Merge pull request #160 from kcp-dev/extra-volumes

Allow to consistently configure extra volume/mounts in charts

Author: kcp-ci-bot

.typos.toml

@@ -0,0 +1,4 @@
+# configuration for https://github.com/crate-ci/typos
+
+[default.extend-identifiers]
+ANDed = "ANDed"

charts/cache/Chart.yaml

@@ -3,7 +3,7 @@ name: cache
 description: A cache server for prototype of a multi-tenant Kubernetes control plane for workloads on many clusters
 
 # version information
-version: 0.0.3
+version: 0.0.4
 appVersion: "0.22.0"
 
 # optional metadata

charts/cache/templates/cache-deployment.yaml

@@ -116,11 +116,17 @@ spec:
               mountPath: /etc/cache/tls/ca
             - name: cache-cert
               mountPath: /etc/cache/tls/server
+{{- with .Values.cache.extraVolumeMounts }}
+{{ . | toYaml | indent 12 }}
+{{- end }}
       volumes:
         - name: kcp-ca
           secret:
             secretName: {{ include "certificates.kcp" . }}-ca
         - name: cache-cert
           secret:
             secretName: {{ include "cache.fullname" .}}-cert
+{{- with .Values.cache.extraVolumes }}
+{{ . | toYaml | indent 8 }}
+{{- end }}
 {{- end }}

charts/cache/values.yaml

@@ -32,6 +32,17 @@ cache:
   securityContext:
     seccompProfile:
       type: RuntimeDefault
+  # Additional volumes to be added to the kcp Deployment.
+  extraVolumes: []
+  # - name: foo
+  #   secret:
+  #     secretName: mysecret
+  #     optional: false
+  # Additional volumeMounts to be added to the kcp Deployment.
+  extraVolumeMounts: []
+  # - name: foo
+  #   mountPath: "/etc/foo"
+  #   readOnly: true
 
 certificates:
   name: certs

charts/kcp-operator/README.md

@@ -13,18 +13,24 @@ This Helm chart deploys an instance of the [kcp-operator](https://github.com/kcp
 
 Once Helm has been set up correctly, add the repo as follows:
 
-    helm repo add kcp https://kcp-dev.github.io/helm-charts
+```shell
+helm repo add kcp https://kcp-dev.github.io/helm-charts
+```
 
 If you had already added this repo earlier, run `helm repo update` to retrieve the latest versions
 of the packages. You can then run `helm search repo kcp` to see the charts.
 
 To install the kcp-operator chart (you can also pass custom values via `--values myvalues.yaml`):
 
-    helm install my-kcp-operator kcp/kcp-operator
+```shell
+helm install my-kcp-operator kcp/kcp-operator
+```
 
-To uninstall the chart:
+To uninstall the release:
 
-    helm delete my-kcp-operator
+```shell
+helm delete my-kcp-operator
+```
 
 Check [values.yaml](./values.yaml) for configuration options for this Helm chart.
 

charts/kcp-operator/values.yaml

@@ -100,11 +100,14 @@ volumeMounts: []
 #   mountPath: "/etc/foo"
 #   readOnly: true
 
-# This configures the node selector for scheduling kcp-operator to specifc nodes. For more information see https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector.
+# This configures the node selector for scheduling kcp-operator to specific nodes.
+# For more information see https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector.
 nodeSelector: {}
 
-# This configures tolerations to allow kcp-operator to be scheduled to Nodes with taints. For more information see https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/.
+# This configures tolerations to allow kcp-operator to be scheduled to Nodes with taints.
+# For more information see https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/.
 tolerations: []
 
-# This configures advanced scheduling affinity settings to fine-tune where kcp-operator runs. For more information see https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity.
+# This configures advanced scheduling affinity settings to fine-tune where kcp-operator runs.
+# For more information see https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity.
 affinity: {}

charts/kcp/Chart.yaml

@@ -3,7 +3,7 @@ name: kcp
 description: A prototype of a multi-tenant Kubernetes control plane for workloads on many clusters
 
 # version information
-version: 0.12.1
+version: 0.12.2
 appVersion: "0.28.0"
 
 # optional metadata

charts/kcp/README.md

@@ -22,18 +22,24 @@ There is a [helper script](#install-to-kind-cluster-for-development) that you ca
 
 Once Helm has been set up correctly, add the repo as follows:
 
-    helm repo add kcp https://kcp-dev.github.io/helm-charts
+```shell
+helm repo add kcp https://kcp-dev.github.io/helm-charts
+```
 
 If you had already added this repo earlier, run `helm repo update` to retrieve the latest versions
 of the packages. You can then run `helm search repo kcp` to see the charts.
 
