From a9df3abf13940817f58169627ce50c4f32b7c38d Mon Sep 17 00:00:00 2001 From: Muse Mulatu Date: Sat, 21 Sep 2024 15:14:48 -0600 Subject: [PATCH 1/2] refactor kustomize dir --- vault-handler/{replicas-3 => base}/job.yaml | 0 vault-handler/base/kustomization.yaml | 7 +++++ vault-handler/{replicas-1 => base}/rbac.yaml | 0 vault-handler/replicas-1/kustomization.yaml | 8 +++-- .../replicas-1/{job.yaml => set_command.yaml} | 4 --- vault-handler/replicas-3/kustomization.yaml | 8 +++-- vault-handler/replicas-3/rbac.yaml | 30 ------------------- vault-handler/replicas-3/set_command.yaml | 11 +++++++ 8 files changed, 28 insertions(+), 40 deletions(-) rename vault-handler/{replicas-3 => base}/job.yaml (100%) create mode 100644 vault-handler/base/kustomization.yaml rename vault-handler/{replicas-1 => base}/rbac.yaml (100%) rename vault-handler/replicas-1/{job.yaml => set_command.yaml} (55%) delete mode 100644 vault-handler/replicas-3/rbac.yaml create mode 100644 vault-handler/replicas-3/set_command.yaml diff --git a/vault-handler/replicas-3/job.yaml b/vault-handler/base/job.yaml similarity index 100% rename from vault-handler/replicas-3/job.yaml rename to vault-handler/base/job.yaml diff --git a/vault-handler/base/kustomization.yaml b/vault-handler/base/kustomization.yaml new file mode 100644 index 0000000..befe1df --- /dev/null +++ b/vault-handler/base/kustomization.yaml @@ -0,0 +1,7 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +namespace: vault + +resources: + - job.yaml + - rbac.yaml diff --git a/vault-handler/replicas-1/rbac.yaml b/vault-handler/base/rbac.yaml similarity index 100% rename from vault-handler/replicas-1/rbac.yaml rename to vault-handler/base/rbac.yaml diff --git a/vault-handler/replicas-1/kustomization.yaml b/vault-handler/replicas-1/kustomization.yaml index befe1df..30459b0 100644 --- a/vault-handler/replicas-1/kustomization.yaml +++ b/vault-handler/replicas-1/kustomization.yaml @@ -2,6 +2,8 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization namespace: vault -resources: - - job.yaml - - rbac.yaml +bases: + - ../base + +patchesStrategicMerge: + - set_command.yaml \ No newline at end of file diff --git a/vault-handler/replicas-1/job.yaml b/vault-handler/replicas-1/set_command.yaml similarity index 55% rename from vault-handler/replicas-1/job.yaml rename to vault-handler/replicas-1/set_command.yaml index 11a3835..71b7a6e 100644 --- a/vault-handler/replicas-1/job.yaml +++ b/vault-handler/replicas-1/set_command.yaml @@ -6,10 +6,6 @@ metadata: spec: template: spec: - serviceAccountName: vault-handler containers: - name: vault-handler - image: ghcr.io/konstructio/vault-handler:latest - imagePullPolicy: Always args: ['unseal', '--leader-only'] - restartPolicy: OnFailure diff --git a/vault-handler/replicas-3/kustomization.yaml b/vault-handler/replicas-3/kustomization.yaml index befe1df..c2c522e 100644 --- a/vault-handler/replicas-3/kustomization.yaml +++ b/vault-handler/replicas-3/kustomization.yaml @@ -2,6 +2,8 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization namespace: vault -resources: - - job.yaml - - rbac.yaml +bases: + - ../base + +patchesStrategicMerge: + - set_command.yaml diff --git a/vault-handler/replicas-3/rbac.yaml b/vault-handler/replicas-3/rbac.yaml deleted file mode 100644 index 7ed34fe..0000000 --- a/vault-handler/replicas-3/rbac.yaml +++ /dev/null @@ -1,30 +0,0 @@ ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - name: vault-handler - namespace: vault ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: vault-handler - namespace: vault -rules: - - apiGroups: [''] - resources: ['configmaps', 'secrets', 'pods'] - verbs: - ['get', 'watch', 'list', 'create', 'apply', 'patch', 'delete', 'update'] ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: vault-handler - namespace: vault -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: vault-handler -subjects: - - kind: ServiceAccount - name: vault-handler diff --git a/vault-handler/replicas-3/set_command.yaml b/vault-handler/replicas-3/set_command.yaml new file mode 100644 index 0000000..f45c1b9 --- /dev/null +++ b/vault-handler/replicas-3/set_command.yaml @@ -0,0 +1,11 @@ +apiVersion: batch/v1 +kind: Job +metadata: + name: vault-handler + namespace: vault +spec: + template: + spec: + containers: + - name: vault-handler + args: ['unseal'] From fcd59ec9d8cad64bfbea58640225e585522f9925 Mon Sep 17 00:00:00 2001 From: Muse Mulatu Date: Sat, 21 Sep 2024 15:29:08 -0600 Subject: [PATCH 2/2] fix: update deprecated fields --- vault-handler/replicas-1/kustomization.yaml | 6 +++--- vault-handler/replicas-3/kustomization.yaml | 6 +++--- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/vault-handler/replicas-1/kustomization.yaml b/vault-handler/replicas-1/kustomization.yaml index 30459b0..47844b6 100644 --- a/vault-handler/replicas-1/kustomization.yaml +++ b/vault-handler/replicas-1/kustomization.yaml @@ -2,8 +2,8 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization namespace: vault -bases: +resources: - ../base -patchesStrategicMerge: - - set_command.yaml \ No newline at end of file +patches: + - path: set_command.yaml diff --git a/vault-handler/replicas-3/kustomization.yaml b/vault-handler/replicas-3/kustomization.yaml index c2c522e..47844b6 100644 --- a/vault-handler/replicas-3/kustomization.yaml +++ b/vault-handler/replicas-3/kustomization.yaml @@ -2,8 +2,8 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization namespace: vault -bases: +resources: - ../base -patchesStrategicMerge: - - set_command.yaml +patches: + - path: set_command.yaml