BaruchBilanski
commented
1 year ago @MalcolmCyber Hi, I'd appreciate hearing back from you if this solution would be suitable for you. I will raise a PR and we will release a new version if it does
Open MalcolmCyber opened 1 year ago
BaruchBilanski
commented
1 year ago @MalcolmCyber Hi, I'd appreciate hearing back from you if this solution would be suitable for you. I will raise a PR and we will release a new version if it does
MalcolmCyber
commented
1 year ago Hi @BaruchBilanski that would be great. I've modified my helm in a similar manner.
MalcolmCyber
commented
1 year ago Instead of IF statements, I've used {{- include "server.initContainers" .Values | nindent 6 }} & {{- include "server.extraContainers" .Values | nindent 6 }}
With a .Values content under .Values.web.extraContainers (and gate) extraContainers:
helper.tpl update:
{{/ Inject additional containers into the pod if populated /}} {{- define "server.extraContainers" -}} {{- range $i, $container := .extraContainers }}
Can there be an entry in Gate and Web deployment yamls to allow for additions of init containers and side car containers to be added as part of the values yaml.
For example, in GCP, we're required to have a gce-proxy container to securely speak to our cloudsql DB, using image: gcr.io/cloudsql-docker/gce-proxy:1.17 as a sidecar. This means we have to modify the helm charts leading us to get out of date pretty quickly without the risk of removing the sidecar.
In addition, when Vault injector isn't available, we would use the init containers to retrieve secrets/certs from Vault. Again, this means modifications to helm charts leading us to get out of date quickly.
You could have Values of gate.init.enabled or web.init.enabled and it dumps the config of gate.init.container to the gate deployment YAML. Same with Web & Sidecar containers.