Skip to content

Commit

Permalink
fix use sa key in zone repo
Browse files Browse the repository at this point in the history
  • Loading branch information
PatrickKoss committed Dec 1, 2024
1 parent 3a0fd19 commit 4b97a39
Show file tree
Hide file tree
Showing 4 changed files with 24 additions and 14 deletions.
2 changes: 1 addition & 1 deletion Makefile
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
GOLANGCI_VERSION = 1.61.0
GOLANGCI_VERSION = 1.62.0
HELM_DOCS_VERSION = 1.14.2
LICENCES_IGNORE_LIST = $(shell cat licenses/licenses-ignore-list.txt)

Expand Down
6 changes: 6 additions & 0 deletions deploy/stackit/templates/deployment.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -63,6 +63,9 @@ spec:
mountPath: {{ .Values.stackitSaAuthentication.mountPath }}
readOnly: true
{{- end }}
{{- if .Values.additionalVolumeMounts }}
{{ toYaml .Values.additionalVolumeMounts | indent 10 }}
{{- end }}
resources:
{{ toYaml .Values.resources | indent 12 }}
volumes:
Expand All @@ -74,6 +77,9 @@ spec:
secret:
secretName: {{ .Values.stackitSaAuthentication.secretName }}
{{- end }}
{{- if .Values.additionalVolumes }}
{{ toYaml .Values.additionalVolumes | indent 8 }}
{{- end }}
{{- with .Values.podSecurityContext }}
securityContext:
{{ toYaml . | indent 8 }}
Expand Down
21 changes: 16 additions & 5 deletions deploy/stackit/values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -52,7 +52,8 @@ service:
port: 443

# -- Kubernetes resources for the webhook. Usually limits.cpu=100m, limits.memory=128Mi, requests.cpu=100m, requests.memory=128Mi is enough for the webhook.
resources: { }
resources:
{}
# We usually recommend not to specify default resources and to leave this as a conscious
# choice for the user. This also increases chances charts run on environments with little
# resources, such as Minikube. If you do want to specify resources, uncomment the following
Expand All @@ -65,19 +66,29 @@ resources: { }
# memory: 128Mi

# -- Node selector for the webhook.
nodeSelector: { }
nodeSelector: {}

# -- Tolerations for the webhook.
tolerations: [ ]
tolerations: []

affinity: { }
affinity: {}

securityContext:
allowPrivilegeEscalation: false
capabilities:
drop: [ "ALL" ]
drop: ["ALL"]

podSecurityContext:
runAsGroup: 1000
runAsUser: 1000
runAsNonRoot: true

additionalVolumes: []
# - name: extra-config
# configMap:
# name: extra-config-map

additionalVolumeMounts: []
# - name: extra-config
# mountPath: /etc/extra-config
# readOnly: true
9 changes: 1 addition & 8 deletions internal/repository/zone_repository.go
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,6 @@ import (
"fmt"
"strings"

stackitconfig "github.com/stackitcloud/stackit-sdk-go/core/config"
stackitdnsclient "github.com/stackitcloud/stackit-sdk-go/services/dns"
)

Expand All @@ -31,13 +30,7 @@ type zoneRepositoryFactory struct{}
func (z zoneRepositoryFactory) NewZoneRepository(
config Config,
) (ZoneRepository, error) {
httpClient := *config.HttpClient

apiClient, err := newStackitDnsClient(
stackitconfig.WithToken(config.AuthToken),
stackitconfig.WithHTTPClient(&httpClient),
stackitconfig.WithEndpoint(config.ApiBasePath),
)
apiClient, err := chooseNewStackitDnsClient(config)
if err != nil {
return nil, err
}
Expand Down

0 comments on commit 4b97a39

Please sign in to comment.