[occm] add secret enabled option (kubernetes#2239)

simonostendorf · mandre · commit 3b701415fbb4 · 2024-02-07T09:03:35.000+01:00
* feat(occm): add secret enabled option

* fix(occm): helm template operator

* feat(occm): update chart version

* fix(occm): use newer chart version

* fix(occm): remove trailing spaces
diff --git a/charts/openstack-cloud-controller-manager/templates/daemonset.yaml b/charts/openstack-cloud-controller-manager/templates/daemonset.yaml
@@ -68,10 +68,14 @@ spec:
             name: http
             protocol: TCP
           {{- end }}
+          {{- if or (.Values.extraVolumeMounts) (.Values.secret.enabled) }}
           volumeMounts:
+          {{- end }}
+          {{- if .Values.secret.enabled }}
             - mountPath: /etc/config
               name: cloud-config-volume
               readOnly: true
+          {{- end }}
           {{- if .Values.extraVolumeMounts }}
             {{- toYaml .Values.extraVolumeMounts | nindent 12 }}
           {{- end }}
@@ -99,10 +103,15 @@ spec:
       {{- if .Values.priorityClassName }}
       priorityClassName: {{ .Values.priorityClassName }}
       {{- end }}
+
+      {{- if or (.Values.extraVolumes) (.Values.secret.enabled) }}
       volumes:
+      {{- end }}
+      {{- if .Values.secret.enabled }}
       - name: cloud-config-volume
         secret:
           secretName: {{ .Values.secret.name }}
+      {{- end }}
       {{- if .Values.extraVolumes }}
         {{ toYaml .Values.extraVolumes | nindent 6 }}
       {{- end }}
diff --git a/charts/openstack-cloud-controller-manager/templates/secret.yaml b/charts/openstack-cloud-controller-manager/templates/secret.yaml
@@ -1,4 +1,4 @@
-{{- if .Values.secret.create }}
+{{- if and (.Values.secret.create) (.Values.secret.enabled) }}
 apiVersion: v1
 kind: Secret
 metadata:
diff --git a/charts/openstack-cloud-controller-manager/values.yaml b/charts/openstack-cloud-controller-manager/values.yaml
@@ -82,7 +82,11 @@ serviceMonitor: {}
 # Create a secret resource cloud-config (or other name) to store credentials and settings from cloudConfig
 # You can also provide your own secret (not created by the Helm chart), in this case set create to false
 # and adjust the name of the secret as necessary
+# If you dont want to use a secret (because you are using something like an agent injector to inject the cloud config file)
+# you can disable the secret usage by setting enabled to false.
+# If you disable the secret, you have to insert the cloud config file into the path /etc/cloud/config.
 secret:
+  enabled: true
   create: true
   name: cloud-config
 

Original file line number	Diff line number	Diff line change
`@@ -1,4 +1,4 @@`
`1`		`-{{- if .Values.secret.create }}`
	`1`	`+{{- if and (.Values.secret.create) (.Values.secret.enabled) }}`
`2`	`2`	`apiVersion: v1`
`3`	`3`	`kind: Secret`
`4`	`4`	`metadata:`