search

jetstack / jetstack-secure

Open source components of Jetstack Secure
https://www.jetstack.io/jetstack-secure/
Apache License 2.0
252 stars 24 forks source link

feat(httpproxy): Update chart to support httproxy #535

Closed tfadeyi closed 1 month ago

tfadeyi commented 1 month ago

Updates the venafi-kubernetes-agent helm chart to include the HTTPS_PROXY, HTTP_PROXY, NO_PROXY env vars.

with HTTPS_PROXY value ``` # Source: venafi-kubernetes-agent/templates/deployment.yaml apiVersion: apps/v1 kind: Deployment metadata: name: venafi-kubernetes-agent-release-name namespace: default labels: helm.sh/chart: venafi-kubernetes-agent-0.1.47 app.kubernetes.io/name: venafi-kubernetes-agent app.kubernetes.io/instance: release-name app.kubernetes.io/version: "v0.1.47" app.kubernetes.io/managed-by: Helm spec: replicas: 1 selector: matchLabels: app.kubernetes.io/name: venafi-kubernetes-agent app.kubernetes.io/instance: release-name template: metadata: labels: app.kubernetes.io/name: venafi-kubernetes-agent app.kubernetes.io/instance: release-name spec: serviceAccountName: venafi-kubernetes-agent-release-name securityContext: {} containers: - name: venafi-kubernetes-agent securityContext: capabilities: drop: - ALL readOnlyRootFilesystem: true runAsNonRoot: true runAsUser: 1000 image: "registry.venafi.cloud/venafi-agent/venafi-agent:v0.1.47" imagePullPolicy: IfNotPresent env: - name: HTTPS_PROXY value: https://proxy:8080 args: - "agent" - "-c" - "/etc/venafi/agent/config/config.yaml" - "--client-id" - "" - "-p" - "0h1m0s" - --venafi-cloud resources: limits: cpu: 500m memory: 500Mi requests: cpu: 200m memory: 200Mi volumeMounts: - name: config mountPath: "/etc/venafi/agent/config" readOnly: true - name: credentials mountPath: "/etc/venafi/agent/key" readOnly: true volumes: - name: config configMap: name: agent-config optional: false - name: credentials secret: secretName: agent-credentials optional: false ```
with HTTP_PROXY value ``` # Source: venafi-kubernetes-agent/templates/deployment.yaml apiVersion: apps/v1 kind: Deployment metadata: name: venafi-kubernetes-agent-release-name namespace: default labels: helm.sh/chart: venafi-kubernetes-agent-0.1.47 app.kubernetes.io/name: venafi-kubernetes-agent app.kubernetes.io/instance: release-name app.kubernetes.io/version: "v0.1.47" app.kubernetes.io/managed-by: Helm spec: replicas: 1 selector: matchLabels: app.kubernetes.io/name: venafi-kubernetes-agent app.kubernetes.io/instance: release-name template: metadata: labels: app.kubernetes.io/name: venafi-kubernetes-agent app.kubernetes.io/instance: release-name spec: serviceAccountName: venafi-kubernetes-agent-release-name securityContext: {} containers: - name: venafi-kubernetes-agent securityContext: capabilities: drop: - ALL readOnlyRootFilesystem: true runAsNonRoot: true runAsUser: 1000 image: "registry.venafi.cloud/venafi-agent/venafi-agent:v0.1.47" imagePullPolicy: IfNotPresent env: - name: HTTP_PROXY value: http://proxy:8080 args: - "agent" - "-c" - "/etc/venafi/agent/config/config.yaml" - "--client-id" - "" - "-p" - "0h1m0s" - --venafi-cloud resources: limits: cpu: 500m memory: 500Mi requests: cpu: 200m memory: 200Mi volumeMounts: - name: config mountPath: "/etc/venafi/agent/config" readOnly: true - name: credentials mountPath: "/etc/venafi/agent/key" readOnly: true volumes: - name: config configMap: name: agent-config optional: false - name: credentials secret: secretName: agent-credentials optional: false ```
with NO_PROXY values ``` # Source: venafi-kubernetes-agent/templates/deployment.yaml apiVersion: apps/v1 kind: Deployment metadata: name: venafi-kubernetes-agent-release-name namespace: default labels: helm.sh/chart: venafi-kubernetes-agent-0.1.47 app.kubernetes.io/name: venafi-kubernetes-agent app.kubernetes.io/instance: release-name app.kubernetes.io/version: "v0.1.47" app.kubernetes.io/managed-by: Helm spec: replicas: 1 selector: matchLabels: app.kubernetes.io/name: venafi-kubernetes-agent app.kubernetes.io/instance: release-name template: metadata: labels: app.kubernetes.io/name: venafi-kubernetes-agent app.kubernetes.io/instance: release-name spec: serviceAccountName: venafi-kubernetes-agent-release-name securityContext: {} containers: - name: venafi-kubernetes-agent securityContext: capabilities: drop: - ALL readOnlyRootFilesystem: true runAsNonRoot: true runAsUser: 1000 image: "registry.venafi.cloud/venafi-agent/venafi-agent:v0.1.47" imagePullPolicy: IfNotPresent env: - name: NO_PROXY value: 127.0.0.1,localhost args: - "agent" - "-c" - "/etc/venafi/agent/config/config.yaml" - "--client-id" - "" - "-p" - "0h1m0s" - --venafi-cloud resources: limits: cpu: 500m memory: 500Mi requests: cpu: 200m memory: 200Mi volumeMounts: - name: config mountPath: "/etc/venafi/agent/config" readOnly: true - name: credentials mountPath: "/etc/venafi/agent/key" readOnly: true volumes: - name: config configMap: name: agent-config optional: false - name: credentials secret: secretName: agent-credentials optional: false ```