diff --git a/divingbell/templates/daemonset-apt.yaml b/divingbell/templates/daemonset-apt.yaml index 682c8dc..f94a3da 100644 --- a/divingbell/templates/daemonset-apt.yaml +++ b/divingbell/templates/daemonset-apt.yaml @@ -52,6 +52,10 @@ spec: hostIPC: true nodeSelector: {{ .Values.labels.apt.node_selector_key }}: {{ .Values.labels.apt.node_selector_value }} + serviceAccountName: "divingbell-apt" + initContainers: +{{- tuple $envAll "divingbell-apt" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ dict "envAll" $envAll | include "helm-toolkit.snippets.kubernetes_apparmor_loader_init_container" | indent 8 }} containers: - name: {{ $daemonset }} image: {{ .Values.images.divingbell }} @@ -84,6 +88,9 @@ spec: {{- end }} {{- end }} {{- if .Values.manifests.daemonset_apt }} +{{- $envAll := . }} +{{- $serviceAccountName := "divingbell-apt" }} +{{ tuple $envAll "divingbell-apt" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} {{- $daemonset := "apt" }} {{- $secretName := "divingbell-apt" }} {{- $daemonset_yaml := list $daemonset $secretName . | include "divingbell.daemonset.apt" | toString | fromYaml }} diff --git a/divingbell/values.yaml b/divingbell/values.yaml index cd5c18b..ea3535b 100644 --- a/divingbell/values.yaml +++ b/divingbell/values.yaml @@ -18,8 +18,14 @@ # name: value images: + tags: + dep_check: quay.io/airshipit/kubernetes-entrypoint:v1.0.0 divingbell: 'ubuntu:18.04' pull_policy: IfNotPresent + local_registry: + active: false + exclude: + - dep_check conf: chroot_mnt_path: '/mnt' @@ -278,6 +284,15 @@ pod: periodSeconds: 10 failureThreshold: 1200 +dependencies: + static: + divingbell-apt: + pod: + - requireSameNode: true + labels: + application: divingbell + component: exec + network_policy: divingbell: ingress: