diff --git a/deploy/charts/venafi-kubernetes-agent/README.md b/deploy/charts/venafi-kubernetes-agent/README.md index 1d7a7a5b..f5f2f28f 100644 --- a/deploy/charts/venafi-kubernetes-agent/README.md +++ b/deploy/charts/venafi-kubernetes-agent/README.md @@ -476,6 +476,13 @@ Cannot be used if `maxUnavailable` is set. Configure the maximum unavailable pods for disruptions. Can either be set to an integer (e.g. 1) or a percentage value (e.g. 25%). Cannot be used if `minAvailable` is set. +#### **venafiConnection.include** ~ `bool` +> Default value: +> ```yaml +> false +> ``` + +When set to false, the rendered output does not contain the. VenafiConnection CRDs and RBAC. This is useful for when the. Venafi Connection resources are already installed separately. ### CRDs @@ -494,12 +501,5 @@ The 'x-kubernetes-validations' annotation is not supported in Kubernetes 1.22 an > ``` This option makes it so that the "helm.sh/resource-policy": keep annotation is added to the CRD. This will prevent Helm from uninstalling the CRD when the Helm release is uninstalled. -#### **crds.venafiConnection.include** ~ `bool` -> Default value: -> ```yaml -> false -> ``` - -When set to false, the rendered output does not contain the. VenafiConnection CRDs and RBAC. This is useful for when the. Venafi Connection resources are already installed separately. \ No newline at end of file diff --git a/deploy/charts/venafi-kubernetes-agent/crd_bases/crd.header-without-validations.yaml b/deploy/charts/venafi-kubernetes-agent/crd_bases/crd.header-without-validations.yaml index 968347d8..0b32557f 100644 --- a/deploy/charts/venafi-kubernetes-agent/crd_bases/crd.header-without-validations.yaml +++ b/deploy/charts/venafi-kubernetes-agent/crd_bases/crd.header-without-validations.yaml @@ -1,5 +1,5 @@ {{/* DO NOT EDIT. Use 'make generate-crds-venconn' to regenerate. */}} -{{- if .Values.crds.venafiConnection.include }} +{{- if .Values.venafiConnection.include }} {{- if (or (semverCompare "<1.25" .Capabilities.KubeVersion.GitVersion) .Values.crds.forceRemoveValidationAnnotations) }} apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition @@ -12,4 +12,4 @@ metadata: helm.sh/resource-policy: keep {{- end }} labels: - {{- include "venafi-connection.labels" . | nindent 4 }} + {{- include "venafi-connection.labels" $ | nindent 4 }} diff --git a/deploy/charts/venafi-kubernetes-agent/crd_bases/crd.header.yaml b/deploy/charts/venafi-kubernetes-agent/crd_bases/crd.header.yaml index 16975a1d..74c83062 100644 --- a/deploy/charts/venafi-kubernetes-agent/crd_bases/crd.header.yaml +++ b/deploy/charts/venafi-kubernetes-agent/crd_bases/crd.header.yaml @@ -1,5 +1,5 @@ {{/* DO NOT EDIT. Use 'make generate-crds-venconn' to regenerate. */}} -{{- if .Values.crds.venafiConnection.include }} +{{- if .Values.venafiConnection.include }} {{- if not (or (semverCompare "<1.25" .Capabilities.KubeVersion.GitVersion) .Values.crds.forceRemoveValidationAnnotations) }} apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition @@ -12,4 +12,4 @@ metadata: helm.sh/resource-policy: keep {{- end }} labels: - {{- include "venafi-connection.labels" . | nindent 4 }} + {{- include "venafi-connection.labels" $ | nindent 4 }} diff --git a/deploy/charts/venafi-kubernetes-agent/templates/venafi-connection-crd.without-validations.yaml b/deploy/charts/venafi-kubernetes-agent/templates/venafi-connection-crd.without-validations.yaml index b644a72a..9718a955 100644 --- a/deploy/charts/venafi-kubernetes-agent/templates/venafi-connection-crd.without-validations.yaml +++ b/deploy/charts/venafi-kubernetes-agent/templates/venafi-connection-crd.without-validations.yaml @@ -1,5 +1,5 @@ {{/* DO NOT EDIT. Use 'make generate-crds-venconn' to regenerate. */}} -{{- if .Values.crds.venafiConnection.include }} +{{- if .Values.venafiConnection.include }} {{- if (or (semverCompare "<1.25" .Capabilities.KubeVersion.GitVersion) .Values.crds.forceRemoveValidationAnnotations) }} apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition @@ -12,7 +12,7 @@ metadata: helm.sh/resource-policy: keep {{- end }} labels: - {{- include "venafi-connection.labels" . | nindent 4 }} + {{- include "venafi-connection.labels" $ | nindent 4 }} spec: group: jetstack.io names: diff --git a/deploy/charts/venafi-kubernetes-agent/templates/venafi-connection-crd.yaml b/deploy/charts/venafi-kubernetes-agent/templates/venafi-connection-crd.yaml index e750549b..c112aa07 100644 --- a/deploy/charts/venafi-kubernetes-agent/templates/venafi-connection-crd.yaml +++ b/deploy/charts/venafi-kubernetes-agent/templates/venafi-connection-crd.yaml @@ -1,5 +1,5 @@ {{/* DO NOT EDIT. Use 'make generate-crds-venconn' to regenerate. */}} -{{- if .Values.crds.venafiConnection.include }} +{{- if .Values.venafiConnection.include }} {{- if not (or (semverCompare "<1.25" .Capabilities.KubeVersion.GitVersion) .Values.crds.forceRemoveValidationAnnotations) }} apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition @@ -12,7 +12,7 @@ metadata: helm.sh/resource-policy: keep {{- end }} labels: - {{- include "venafi-connection.labels" . | nindent 