diff --git a/charts/ziti-router/README.md b/charts/ziti-router/README.md index d8deeefd..05ecf1f4 100644 --- a/charts/ziti-router/README.md +++ b/charts/ziti-router/README.md @@ -302,18 +302,19 @@ identity: | linkListeners.transport.service.enabled | bool | `true` | create a cluster service for the router transport link listener; unnecessary if advertisedHost is shared with edge listener (the default) | | linkListeners.transport.service.labels | object | `{}` | service labels | | linkListeners.transport.service.type | string | `"ClusterIP"` | expose the service as a ClusterIP, NodePort, or LoadBalancer | +| noHelmHooks | bool | `false` | disable the execution of hooks, defined within this chart This chart makes use of Helm hooks. Setting this to true will prevent the hooks from being deployed. This is useful when using the chart with tools like ArgoCD | | nodeSelector | object | `{}` | deployment template spec node selector | | persistence.accessMode | string | `"ReadWriteOnce"` | PVC access mode: ReadWriteOnce (concurrent mounts not allowed), ReadWriteMany (concurrent allowed) | | persistence.annotations | object | `{}` | annotations for the PVC | | persistence.enabled | bool | `true` | required: place a storage claim for the ctrl endpoints state file | | persistence.existingClaim | string | `""` | A manually managed Persistent Volume and Claim Requires persistence.enabled: true If defined, PVC must be created manually before volume will be bound | -| persistence.size | string | `"50Mi"` | 50Mi is plenty for this state file | +| persistence.size | string | `"50Mi"` | 50Mi is plenty for this state file | | persistence.storageClass | string | `""` | Storage class of PV to bind. By default it looks for the default storage class. If the PV uses a different storage class, specify that here. | | persistence.volumeName | string | `nil` | PVC volume name | | podAnnotations | object | `{}` | annotations to apply to all pods deployed by this chart | | podSecurityContext | object | `{"fsGroup":2171}` | deployment template spec security context | | podSecurityContext.fsGroup | int | `2171` | this is the GID of "ziggy" run-as user in the container that has access to any files created by the router process in the emptyDir volume used to persist the list of ctrl endpoints | -| proxy | object | `{}` | Explicit proxy setting in the router configuration. Router can be deployed in a site where all egress traffic is forwarded through an explicit proxy. The enrollment will also be forwarded through the proxy. | +| proxy | object | `{}` | Explicit proxy setting in the router configuration. Router can be deployed in a site where all egress traffic is forwarded through an explicit proxy. The enrollment will also be forwarded through the proxy. | | resources | object | `{}` | deployment container resources | | securityContext | string | `nil` | deployment container security context | | tolerations | list | `[]` | deployment template spec tolerations | diff --git a/charts/ziti-router/templates/pre-upgrade-configmap.yaml b/charts/ziti-router/templates/pre-upgrade-configmap.yaml index 7c369117..80e80f80 100644 --- a/charts/ziti-router/templates/pre-upgrade-configmap.yaml +++ b/charts/ziti-router/templates/pre-upgrade-configmap.yaml @@ -1,4 +1,4 @@ - +{{if not .Values.noHelmHooks}} --- apiVersion: v1 kind: ConfigMap @@ -78,4 +78,5 @@ data: {{ include "ziti-router.fullname" . }}-identity else echo "INFO: identity secret does not exist" - fi \ No newline at end of file + fi +{{end}} \ No newline at end of file diff --git a/charts/ziti-router/templates/pre-upgrade-job.yaml b/charts/ziti-router/templates/pre-upgrade-job.yaml index 488ad052..9bb2e50c 100644 --- a/charts/ziti-router/templates/pre-upgrade-job.yaml +++ b/charts/ziti-router/templates/pre-upgrade-job.yaml @@ -1,3 +1,5 @@ +{{if not .Values.noHelmHooks}} +--- apiVersion: batch/v1 kind: Job metadata: @@ -72,3 +74,4 @@ spec: {{- else }} emptyDir: {} {{- end }} +{{end}} \ No newline at end of file diff --git a/charts/ziti-router/templates/pre-upgrade-serviceaccount.yaml b/charts/ziti-router/templates/pre-upgrade-serviceaccount.yaml index 8cd05e77..e6c18a38 100644 --- a/charts/ziti-router/templates/pre-upgrade-serviceaccount.yaml +++ b/charts/ziti-router/templates/pre-upgrade-serviceaccount.yaml @@ -1,4 +1,5 @@ - +{{if not .Values.noHelmHooks}} +--- apiVersion: v1 kind: ServiceAccount metadata: @@ -40,3 +41,4 @@ subjects: - kind: ServiceAccount name: {{ include "ziti-router.fullname" . }}-hook-serviceaccount namespace: {{ .Release.Namespace }} +{{end}} \ No newline at end of file diff --git a/charts/ziti-router/values.yaml b/charts/ziti-router/values.yaml index c3e86b4d..158bd5a8 100644 --- a/charts/ziti-router/values.yaml +++ b/charts/ziti-router/values.yaml @@ -7,7 +7,7 @@ ctrl: # -- required control plane endpoint, e.g., ctrl.ziti.example.com:443 endpoint: "" -# -- Explicit proxy setting in the router configuration. Router can be deployed in a site +# -- Explicit proxy setting in the router configuration. Router can be deployed in a site # where all egress traffic is forwarded through an explicit proxy. # The enrollment will also be forwarded through the proxy. proxy: {} @@ -373,6 +373,11 @@ tolerations: [] # -- deployment template spec affinity affinity: {} +# -- disable the execution of hooks, defined within this chart +# This chart makes use of Helm hooks. Setting this to true will prevent the hooks from being deployed. +# This is useful when using the chart with tools like ArgoCD +noHelmHooks: false + ## Enable persistence using Persistent Volume Claims ## ref: http://kubernetes.io/docs/user-guide/persistent-volumes/ ## @@ -399,7 +404,7 @@ persistence: volumeName: # -- PVC access mode: ReadWriteOnce (concurrent mounts not allowed), ReadWriteMany (concurrent allowed) accessMode: ReadWriteOnce - # -- 50Mi is plenty for this state file + # -- 50Mi is plenty for this state file size: 50Mi fabric: metrics: