feature(kuma-cp): allow extra cm in kuma cp chart

The initial motivation for this is to allow the appropriate
CA file for the Postgres instance to be specified when
running kuma-cp in universal mode and then configured with
KUMA_STORE_POSTGRES_TLS_CA_PATH

Signed-off-by: Will Betts <will.betts@equalexperts.com>

deployments/charts/kuma/README.md

@@ -47,7 +47,7 @@ A Helm chart for the Kuma Control Plane
 | controlPlane.image.repository | string | `"kuma-cp"` | Kuma CP image repository |
 | controlPlane.secrets | list of { Env: string, Secret: string, Key: string } | `nil` | Secrets to add as environment variables, where `Env` is the name of the env variable, `Secret` is the name of the Secret, and `Key` is the key of the Secret value to use |
 | controlPlane.envVars | object | `{}` | Additional environment variables that will be passed to the control plane |
-| controlPlane.additionalFiles | object | `{}` | Additional files to be included in the control plane config map |
+| controlPlane.extraConfigMaps | list | `[]` | Additional config maps to mount into the control plane |
 | controlPlane.webhooks.validator.additionalRules | string | `""` | Additional rules to apply on Kuma validator webhook. Useful when building custom policy on top of Kuma. |
 | controlPlane.webhooks.ownerReference.additionalRules | string | `""` | Additional rules to apply on Kuma owner reference webhook. Useful when building custom policy on top of Kuma. |
 | cni.enabled | bool | `false` | Install Kuma with CNI instead of proxy init container |

deployments/charts/kuma/templates/cp-configmap.yaml

@@ -13,7 +13,22 @@ data:
     {{ if .Values.controlPlane.config }}
     {{ .Values.controlPlane.config | nindent 4 }}
     {{ end }}
-  {{- range $fileName, $fileContents := .Values.controlPlane.additionalFiles }}
+
+{{- $kumaName := include "kuma.name" . -}}
+{{- $kumaLabels := include "kuma.labels" . -}}
+{{- $releaseNamespace := .Release.Namespace}}
+{{- range $extraConfigMap := .Values.controlPlane.extraConfigMaps }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ $kumaName }}-{{ $extraConfigMap.name }}
+  namespace: {{ $releaseNamespace }}
+  labels:
+  {{- $kumaLabels | nindent 4 }}
+data:
+  {{- range $fileName, $fileContents := $extraConfigMap.values }}
   {{- $fileName | nindent 2 }}: |
   {{- $fileContents | nindent 4 }}
   {{- end }}
+{{- end }}

deployments/charts/kuma/templates/cp-deployment.yaml

@@ -135,6 +135,12 @@ spec:
               mountPath: /var/run/secrets/kuma.io/kds-client-tls-cert
               readOnly: true
           {{- end }}
+          {{- $kumaName := include "kuma.name" . -}}
+          {{- range $extraConfigMap := .Values.controlPlane.extraConfigMaps }}
+            - name: {{ $kumaName }}-{{ $extraConfigMap.name }}
+              mountPath: {{ $extraConfigMap.mountPath }}
+              readOnly: {{ $extraConfigMap.readOnly }}
+          {{- end }}
       volumes:
         {{- if .Values.controlPlane.tls.general.secretName }}
         - name: general-tls-cert
@@ -168,3 +174,9 @@ spec:
         - name: {{ include "kuma.name" . }}-control-plane-config
           configMap:
             name: {{ include "kuma.name" . }}-control-plane-config
+        {{- $kumaName := include "kuma.name" . -}}
+        {{- range $extraConfigMap := .Values.controlPlane.extraConfigMaps }}
+        - name: {{ $kumaName }}-{{ $extraConfigMap.name }}
+          configMap:
+            name: {{ $kumaName }}-{{ $extraConfigMap.name }}
+        {{- end }}

deployments/charts/kuma/values.yaml

@@ -128,8 +128,14 @@ controlPlane:
   # -- Additional environment variables that will be passed to the control plane
   envVars: { }
 
-  # -- Additional files to be included in the control plane config map
-  additionalFiles: { }
+  # -- Additional config maps to mount into the control plane
+  extraConfigMaps: [ ]
+#    - name: extra-config
+#      mountPath: /etc/extra-config
+#      readOnly: true
+#      values:
+#        extra-config-key: |
+#          extra-config-value
 
   webhooks:
     validator: