From 4a9b4a3dd6eb864e71171962a9639deb626bdb15 Mon Sep 17 00:00:00 2001 From: Matan Heled Date: Mon, 18 Dec 2023 16:51:23 +0200 Subject: [PATCH 1/7] Added pod SCC and container SCC, rollout strategy and resource to ocean helm-chart --- charts/port-agent/templates/deployment.yaml | 2 ++ charts/port-agent/values.yaml | 2 -- charts/port-ocean/templates/deployment.yaml | 14 ++++++++++++-- charts/port-ocean/values.yaml | 20 ++++++++++++++++++-- 4 files changed, 32 insertions(+), 6 deletions(-) diff --git a/charts/port-agent/templates/deployment.yaml b/charts/port-agent/templates/deployment.yaml index 650938a..fd82fd8 100644 --- a/charts/port-agent/templates/deployment.yaml +++ b/charts/port-agent/templates/deployment.yaml @@ -52,7 +52,9 @@ spec: name: {{ include "port-agent.secretName" . }} {{- end }} resources: + {{- if .Values.resources }} {{- toYaml .Values.resources | nindent 12 }} + {{- end }} volumeMounts: {{- if .Values.controlThePayloadConfig }} - mountPath: /app/control_the_payload_config.json diff --git a/charts/port-agent/values.yaml b/charts/port-agent/values.yaml index cd24bae..432500c 100644 --- a/charts/port-agent/values.yaml +++ b/charts/port-agent/values.yaml @@ -41,8 +41,6 @@ containerSecurityContext: {} # runAsUser: 1001 # allowPrivilegeEscalation: false - - rolloutStrategy: "Recreate" resources: diff --git a/charts/port-ocean/templates/deployment.yaml b/charts/port-ocean/templates/deployment.yaml index f8a07e2..2e4e55d 100644 --- a/charts/port-ocean/templates/deployment.yaml +++ b/charts/port-ocean/templates/deployment.yaml @@ -3,6 +3,12 @@ kind: Deployment metadata: name: {{ include "port-ocean.deploymentName" . }} spec: + strategty: + type: {{ .Values.rolloutStrategy | default "Recreate" }} + securityContext: + {{- if .Values.podSecurityContext }} + {{- toYaml .Values.podSecurityContext | nindent 4 }} + {{- end }} replicas: 1 selector: matchLabels: @@ -20,6 +26,10 @@ spec: {{- end }} image: ghcr.io/port-labs/port-ocean-{{ .Values.integration.type }}:{{ .Values.integration.version | default "latest" }} {{- if .Values.service.enabled }} + securityContext: + {{- if .Values.containerSecurityContext }} + {{- toYaml .Values.containerSecurityContext | nindent 10 }} + {{- end }} ports: - containerPort: {{.Values.service.port}} protocol: TCP @@ -64,8 +74,8 @@ spec: tolerations: {{- toYaml . | nindent 8 }} {{- end }} - {{- with .Values.resources }} resources: - {{- toYaml . | nindent 8 }} + {{- if .Values.resources }} + {{- toYaml .Values.resources | nindent 8 }} {{- end }} diff --git a/charts/port-ocean/values.yaml b/charts/port-ocean/values.yaml index 7b2054f..acf6570 100644 --- a/charts/port-ocean/values.yaml +++ b/charts/port-ocean/values.yaml @@ -9,10 +9,26 @@ port: podAnnotations: {} podSecurityContext: {} +# Example + # runAsGroup: 1001 + # runAsUser: 1001 + # fsGroup: 1001 + # fsGroupChangePolicy: "OnRootMismatch" +containerSecurityContext: {} +# Example + # runAsGroup: 1001 + # runAsUser: 1001 + # allowPrivilegeEscalation: false -securityContext: {} +rolloutStrategy: "Recreate" +resources: + requests: + memory: "512Mi" + cpu: "200m" + limits: + memory: "1024Mi" + cpu: "500m" -resources: {} nodeSelector: {} From 1500b63bb08b2b868baddb0e69bc1c37748239bc Mon Sep 17 00:00:00 2001 From: Matan Heled Date: Mon, 18 Dec 2023 16:53:49 +0200 Subject: [PATCH 2/7] added space --- charts/port-ocean/values.