 To install the kcp chart:
 
-    helm upgrade --install my-kcp kcp/kcp --values ./myvalues.yaml
+```shell
+helm upgrade --install my-kcp kcp/kcp --values ./myvalues.yaml
+```
 
-To uninstall the chart:
+To uninstall the release:
 
-    helm delete my-kcp
+```shell
+helm delete my-kcp
+```
 
 ## Configuration
 
@@ -57,7 +63,7 @@ export KCP_EXTERNAL_HOSTNAME=my-kcp-instance.example.com
 
 ### Ingress Method
 
-To allow access to kcp from outside the cluster it is running in (which you usally want to set up), you will need to choose from the options below.
+To allow access to kcp from outside the cluster it is running in (which you usually want to set up), you will need to choose from the options below.
 
 #### 1. LoadBalancer Service (recommended)
 
@@ -72,7 +78,7 @@ To do so, use the following snippet in your `values.yaml`:
 kcpFrontProxy:
   service:
     type: LoadBalancer
-``` 
+```
 
 This will create a `Service` called `kcp-front-proxy` with an external IP (or hostname).
 
@@ -126,7 +132,7 @@ etcd:
       enabled: true
 ```
 
-To collect metrics from these targets, a `Prometheus` instance targetting those `ServiceMonitors` is needed. A possible selector in the `Prometheus` spec is:
+To collect metrics from these targets, a `Prometheus` instance targeting those `ServiceMonitors` is needed. A possible selector in the `Prometheus` spec is:
 
 ```yaml
 serviceMonitorSelector:

charts/kcp/templates/server-deployment.yaml

@@ -284,6 +284,9 @@ spec:
               mountPath: /etc/kcp/external-logical-cluster-admin/kubeconfig
             - name: external-logical-cluster-admin-kubeconfig-cert
               mountPath: /etc/kcp/external-logical-cluster-admin/kubeconfig-client-cert
+{{- with .Values.kcp.extraVolumeMounts }}
+{{ . | toYaml | indent 12 }}
+{{- end }}
       volumes:
         - name: kcp-etcd-client-cert
           secret:
@@ -355,6 +358,9 @@ spec:
         - name: external-logical-cluster-admin-kubeconfig-cert
           secret:
             secretName: {{ include "kcp.fullname" . }}-external-admin-kubeconfig-cert
+{{- with .Values.kcp.extraVolumes }}
+{{ . | toYaml | indent 8 }}
+{{- end }}
 
 ---
 apiVersion: v1

charts/kcp/values.yaml

@@ -11,7 +11,7 @@ global:
 externalHostname: ""
 # Port under which kcp-front-proxy will be accessible on the external hostname.
 # Defaults to 8443 for .Values.kcpFrontProxy.service.type "LoadBalancer", 443 otherwise.
-externalPort: "" 
+externalPort: ""
 
 etcd:
   enabled: true
@@ -26,7 +26,7 @@ etcd:
       # cpu: 1
       memory: 20Gi
   volumeSize: 8Gi
-  
+
   # StorageClass to use for etcd data volumes.
   storageClassName: ""
 
@@ -171,6 +171,19 @@ kcp:
                     - server
             topologyKey: "kubernetes.io/hostname"
 
+  # Additional volumes to be added to the kcp Deployment.
+  extraVolumes: []
+  # - name: foo
+  #   secret:
+  #     secretName: mysecret
+  #     optional: false
+
+  # Additional volumeMounts to be added to the kcp Deployment.
+  extraVolumeMounts: []
+  # - name: foo
+  #   mountPath: "/etc/foo"
+  #   readOnly: true
+
 kcpFrontProxy:
   replicas: 1
   strategy:
@@ -230,7 +243,7 @@ kcpFrontProxy:
   #   secret: # must be a Secret in the same namespace as KCP, containing the CA cert for the issuer.
   #     name: "" # the name of the Secret
   #     key: "" # the key in the Secret's data that contains the CA cert
- 
+
   profiling:
     enabled: false
     port: 6060