Closed mheers closed 1 month ago
I understand the desire here, but nifikop generates the container specs so that it knows how they're laid out and many assumptions are made throughout the operator based on this. Allowing users to configure any part of the container spec means you could potentially break an assumption the operator is making. This might be a little too open to expose as an option.
Are just wanting to set environment variables in only the nifi container and not any other containers in the pod?
At first I'd be happy to set an Env only for the nifi container. I see, that the container spec is quite complex. With this PR I wanted to avoid to create too many new fields in the CRD to make it not too complex.
Would you suggest to have a AdditionalNifiContainerEnvs
in the ReadOnlyConfig
?
At first I'd be happy to set an Env only for the nifi container. I see, that the container spec is quite complex. With this PR I wanted to avoid to create too many new fields in the CRD to make it not too complex.
Would you suggest to have a
AdditionalNifiContainerEnvs
in theReadOnlyConfig
?
It could be a good idea, to add the possibility to add env variable only for the nifi container and not for all the containers. Don't you think @mh013370?
At first I'd be happy to set an Env only for the nifi container. I see, that the container spec is quite complex. With this PR I wanted to avoid to create too many new fields in the CRD to make it not too complex. Would you suggest to have a
AdditionalNifiContainerEnvs
in theReadOnlyConfig
?It could be a good idea, to add the possibility to add env variable only for the nifi container and not for all the containers. Don't you think @mh013370?
Yeah I can understand the need. Perhaps an AdditionalNifiEnvs
that are applied only to the NiFi container would be appropriate. The AdditionalSharedEnvs
makes it clear the envs are applied to all containers in the pod. The AdditionalNifiEnvs
would be applied only to the NiFi container. The docs should be updated as appropriate to clarify this.
Implemented AdditionalNifiEnvs
and force pushed.
@juldrixx do you need anything to merge?
What's in this PR?
CRD / Controller: Can customize / overwrite the nifi container specification
Why?
When having custom certificates for the Java Truststore/Keystore this allows a flexible modification of the nifi container specification in the pods - where we can set the
JAVA_TOOL_OPTIONS
env var. This env var could also have been set usingNifiClusterSpec.Node[*].ReadOnlyConfig.AdditionalSharedEnvs
but this would share the maybe secret data between all containers in the pod and running a second Java container as a sidecar with a differentJAVA_TOOL_OPTIONS
configuration would not be possible.Additional context
The implementation is inspired by the solution in vault operator: https://github.com/bank-vaults/vault-operator/blob/v1.22.0/pkg/controller/vault/vault_controller.go#L1336
Checklist