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/charts/port-ocean/values.yaml b/charts/port-ocean/values.yaml index acf6570..d73cd2c 100644 --- a/charts/port-ocean/values.yaml +++ b/charts/port-ocean/values.yaml @@ -21,6 +21,7 @@ containerSecurityContext: {} # allowPrivilegeEscalation: false rolloutStrategy: "Recreate" + resources: requests: memory: "512Mi" From 0084fb2c764b8b826a6d2fc47b3cfc7241937606 Mon Sep 17 00:00:00 2001 From: MatanHeledPort <115919235+MatanHeledPort@users.noreply.github.com> Date: Mon, 18 Dec 2023 17:19:16 +0200 Subject: [PATCH 3/7] update chart version --- charts/port-ocean/Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/port-ocean/Chart.yaml b/charts/port-ocean/Chart.yaml index 4a41768..1c0c876 100644 --- a/charts/port-ocean/Chart.yaml +++ b/charts/port-ocean/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: port-ocean description: A Helm chart for Port Ocean integrations type: application -version: 0.1.11 +version: 0.1.12 appVersion: "0.1.0" home: https://getport.io/ sources: From cd4373c7db08a092991b6d29143be60f9b97c6c7 Mon Sep 17 00:00:00 2001 From: OmriGez Date: Tue, 19 Dec 2023 19:36:30 +0200 Subject: [PATCH 4/7] fixed type in strategy --- charts/port-agent/templates/deployment.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/port-agent/templates/deployment.yaml b/charts/port-agent/templates/deployment.yaml index 650938a..f53ba3a 100644 --- a/charts/port-agent/templates/deployment.yaml +++ b/charts/port-agent/templates/deployment.yaml @@ -5,7 +5,7 @@ metadata: labels: {{- include "port-agent.labels" . | nindent 4 }} spec: - strategty: + strategy: type: {{ .Values.rolloutStrategy }} securityContext: {{- if .Values.podSecurityContext }} From 168acead7a482d93d461256d3f15fb29dd4edb26 Mon Sep 17 00:00:00 2001 From: MatanHeledPort <115919235+MatanHeledPort@users.noreply.github.com> Date: Wed, 20 Dec 2023 10:48:40 +0200 Subject: [PATCH 5/7] Update Chart.yaml --- charts/port-agent/Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/port-agent/Chart.yaml b/charts/port-agent/Chart.yaml index 7436001..db16aac 100644 --- a/charts/port-agent/Chart.yaml +++ b/charts/port-agent/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: port-agent description: A Helm chart for Port Agent type: application -version: 0.7.0 +version: 0.7.1 appVersion: "v0.6.4" home: https://getport.io/ sources: From 6b93445eb23b0005be2754a4698a6e399a7e8b37 Mon Sep 17 00:00:00 2001 From: Matan Heled Date: Wed, 20 Dec 2023 18:25:46 +0200 Subject: [PATCH 6/7] added env vars support --- charts/port-ocean/templates/deployment.yaml | 5 ++++- charts/port-ocean/values.yaml | 5 +++++ 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/charts/port-ocean/templates/deployment.yaml b/charts/port-ocean/templates/deployment.yaml index 2e4e55d..712fa36 100644 --- a/charts/port-ocean/templates/deployment.yaml +++ b/charts/port-ocean/templates/deployment.yaml @@ -34,11 +34,14 @@ spec: - containerPort: {{.Values.service.port}} protocol: TCP {{- end }} - {{- if .Values.selfSignedCertificate.enabled }} env: + {{- if .Values.selfSignedCertificate.enabled }} - name: SSL_CERT_FILE value: /etc/ssl/certs/ca-certificates.crt {{- end }} + {{- with .Values.extraEnv }} + {{- toYaml . | nindent 10 }} + {{- end }} envFrom: - configMapRef: name: {{ include "port-ocean.configMapName" . }} diff --git a/charts/port-ocean/values.yaml b/charts/port-ocean/values.yaml index d73cd2c..bcb4aa5 100644 --- a/charts/port-ocean/values.yaml +++ b/charts/port-ocean/values.yaml @@ -8,6 +8,11 @@ port: podAnnotations: {} +extraEnv: +# Example +# - name: HTTPS_PROXY +# value: http://myproxy.com + podSecurityContext: {} # Example # runAsGroup: 1001 From 02c4890e3628fe577fce6eec42bd4f2114cc2f1d Mon Sep 17 00:00:00 2001 From: Matan Heled Date: Thu, 21 Dec 2023 13:04:21 +0200 Subject: [PATCH 7/7] fixed typo --- charts/port-ocean/templates/deployment.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/port-ocean/templates/deployment.yaml b/charts/port-ocean/templates/deployment.yaml index 712fa36..fad4adf 100644 --- a/charts/port-ocean/templates/deployment.yaml +++ b/charts/port-ocean/templates/deployment.yaml @@ -3,7 +3,7 @@ kind: Deployment metadata: name: {{ include "port-ocean.deploymentName" . }} spec: - strategty: + strategy: type: {{ .Values.rolloutStrategy | default "Recreate" }} securityContext: {{- if .Values.podSecurityContext }}