Skip to content

Commit

Permalink
Use kustomize for csi driver
Browse files Browse the repository at this point in the history
Signed-off-by: Jirka Kremser <[email protected]>
  • Loading branch information
jkremser committed Oct 5, 2023
1 parent 4000124 commit 5f0494f
Show file tree
Hide file tree
Showing 24 changed files with 375 additions and 421 deletions.
2 changes: 1 addition & 1 deletion .gitignore
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
# binary
/bin/kustomize
/bin/*

18 changes: 16 additions & 2 deletions Makefile.custom.mk
Original file line number Diff line number Diff line change
Expand Up @@ -4,9 +4,11 @@ OS ?= $(shell go env GOOS 2>/dev/null || echo linux)
ARCH ?= $(shell go env GOARCH 2>/dev/null || echo amd64)
KUSTOMIZE := ./bin/kustomize
KUSTOMIZE_VERSION ?= v4.5.7
YQ = ./bin/yq
YQ_VERSION := 4.31.2

.PHONY: all
all: update-cpi-chart update-csi-chart update-kubevip-chart update-kubevip-cloud-provider-chart
all: update-cpi-chart update-csi-chart apply-custom-patches-for-csi update-kubevip-chart update-kubevip-cloud-provider-chart
@$(call say,Sync has been done ✓)

.PHONY: update-cpi-chart
Expand All @@ -15,11 +17,16 @@ update-cpi-chart:
./hack/update-cpi-chart.sh
./hack/common-labels-injector.sh cloud-provider-for-vsphere

.PHONY: apply-custom-patches-for-csi
apply-custom-patches-for-csi: $(YQ) ## apply giantswarm specific patches that are not possible via kustomize
@$(call say,Custom yq magic for CSI)
./hack/custom-patches.sh
./hack/common-labels-injector.sh vsphere-csi-driver

.PHONY: update-csi-chart
update-csi-chart: $(KUSTOMIZE)
@$(call say,CSI helm chart)
./hack/update-csi-chart.sh $(KUSTOMIZE)
./hack/common-labels-injector.sh vsphere-csi-driver

.PHONY: update-kubevip-chart
update-kubevip-chart:
Expand All @@ -40,6 +47,13 @@ $(KUSTOMIZE): ## Download kustomize locally if necessary.
chmod +x $@
@echo "kustomize downloaded"

$(YQ): ## Download yq locally if necessary.
@$(call say,Download yq)
curl -sfL https://github.com/mikefarah/yq/releases/download/v$(YQ_VERSION)/yq_$(OS)_$(ARCH) > $@
chmod +x $@
@echo "yq downloaded"


ifndef NO_COLOR
YELLOW=\033[0;33m
# no color
Expand Down
65 changes: 0 additions & 65 deletions config/kube-vip/overwrites/templates/pss-exceptions.yaml

This file was deleted.

65 changes: 0 additions & 65 deletions config/vsphere-csi-driver/overwrites/templates/pss-exceptions.yaml

This file was deleted.

6 changes: 6 additions & 0 deletions config/vsphere-csi-driver/overwrites/values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -53,3 +53,9 @@ storageClass:
isDefault: false
vcdStorageProfileName: "vSAN Default Storage Policy"
fileSystem: "ext4"

containerSecurityContext:
allowPrivilegeEscalation: false
runAsNonRoot: true
seccompProfile:
type: RuntimeDefault
20 changes: 20 additions & 0 deletions hack/custom-patches.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,20 @@
#!/bin/bash

set -o errexit
set -o nounset
set -o pipefail

YQ="./bin/yq"

f="helm/cloud-provider-vsphere/charts/vsphere-csi-driver/templates/apps_v1_deployment_vsphere-csi-controller.yaml"
${YQ} e '.spec.template.spec.securityContext.remove-this-key="'"
{{- with .Values.podSecurityContext }}
{{- . | toYaml | nindent 8 }}
{{- end }}
"'" | .spec.template.spec.containers[].securityContext.remove-this-key="'"
{{- with .Values.containerSecurityContext }}
{{- . | toYaml | nindent 12 }}
{{- end }}
"'"' ${f} > ${f}.tmp
cat ${f}.tmp | grep -v 'remove-this-key' > ${f}
rm -rf ${f}.tmp
Original file line number Diff line number Diff line change
Expand Up @@ -45,6 +45,9 @@ spec:
- key: node.cloudprovider.kubernetes.io/uninitialized
value: "true"
effect: NoSchedule
- key: node.cluster.x-k8s.io/uninitialized
effect: NoSchedule
operator: Exists
- key: node-role.kubernetes.io/master
effect: NoSchedule
operator: Exists
Expand Down

This file was deleted.

This file was deleted.

Loading

0 comments on commit 5f0494f

Please sign in to comment.