4 }} + {{- include "venafi-connection.labels" $ | nindent 4 }} spec: group: jetstack.io names: diff --git a/deploy/charts/venafi-kubernetes-agent/templates/venafi-connection-rbac.yaml b/deploy/charts/venafi-kubernetes-agent/templates/venafi-connection-rbac.yaml index 620ad162..3262646e 100644 --- a/deploy/charts/venafi-kubernetes-agent/templates/venafi-connection-rbac.yaml +++ b/deploy/charts/venafi-kubernetes-agent/templates/venafi-connection-rbac.yaml @@ -1,4 +1,4 @@ -{{- if .Values.crds.venafiConnection.include }} +{{- if .Values.venafiConnection.include }} # The 'venafi-connection' service account is used by multiple # controllers. When configuring which resources a VenafiConnection # can access, the RBAC rules you create manually must point to this SA. @@ -43,4 +43,4 @@ subjects: - kind: ServiceAccount name: venafi-connection namespace: {{ $.Release.Namespace | quote }} -{{- end }} +{{- end }} \ No newline at end of file diff --git a/deploy/charts/venafi-kubernetes-agent/values.schema.json b/deploy/charts/venafi-kubernetes-agent/values.schema.json index 36de4b36..6426677a 100644 --- a/deploy/charts/venafi-kubernetes-agent/values.schema.json +++ b/deploy/charts/venafi-kubernetes-agent/values.schema.json @@ -75,6 +75,9 @@ "tolerations": { "$ref": "#/$defs/helm-values.tolerations" }, + "venafiConnection": { + "$ref": "#/$defs/helm-values.venafiConnection" + }, "volumeMounts": { "$ref": "#/$defs/helm-values.volumeMounts" }, @@ -275,9 +278,6 @@ }, "keep": { "$ref": "#/$defs/helm-values.crds.keep" - }, - "venafiConnection": { - "$ref": "#/$defs/helm-values.crds.venafiConnection" } }, "type": "object" @@ -292,20 +292,6 @@ "description": "This option makes it so that the \"helm.sh/resource-policy\": keep annotation is added to the CRD. This will prevent Helm from uninstalling the CRD when the Helm release is uninstalled.", "type": "boolean" }, - "helm-values.crds.venafiConnection": { - "additionalProperties": false, - "properties": { - "include": { - "$ref": "#/$defs/helm-values.crds.venafiConnection.include" - } - }, - "type": "object" - }, - "helm-values.crds.venafiConnection.include": { - "default": false, - "description": "When set to false, the rendered output does not contain the. VenafiConnection CRDs and RBAC. This is useful for when the. Venafi Connection resources are already installed separately.", - "type": "boolean" - }, "helm-values.extraArgs": { "default": [], "description": "Specify additional arguments to pass to the agent binary. For example, to enable JSON logging use `--logging-format`, or to increase the logging verbosity use `--log-level`.\nThe log levels are: 0=Info, 1=Debug, 2=Trace.\nUse 6-9 for increasingly verbose HTTP request logging.\nThe default log level is 0.\n\nExample:\nextraArgs:\n- --logging-format=json\n- --log-level=6 # To enable HTTP request logging", @@ -638,6 +624,20 @@ "items": {}, "type": "array" }, + "helm-values.venafiConnection": { + "additionalProperties": false, + "properties": { + "include": { + "$ref": "#/$defs/helm-values.venafiConnection.include" + } + }, + "type": "object" + }, + "helm-values.venafiConnection.include": { + "default": false, + "description": "When set to false, the rendered output does not contain the. VenafiConnection CRDs and RBAC. This is useful for when the. Venafi Connection resources are already installed separately.", + "type": "boolean" + }, "helm-values.volumeMounts": { "default": [], "description": "Additional volume mounts to add to the Venafi Kubernetes Agent container. This is useful for mounting a custom CA bundle. Any PEM certificate mounted under /etc/ssl/certs will be loaded by the Venafi Kubernetes Agent. For\nexample:\n\nvolumeMounts:\n - name: cabundle\n mountPath: /etc/ssl/certs/cabundle\n subPath: cabundle\n readOnly: true", diff --git a/deploy/charts/venafi-kubernetes-agent/values.yaml b/deploy/charts/venafi-kubernetes-agent/values.yaml index 88ceee4f..ee2a2efb 100644 --- a/deploy/charts/venafi-kubernetes-agent/values.yaml +++ b/deploy/charts/venafi-kubernetes-agent/values.yaml @@ -285,6 +285,13 @@ podDisruptionBudget: # +docs:property # maxUnavailable: 1 +# Optionally include the VenafiConnection CRDs +venafiConnection: + # When set to false, the rendered output does not contain the + # VenafiConnection CRDs and RBAC. This is useful for when the + # Venafi Connection resources are already installed separately. + include: false + # +docs:section=CRDs # The CRDs installed by this chart are annotated with "helm.sh/resource-policy: keep", this # prevents them from being accidentally removed by Helm when this chart is deleted. After @@ -301,10 +308,3 @@ crds: # annotation is added to the CRD. This will prevent Helm from uninstalling # the CRD when the Helm release is uninstalled. keep: false - - # Optionally include the VenafiConnection CRDs - venafiConnection: - # When set to false, the rendered output does not contain the - # VenafiConnection CRDs and RBAC. This is useful for when the - # Venafi Connection resources are already installed separately. - include: false