diff --git a/helm/oauth2-proxy/Chart.yaml b/helm/oauth2-proxy/Chart.yaml index 9cbeb4a9..03a76823 100644 --- a/helm/oauth2-proxy/Chart.yaml +++ b/helm/oauth2-proxy/Chart.yaml @@ -1,5 +1,5 @@ name: oauth2-proxy -version: 7.17.1 +version: 7.18.0 apiVersion: v2 appVersion: 7.11.0 home: https://oauth2-proxy.github.io/oauth2-proxy/ @@ -31,8 +31,10 @@ maintainers: kubeVersion: ">=1.16.0-0" annotations: artifacthub.io/changes: | - - kind: changed - description: Updated the Redis chart to the latest version + - kind: added + description: Added support for PodDisruptionBudget unhealthyPodEvictionPolicy links: - name: Github PR - url: https://github.com/oauth2-proxy/manifests/pull/334 + url: https://github.com/oauth2-proxy/manifests/pull/336 + - name: Kubernetes documentation + url: https://kubernetes.io/docs/tasks/run-application/configure-pdb/#unhealthy-pod-eviction-policy diff --git a/helm/oauth2-proxy/README.md b/helm/oauth2-proxy/README.md index 69b885a4..548dd03a 100644 --- a/helm/oauth2-proxy/README.md +++ b/helm/oauth2-proxy/README.md @@ -181,6 +181,7 @@ The following table lists the configurable parameters of the oauth2-proxy chart | `podDisruptionBudget.enabled` | Enabled creation of PodDisruptionBudget (only if replicaCount > 1) | true | | `podDisruptionBudget.maxUnavailable` | maxUnavailable parameter for PodDisruptionBudget, one of maxUnavailable and minAvailable must be null | null | | `podDisruptionBudget.minAvailable` | minAvailable parameter for PodDisruptionBudget, one of maxUnavailable and minAvailable must be null | 1 | +| `podDisruptionBudget.unhealthyPodEvictionPolicy` | Policy for when unhealthy pods should be considered for eviction. Valid values are "IfHealthyBudget" and "AlwaysAllow". See [Kubernetes docs](https://kubernetes.io/docs/tasks/run-application/configure-pdb/#unhealthy-pod-eviction-policy) | `""` | | `podSecurityContext` | Kubernetes security context to apply to pod | `{}` | | `priorityClassName` | priorityClassName | `nil` | | `readinessProbe.enabled` | enable Kubernetes readinessProbe. Disable to use oauth2-proxy with Istio mTLS. See [Istio FAQ](https://istio.io/help/faq/security/#k8s-health-checks) | `true` | diff --git a/helm/oauth2-proxy/templates/poddisruptionbudget.yaml b/helm/oauth2-proxy/templates/poddisruptionbudget.yaml index c9521c5a..2bce3ec0 100644 --- a/helm/oauth2-proxy/templates/poddisruptionbudget.yaml +++ b/helm/oauth2-proxy/templates/poddisruptionbudget.yaml @@ -17,4 +17,7 @@ spec: {{- with .Values.podDisruptionBudget.minAvailable }} minAvailable: {{ . }} {{- end }} + {{- with .Values.podDisruptionBudget.unhealthyPodEvictionPolicy }} + unhealthyPodEvictionPolicy: {{ . }} + {{- end }} {{- end }} diff --git a/helm/oauth2-proxy/values.yaml b/helm/oauth2-proxy/values.yaml index dbbf0632..d3306a47 100644 --- a/helm/oauth2-proxy/values.yaml +++ b/helm/oauth2-proxy/values.yaml @@ -311,6 +311,10 @@ podDisruptionBudget: enabled: true maxUnavailable: null minAvailable: 1 + # Policy for when unhealthy pods should be considered for eviction. + # Valid values are "IfHealthyBudget" and "AlwaysAllow". + # Ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/#unhealthy-pod-eviction-policy + unhealthyPodEvictionPolicy: "" ## Horizontal Pod Autoscaling ## ref: https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/