From 2bee926b4bf1c1fee516591a0545eb69a1108337 Mon Sep 17 00:00:00 2001 From: Volodymyr Stoiko Date: Tue, 8 Apr 2025 23:24:34 +0300 Subject: [PATCH] Add kubeshark cm and secret -default suffix (#1704) * Add kubeshark cm and secret -default suffix * Add cleanup job * Add cleanup job * update cleanup --------- Co-authored-by: Alon Girmonsky <1990761+alongir@users.noreply.github.com> --- helm-chart/templates/02-cluster-role.yaml | 14 ++++++++++--- helm-chart/templates/12-config-map.yaml | 2 +- helm-chart/templates/13-secret.yaml | 2 +- helm-chart/templates/18-cleanup-job.yaml | 24 +++++++++++++++++++++++ manifests/complete.yaml | 4 ++-- 5 files changed, 39 insertions(+), 7 deletions(-) create mode 100644 helm-chart/templates/18-cleanup-job.yaml diff --git a/helm-chart/templates/02-cluster-role.yaml b/helm-chart/templates/02-cluster-role.yaml index 5c9f56d83..add390390 100644 --- a/helm-chart/templates/02-cluster-role.yaml +++ b/helm-chart/templates/02-cluster-role.yaml @@ -63,18 +63,26 @@ rules: resourceNames: - kubeshark-secret - kubeshark-config-map + - kubeshark-secret-default + - kubeshark-config-map-default resources: - secrets - configmaps verbs: + - create - get - watch - list - update - patch + - delete - apiGroups: - - "" + - "" + - v1 resources: - - pods/log + - secrets + - configmaps + - pods/log verbs: - - get \ No newline at end of file + - create + - get \ No newline at end of file diff --git a/helm-chart/templates/12-config-map.yaml b/helm-chart/templates/12-config-map.yaml index a7e554e6c..b356be53a 100644 --- a/helm-chart/templates/12-config-map.yaml +++ b/helm-chart/templates/12-config-map.yaml @@ -1,7 +1,7 @@ kind: ConfigMap apiVersion: v1 metadata: - name: kubeshark-config-map + name: kubeshark-config-map-default namespace: {{ .Release.Namespace }} labels: app.kubeshark.co/app: hub diff --git a/helm-chart/templates/13-secret.yaml b/helm-chart/templates/13-secret.yaml index 026567ed2..d5093d8c8 100644 --- a/helm-chart/templates/13-secret.yaml +++ b/helm-chart/templates/13-secret.yaml @@ -1,7 +1,7 @@ kind: Secret apiVersion: v1 metadata: - name: kubeshark-secret + name: kubeshark-secret-default namespace: {{ .Release.Namespace }} labels: app.kubeshark.co/app: hub diff --git a/helm-chart/templates/18-cleanup-job.yaml b/helm-chart/templates/18-cleanup-job.yaml new file mode 100644 index 000000000..3dee7cd0f --- /dev/null +++ b/helm-chart/templates/18-cleanup-job.yaml @@ -0,0 +1,24 @@ +apiVersion: batch/v1 +kind: Job +metadata: + name: kubeshark-cleanup-job + annotations: + "helm.sh/hook": pre-delete + "helm.sh/hook-delete-policy": hook-succeeded +spec: + template: + spec: + serviceAccountName: {{ include "kubeshark.serviceAccountName" . }} + restartPolicy: Never + containers: + - name: cleanup + {{- if .Values.tap.docker.overrideImage.hub }} + image: '{{ .Values.tap.docker.overrideImage.hub }}' + {{- else if .Values.tap.docker.overrideTag.hub }} + image: '{{ .Values.tap.docker.registry }}/hub:{{ .Values.tap.docker.overrideTag.hub }}' + {{ else }} + image: '{{ .Values.tap.docker.registry }}/hub:{{ not (eq .Values.tap.docker.tag "") | ternary .Values.tap.docker.tag (include "kubeshark.defaultVersion" .) }}' + {{- end }} + command: ["/bin/sh", "-c"] + args: + - "kubectl delete cm kubeshark-config-map || true && kubectl delete secret kubeshark-secret || true" \ No newline at end of file diff --git a/manifests/complete.yaml b/manifests/complete.yaml index 59209d76c..7eb95606d 100644 --- a/manifests/complete.yaml +++ b/manifests/complete.yaml @@ -130,7 +130,7 @@ metadata: kind: Secret apiVersion: v1 metadata: - name: kubeshark-secret + name: kubeshark-secret-default namespace: default labels: app.kubeshark.co/app: hub @@ -244,7 +244,7 @@ data: kind: ConfigMap apiVersion: v1 metadata: - name: kubeshark-config-map + name: kubeshark-config-map-default namespace: default labels: app.kubeshark.co/app: hub