingress object for the Cryostat service | `false` |
Expand Down Expand Up @@ -130,6 +131,7 @@ certificate issuance and rotation.
| `reports.podAnnotations` | Annotations to be applied to the Report Generator Pods | `{}` |
| `reports.service.type` | Type of Service to create for the Report Generator Deployment | `ClusterIP` |
| `reports.service.httpPort` | Port number to expose on the Service for the Report Generator Deployment | `10001` |
| `reports.service.annotations` | Annotations to be applied to the Service for the Report Generator Deployment | `{}` |
| `reports.reportsSecretName` | Name of the secret containing the report generator access keys. This secret must contain a REPORTS_PASS secret which is the secret credential for the report generators. It must not be updated across chart upgrades, or else the connection between Cryostat and report generators will not be able to initialize. It is recommended that the secret should be marked as immutable to avoid accidental changes to secret's data. More details: https://kubernetes.io/docs/concepts/configuration/secret/#secret-immutable | `""` |
| `reports.debug.log.level` | Log level for troubleshooting and debugging | `INFO` |
| `reports.replicas` | Number of Report Generator replicas to deploy. If zero, the Deployment and Service will not be created and the main Cryostat container will handle all report generations on its own. | `0` |
Expand All @@ -154,6 +156,7 @@ certificate issuance and rotation.
| `db.podAnnotations` | Annotations to be applied to the Database Pods | `{}` |
| `db.service.type` | Type of Service to create for the database | `ClusterIP` |
| `db.service.port` | Port number to expose on the Service | `5432` |
| `db.service.annotations` | Annotations to be applied to the Service for the database | `{}` |
| `db.resources.requests.cpu` | CPU resource request for the database container. See: [ResourceRequirements](https://kubernetes.io/docs/reference/kubernetes-api/workload-resources/pod-v1/#resources) | `25m` |
| `db.resources.requests.memory` | Memory resource request for the database container. | `64Mi` |
| `db.pvc.enabled` | Specify whether to use persistentVolumeClaim (true) or EmptyDir storage (false). This is recommended to be enabled, but the storage size and selector should be chosen carefully first. | `false` |
Expand Down Expand Up @@ -183,6 +186,7 @@ certificate issuance and rotation.
| `storage.podAnnotations` | Annotations to be applied to the Storage Pods | `{}` |
| `storage.service.type` | Type of Service to create for the object storage | `ClusterIP` |
| `storage.service.port` | Port number to expose on the Service | `8333` |
| `storage.service.annotations` | Annotations to be applied to the Service for the object storage | `{}` |
| `storage.resources.requests.cpu` | CPU resource request for the object storage container. See: [ResourceRequirements](https://kubernetes.io/docs/reference/kubernetes-api/workload-resources/pod-v1/#resources) | `50m` |
| `storage.resources.requests.memory` | Memory resource request for the object storage container. | `256Mi` |
| `storage.pvc.enabled` | Specify whether to use persistentVolumeClaim (true) or EmptyDir storage (false). This is recommended to be enabled, but the storage size and selector should be chosen carefully first. | `false` |
Expand Down
5 changes: 4 additions & 1 deletion charts/cryostat/templates/cryostat_service.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,10 +7,13 @@ metadata:
labels:
{{- include "cryostat.labels" $ | nindent 4 }}
app.kubernetes.io/component: cryostat
{{- if (.Values.authentication.openshift).enabled }}
annotations:
{{- if (.Values.authentication.openshift).enabled }}
service.alpha.openshift.io/serving-cert-secret-name: {{ .Release.Name }}-proxy-tls
{{- end }}
{{- with .Values.core.service.annotations }}
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
type: {{ .Values.core.service.type }}
ports:
Expand Down
4 changes: 4 additions & 0 deletions charts/cryostat/templates/db_service.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,10 @@ metadata:
labels:
{{- include "cryostat.labels" $ | nindent 4 }}
app.kubernetes.io/component: db
{{- with .Values.db.service.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
type: {{ .Values.db.service.type }}
ports:
Expand Down
4 changes: 4 additions & 0 deletions charts/cryostat/templates/reports_service.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,10 @@ metadata:
labels:
{{- include "cryostat.labels" $ | nindent 4 }}
app.kubernetes.io/component: reports
{{- with .Values.reports.service.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
type: {{ .Values.reports.service.type }}
ports:
Expand Down
4 changes: 4 additions & 0 deletions charts/cryostat/templates/storage_service.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,10 @@ metadata:
labels:
{{- include "cryostat.labels" $ | nindent 4 }}
app.kubernetes.io/component: storage
{{- with .Values.storage.service.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
type: {{ .Values.storage.service.type }}
ports:
Expand Down
34 changes: 34 additions & 0 deletions charts/cryostat/tests/cryostat_service_test.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -193,3 +193,37 @@ tests:
app.kubernetes.io/version: "4.1.0-dev"
helm.sh/chart: cryostat-2.0.0-dev
app.kubernetes.io/component: cryostat

- it: should create a Service with additional user-provided annotations
set:
core.service.annotations:
service.beta.kubernetes.io/aws-load-balancer-nlb-target-type: ip
service.beta.kubernetes.io/aws-load-balancer-scheme: internet-facing
service.beta.kubernetes.io/aws-load-balancer-type: external
asserts:
- exists:
path: metadata.annotations
- equal:
path: metadata.annotations
value:
service.beta.kubernetes.io/aws-load-balancer-nlb-target-type: ip
service.beta.kubernetes.io/aws-load-balancer-scheme: internet-facing
service.beta.kubernetes.io/aws-load-balancer-type: external

- it: should create a Service with OpenShift specific annotations and additional user-provided annotations when OpenShift auth is enabled
set:
authentication.openshift.enabled: true
core.service.annotations:
service.beta.kubernetes.io/aws-load-balancer-nlb-target-type: ip
service.beta.kubernetes.io/aws-load-balancer-scheme: internet-facing
service.beta.kubernetes.io/aws-load-balancer-type: external
asserts:
- exists:
path: metadata.annotations
- equal:
path: metadata.annotations
value:
service.alpha.openshift.io/serving-cert-secret-name: RELEASE-NAME-proxy-tls
service.beta.kubernetes.io/aws-load-balancer-nlb-target-type: ip
service.beta.kubernetes.io/aws-load-balancer-scheme: internet-facing
service.beta.kubernetes.io/aws-load-balancer-type: external
16 changes: 16 additions & 0 deletions charts/cryostat/tests/db_service_test.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -59,3 +59,19 @@ tests:
helm.sh/chart: cryostat-2.0.0-dev
app.kubernetes.io/component: db
app.kubernetes.io/part-of: cryostat

- it: should create a Service with additional user-provided annotations
set:
db.service.annotations:
service.beta.kubernetes.io/aws-load-balancer-nlb-target-type: ip
service.beta.kubernetes.io/aws-load-balancer-scheme: internet-facing
service.beta.kubernetes.io/aws-load-balancer-type: external
asserts:
- exists:
path: metadata.annotations
- equal:
path: metadata.annotations
value:
service.beta.kubernetes.io/aws-load-balancer-nlb-target-type: ip
service.beta.kubernetes.io/aws-load-balancer-scheme: internet-facing
service.beta.kubernetes.io/aws-load-balancer-type: external
Loading
Loading