PingDavidR
commented
9 months ago @eikster-dk Thanks for bringing this to our attention. We'll triage this and keep you posted with updates here.
Closed eikster-dk closed 7 months ago
PingDavidR
commented
9 months ago @eikster-dk Thanks for bringing this to our attention. We'll triage this and keep you posted with updates here.
Poornachand200
commented
8 months ago Hi @PingDavidR Is there any update on this request?
PingDavidR
commented
8 months ago @Poornachand200 we have triaged the ticket and it's in our backlog. Should be picked up for work soon.
PingDavidR
commented
8 months ago @Poornachand200 @eikster-dk Just a sanity check on a proposed solution. I wouldn't want to put in a change that didn't meet your needs :)
Given this in the Values file (I am deploying a PA cluster as a test, only showing the global section):
global:
envs:
PING_IDENTITY_ACCEPT_EULA: "YES"
annotations:
testannotation: "XYZXYZ"
I would end up with this result in the PVC for the StatefulSet for the admin pods (it shows up elsewhere in the environment, related to services, etc. as well):
Name: out-dir-demo-pingaccess-admin-0
Namespace: default
StorageClass: hostpath
Status: Bound
Volume: pvc-a967c41d-2537-44ab-b592-dcecf7501489
Labels: app.kubernetes.io/instance=demo
app.kubernetes.io/name=pingaccess-admin
Annotations: pv.kubernetes.io/bind-completed: yes
pv.kubernetes.io/bound-by-controller: yes
testannotation: XYZXYZ
volume.beta.kubernetes.io/storage-provisioner: docker.io/hostpath
volume.kubernetes.io/storage-provisioner: docker.io/hostpath
Would that be sufficient for your situation(s)?
PingDavidR
commented
7 months ago @Poornachand200 @eikster-dk nudge on my comment above from earlier this week
Poornachand200
commented
7 months ago @PingDavidR Does it mean that global annotations get applied to PVC? We are good as long as PVC gets the annotations applied globally. Please let us know what version of ping support this change.
PingDavidR
commented
7 months ago yes, as you can see above, if I define the global annotation testannotation: "XYZXYZ" in my values file, it was listed in the description of the PVC, along with being present in service definitions and other pieces of the workload (it is global, after all).
Great! Thanks for letting me know! I'll get this code submitted and reviewed; we normally release chart updates on a monthly cadence, so this would be available in the chart releasing in early Feb. If you have an urgent need, I'll work on an interim point release of the charts before then, depending on our team's capacity for review & such.
PingDavidR
commented
7 months ago This has been released. Update your local Helm repository (helm repo update pingidentity)
Hello :)
Our organisation requires us to annotate different ressources. It doesn't seem that the global annotations are attached to the PVC and therefore we cannot spin up a directory with a PVC as the resources are being rejected by gatekeeper.