make kube-janitor opt-in for production clusters

demonCoder95 · demonCoder95 · commit 1664dbcd8d5e · 2024-11-08T15:42:11.000+01:00
diff --git a/cluster/config-defaults.yaml b/cluster/config-defaults.yaml
@@ -1170,7 +1170,13 @@ control_plane_load_balancer_internal: "none"
 #  fs.inotify.max_user_watches = 100000
 sysctl_settings: ""
 
-
+# kube-janitor configuration
+{{if eq .Cluster.Environment "production"}}
+# This makes kube-janitor opt-in for production clusters
+kube_janitor_enabled: "false"
+{{else}}
+kube_janitor_enabled: "true"
+{{end}}
 
 # scheduling_controls
 teapot_admission_controller_scheduling_controls_enabled: "false"
diff --git a/cluster/manifests/deletions.yaml b/cluster/manifests/deletions.yaml
@@ -330,3 +330,21 @@ post_apply:
   kind: ServiceAccount
   namespace: kube-system
 {{- end }}
+{{- if ne .Cluster.ConfigItems.kube_janitor_enabled "true" }}
+- name: kube-janitor
+  kind: Deployment
+  namespace: kube-system
+- name: kube-janitor
+  kind: ConfigMap
+  namespace: kube-system
+- name: kube-janitor
+  kind: VerticalPodAutoscaler
+  namespace: kube-system
+- name: kube-janitor
+  kind: ServiceAccount
+  namespace: kube-system
+- name: kube-janitor
+  kind: ClusterRole
+- name: kube-janitor
+  kind: ClusterRoleBinding
+{{- end }}
diff --git a/cluster/manifests/kube-janitor/deployment.yaml b/cluster/manifests/kube-janitor/deployment.yaml
@@ -1,4 +1,4 @@
-# {{ if ne .Cluster.Environment "production" }}
+# {{ if eq .Cluster.ConfigItems "kube_janitor_enabled" "true" }}
 # {{ $image := "container-registry.zalando.net/teapot/kube-janitor:23.7.0-main-2" }}
 # {{ $version := index (split (index (split $image ":") 1) "-") 0 }}
 apiVersion: apps/v1
diff --git a/cluster/manifests/kube-janitor/rbac.yaml b/cluster/manifests/kube-janitor/rbac.yaml
@@ -1,4 +1,4 @@
-{{ if ne .Cluster.Environment "production" }}
+{{ if eq .Cluster.ConfigItems "kube_janitor_enabled" "true" }}
 apiVersion: v1
 kind: ServiceAccount
 metadata:
diff --git a/cluster/manifests/kube-janitor/rules-config.yaml b/cluster/manifests/kube-janitor/rules-config.yaml
@@ -1,4 +1,4 @@
-# {{ if ne .Cluster.Environment "production" }}
+# {{ if eq .Cluster.ConfigItems "kube_janitor_enabled" "true" }}
 apiVersion: v1
 kind: ConfigMap
 metadata:
diff --git a/cluster/manifests/kube-janitor/vpa.yaml b/cluster/manifests/kube-janitor/vpa.yaml
@@ -1,4 +1,4 @@
-{{ if ne .Cluster.Environment "production" }}
+{{ if eq .Cluster.ConfigItems "kube_janitor_enabled" "true" }}
 apiVersion: autoscaling.k8s.io/v1
 kind: VerticalPodAutoscaler
 metadata:

Original file line number	Diff line number	Diff line change
`@@ -1,4 +1,4 @@`
`1`		`-# {{ if ne .Cluster.Environment "production" }}`
	`1`	`+# {{ if eq .Cluster.ConfigItems "kube_janitor_enabled" "true" }}`
`2`	`2`	`# {{ $image := "container-registry.zalando.net/teapot/kube-janitor:23.7.0-main-2" }}`
`3`	`3`	`# {{ $version := index (split (index (split $image ":") 1) "-") 0 }}`
`4`	`4`	`apiVersion: apps/v1`
Original file line number	Diff line number	Diff line change
`@@ -1,4 +1,4 @@`
`1`		`-{{ if ne .Cluster.Environment "production" }}`
	`1`	`+{{ if eq .Cluster.ConfigItems "kube_janitor_enabled" "true" }}`
`2`	`2`	`apiVersion: v1`
`3`	`3`	`kind: ServiceAccount`
`4`	`4`	`metadata:`