From 6608fc980abf37ebe7c3c546cac9c0b57f01af9d Mon Sep 17 00:00:00 2001 From: Patrick O'Brien Date: Sun, 17 Nov 2024 13:25:29 -0800 Subject: [PATCH] Add extraEnvVars support for spiffe-csi-driver containers (#496) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Patrick O'Brien Signed-off-by: Patrick O’Brien --- charts/spire/charts/spiffe-csi-driver/README.md | 2 ++ .../charts/spiffe-csi-driver/templates/daemonset.yaml | 7 +++++++ charts/spire/charts/spiffe-csi-driver/values.yaml | 5 +++++ 3 files changed, 14 insertions(+) diff --git a/charts/spire/charts/spiffe-csi-driver/README.md b/charts/spire/charts/spiffe-csi-driver/README.md index 0005105d8..28cf4213f 100644 --- a/charts/spire/charts/spiffe-csi-driver/README.md +++ b/charts/spire/charts/spiffe-csi-driver/README.md @@ -33,6 +33,7 @@ A Helm chart to install the SPIFFE CSI driver. | `image.pullPolicy` | The image pull policy | `IfNotPresent` | | `image.tag` | Overrides the image tag whose default is the chart appVersion | `""` | | `resources` | Resource requests and limits for spiffe-csi-driver | `{}` | +| `extraEnvVars` | Extra environment variables to be added to the spiffe-csi-driver container | `[]` | | `healthChecks.port` | The healthcheck port for spiffe-csi-driver | `9809` | | `updateStrategy.type` | The update strategy to use to replace existing DaemonSet pods with new pods. Can be RollingUpdate or OnDelete. | `RollingUpdate` | | `updateStrategy.rollingUpdate.maxUnavailable` | Max unavailable pods during update. Can be a number or a percentage. | `1` | @@ -61,6 +62,7 @@ A Helm chart to install the SPIFFE CSI driver. | `nodeDriverRegistrar.image.pullPolicy` | The image pull policy | `IfNotPresent` | | `nodeDriverRegistrar.image.tag` | Overrides the image tag | `v2.9.4` | | `nodeDriverRegistrar.resources` | Resource requests and limits for CSI driver pods | `{}` | +| `nodeDriverRegistrar.extraEnvVars` | Extra environment variables to be added to the nodeDriverRegistrar container | `[]` | | `agentSocketPath` | The unix socket path to the spire-agent | `/run/spire/agent-sockets/spire-agent.sock` | | `kubeletPath` | Path to kubelet file | `/var/lib/kubelet` | | `priorityClassName` | Priority class assigned to daemonset pods. Can be auto set with global.recommendations.priorityClassName. | `""` | diff --git a/charts/spire/charts/spiffe-csi-driver/templates/daemonset.yaml b/charts/spire/charts/spiffe-csi-driver/templates/daemonset.yaml index 754d90092..5c4528de4 100644 --- a/charts/spire/charts/spiffe-csi-driver/templates/daemonset.yaml +++ b/charts/spire/charts/spiffe-csi-driver/templates/daemonset.yaml @@ -90,6 +90,9 @@ spec: valueFrom: fieldRef: fieldPath: spec.nodeName + {{- with .Values.extraEnvVars }} + {{- toYaml . | nindent 12 }} + {{- end }} volumeMounts: # The volume containing the SPIRE agent socket. The SPIFFE CSI # driver will mount this directory into containers. @@ -123,6 +126,10 @@ spec: "-kubelet-registration-path", "{{ .Values.kubeletPath }}/plugins/{{ .Values.pluginName }}/csi.sock", "-health-port", "{{ .Values.healthChecks.port }}" ] + env: + {{- with .Values.nodeDriverRegistrar.extraEnvVars }} + {{- toYaml . | nindent 12 }} + {{- end }} volumeMounts: # The registrar needs access to the SPIFFE CSI driver socket - mountPath: /spiffe-csi diff --git a/charts/spire/charts/spiffe-csi-driver/values.yaml b/charts/spire/charts/spiffe-csi-driver/values.yaml index 8e97b37c0..e293e4c36 100644 --- a/charts/spire/charts/spiffe-csi-driver/values.yaml +++ b/charts/spire/charts/spiffe-csi-driver/values.yaml @@ -33,6 +33,9 @@ resources: {} # cpu: 100m # memory: 64Mi +## @param extraEnvVars [array] Extra environment variables to be added to the spiffe-csi-driver container +extraEnvVars: [] + healthChecks: ## @param healthChecks.port The healthcheck port for spiffe-csi-driver port: 9809 @@ -136,6 +139,8 @@ nodeDriverRegistrar: # limits: # cpu: 100m # memory: 64Mi + ## @param nodeDriverRegistrar.extraEnvVars [array] Extra environment variables to be added to the nodeDriverRegistrar container + extraEnvVars: [] ## @param agentSocketPath The unix socket path to the spire-agent agentSocketPath: /run/spire/agent-sockets/spire-agent.sock