From 85d80ab86220b443ad205395667d5a671004dbf4 Mon Sep 17 00:00:00 2001 From: alecthomas Date: Fri, 29 Nov 2024 02:55:43 +0000 Subject: [PATCH] Update charts --- charts/ftl/Chart.yaml | 4 +- charts/ftl/templates/controller-role.yaml | 39 ------------------- .../ftl/templates/provisioner-config-map.yaml | 1 + charts/ftl/templates/provisioner-role.yaml | 39 +++++++++++++++++++ charts/ftl/templates/provisioner.yaml | 2 +- charts/ftl/templates/runner.yaml | 4 +- 6 files changed, 45 insertions(+), 44 deletions(-) diff --git a/charts/ftl/Chart.yaml b/charts/ftl/Chart.yaml index 6698f15..76892e3 100644 --- a/charts/ftl/Chart.yaml +++ b/charts/ftl/Chart.yaml @@ -3,8 +3,8 @@ name: ftl description: | A Helm chart for Kubernetes that deploys FTL home: https://github.com/TBD54566975/ftl -version: 0.407.1 -appVersion: 0.407.1 +version: 0.408.0 +appVersion: 0.408.0 dependencies: - name: postgresql version: 15.5.38 diff --git a/charts/ftl/templates/controller-role.yaml b/charts/ftl/templates/controller-role.yaml index 9aa7291..7d01d8a 100644 --- a/charts/ftl/templates/controller-role.yaml +++ b/charts/ftl/templates/controller-role.yaml @@ -7,42 +7,3 @@ metadata: annotations: eks.amazonaws.com/role-arn: {{ .Values.controller.controllersRoleArn }} {{- end }} ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: {{ include "ftl.fullname" . }}-controller - labels: - {{- include "ftl.labels" . | nindent 4 }} -rules: - - apiGroups: [ "apps" ] - resources: [ "deployments" ] - verbs: [ "get", "list", "watch", "delete", "create", "update", "patch" ] - - apiGroups: [ "" ] - resources: [ "services" , "serviceaccounts"] - verbs: [ "get", "list", "watch", "delete", "create", "update", "patch" ] - - apiGroups: [ "" ] - resources: [ "pods" ] - verbs: [ "get", "list", "watch" ] - - apiGroups: [ "" ] - resources: [ "configmaps" ] - resourceNames: - - ftl-controller-deployment-config - verbs: [ "get"] - - apiGroups: [ "security.istio.io" ] - resources: [ "authorizationpolicies" ] - verbs: [ "get", "list", "watch", "delete", "create", "update", "patch" ] ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: {{ include "ftl.fullname" . }}-controller - labels: - {{- include "ftl.labels" . | nindent 4 }} -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: {{ include "ftl.fullname" . }}-controller -subjects: - - kind: ServiceAccount - name: {{ .Values.controller.serviceAccountName }} diff --git a/charts/ftl/templates/provisioner-config-map.yaml b/charts/ftl/templates/provisioner-config-map.yaml index 9a34235..a82f98d 100644 --- a/charts/ftl/templates/provisioner-config-map.yaml +++ b/charts/ftl/templates/provisioner-config-map.yaml @@ -9,5 +9,6 @@ data: plugins = [ { id = "cloudformation", resources = ["postgres"] }, { id = "controller", resources = ["module"] }, + { id = "kubernetes", resources = ["runner"] }, ] {{- end}} \ No newline at end of file diff --git a/charts/ftl/templates/provisioner-role.yaml b/charts/ftl/templates/provisioner-role.yaml index 42facc9..d87da82 100644 --- a/charts/ftl/templates/provisioner-role.yaml +++ b/charts/ftl/templates/provisioner-role.yaml @@ -7,3 +7,42 @@ metadata: annotations: eks.amazonaws.com/role-arn: {{ .Values.provisioner.provisionersRoleArn }} {{- end }} +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: {{ include "ftl.fullname" . }}-provisioner + labels: + {{- include "ftl.labels" . | nindent 4 }} +rules: + - apiGroups: [ "apps" ] + resources: [ "deployments" ] + verbs: [ "get", "list", "watch", "delete", "create", "update", "patch" ] + - apiGroups: [ "" ] + resources: [ "services" , "serviceaccounts"] + verbs: [ "get", "list", "watch", "delete", "create", "update", "patch" ] + - apiGroups: [ "" ] + resources: [ "pods" ] + verbs: [ "get", "list", "watch" ] + - apiGroups: [ "" ] + resources: [ "configmaps" ] + resourceNames: + - ftl-controller-deployment-config + verbs: [ "get"] + - apiGroups: [ "security.istio.io" ] + resources: [ "authorizationpolicies" ] + verbs: [ "get", "list", "watch", "delete", "create", "update", "patch" ] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: {{ include "ftl.fullname" . }}-provisioner + labels: + {{- include "ftl.labels" . | nindent 4 }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: {{ include "ftl.fullname" . }}-provisioner +subjects: + - kind: ServiceAccount + name: {{ .Values.provisioner.serviceAccountName }} diff --git a/charts/ftl/templates/provisioner.yaml b/charts/ftl/templates/provisioner.yaml index c0fa72c..04a0492 100644 --- a/charts/ftl/templates/provisioner.yaml +++ b/charts/ftl/templates/provisioner.yaml @@ -51,7 +51,7 @@ spec: {{- else }} httpGet: path: /healthz - port: 8893 + port: 8892 initialDelaySeconds: 1 periodSeconds: 2 timeoutSeconds: 2 diff --git a/charts/ftl/templates/runner.yaml b/charts/ftl/templates/runner.yaml index 5554fdc..24252e6 100644 --- a/charts/ftl/templates/runner.yaml +++ b/charts/ftl/templates/runner.yaml @@ -14,9 +14,9 @@ data: ports: - name: verbs protocol: TCP - port: 8893 + port: 8892 appProtocol: http - targetPort: 8893 + targetPort: 8892 type: ClusterIP deploymentTemplate: |- apiVersion: apps/v1