Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

support mounting custom secrets in the kiali pod #115

Merged
merged 1 commit into from
Nov 11, 2021
Merged

support mounting custom secrets in the kiali pod #115

merged 1 commit into from
Nov 11, 2021

Conversation

jmazzitelli
Copy link
Contributor

part of: kiali/kiali#4468

@jmazzitelli jmazzitelli added the enhancement New feature or request label Nov 4, 2021
@jmazzitelli jmazzitelli self-assigned this Nov 4, 2021
@jmazzitelli jmazzitelli marked this pull request as draft November 4, 2021 02:41
@jmazzitelli jmazzitelli mentioned this pull request Nov 4, 2021
Closed
@jmazzitelli
Copy link
Contributor Author

jmazzitelli commented Nov 4, 2021
edited
Loading

Here's how you can test assuming you have istio installed in istio-system namespace:

helm install -n istio-system kiali-server _output/charts/kiali-server-*-SNAPSHOT.tgz \
   --set deployment.custom_secrets[0].name=mazz \
   --set deployment.custom_secrets[0].mount=/mazzpath \
   --set deployment.custom_secrets[0].optional=true \
   --set deployment.custom_secrets[1].name=foo \
   --set deployment.custom_secrets[1].mount=/foopath \
   --set deployment.custom_secrets[1].optional=true

Now see that the Kiali pod has the correct yaml (I did not create the secrets, but with optional=true it doesn't matter that the secrets do not actually exist - just knowing the pod started successfully and has the correct yaml is good):

See the volumeMounts exist:

$ for s in mazz foo; do kubectl get pods -n istio-system -l app=kiali -o jsonpath="{.items[0].spec.containers[0].volumeMounts[?(@.name==\"${s}\")]}" | jq; done
{
  "mountPath": "/mazzpath",
  "name": "mazz"
}
{
  "mountPath": "/foopath",
  "name": "foo"
}

See the volumes exist:

$ for s in mazz foo; do kubectl get pods -n istio-system -l app=kiali -o jsonpath="{.items[0].spec.volumes[?(@.name==\"${s}\")]}" | jq; done
{
  "name": "mazz",
  "secret": {
    "defaultMode": 420,
    "optional": true,
    "secretName": "mazz"
  }
}
{
  "name": "foo",
  "secret": {
    "defaultMode": 420,
    "optional": true,
    "secretName": "foo"
  }
}

@jmazzitelli jmazzitelli marked this pull request as ready for review November 4, 2021 21:32
@jmazzitelli
Copy link
Contributor Author

testing looks good: kiali/kiali#4468 (comment)

@jmazzitelli jmazzitelli requested a review from jshaughn November 9, 2021 14:33
jshaughn
jshaughn approved these changes Nov 9, 2021
View reviewed changes
Copy link

@jshaughn jshaughn left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LOK

@jmazzitelli
Copy link
Contributor Author

assigning to @mattmahoneyrh so he can determine if the community testing and molecule testing is good enough.

@jmazzitelli jmazzitelli merged commit d7038d8 into kiali:master Nov 11, 2021
@jmazzitelli jmazzitelli deleted the 4468-custom-secrets branch November 11, 2021 21:21
Matiasmct pushed a commit to giffgaff/kiali-charts-backup that referenced this pull request Nov 24, 2021
@jmazzitelli @Matiasmct
support mounting custom secrets in the kiali pod (kiali#115)
e20bbeb 
part of: kiali/kiali#4468
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jshaughn jshaughn jshaughn approved these changes

Assignees

@jmazzitelli jmazzitelli

Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@jmazzitelli @jshaughn @mattmahoneyrh