diff --git a/charts/sn-platform-slim/templates/argocd-hook/argocd-hook-rbac.yaml b/charts/sn-platform-slim/templates/argocd-hook/argocd-hook-rbac.yaml new file mode 100644 index 000000000..d279e6fbc --- /dev/null +++ b/charts/sn-platform-slim/templates/argocd-hook/argocd-hook-rbac.yaml @@ -0,0 +1,65 @@ +# +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. +# + +{{- if .Values.argocd_hook.enabled }} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: "{{ template "pulsar.fullname" . }}-argocd-hook-serviceaccount" + namespace: {{ template "pulsar.namespace" . }} + +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: "{{ template "pulsar.fullname" . }}-argocd-hook-role" + namespace: {{ template "pulsar.namespace" . }} + labels: + app: {{ template "pulsar.name" . }} + chart: {{ template "pulsar.chart" . }} + release: {{ .Release.Name }} +rules: + - apiGroups: [ "" ] + resources: [ "pods/exec" ] + verbs: [ "create" ] + - apiGroups: [ "" ] + resources: + - pods + verbs: + - list + - get +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: "{{ template "pulsar.fullname" . }}-argocd-hook-role-binding" + namespace: {{ template "pulsar.namespace" . }} + labels: + app: {{ template "pulsar.name" . }} + chart: {{ template "pulsar.chart" . }} + release: {{ .Release.Name }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: "{{ template "pulsar.fullname" . }}-argocd-hook-role" +subjects: + - kind: ServiceAccount + name: "{{ template "pulsar.fullname" . }}-argocd-hook-serviceaccount" + namespace: {{ template "pulsar.namespace" . }} +{{- end }} diff --git a/charts/sn-platform-slim/templates/argocd-hook/test-pulsar-admin.yaml b/charts/sn-platform-slim/templates/argocd-hook/test-pulsar-admin.yaml new file mode 100644 index 000000000..d67f3c47b --- /dev/null +++ b/charts/sn-platform-slim/templates/argocd-hook/test-pulsar-admin.yaml @@ -0,0 +1,40 @@ +# +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. +# + +{{- if .Values.argocd_hook.tests.test_pulsar_producer }} +apiVersion: batch/v1 +kind: Job +metadata: + generateName: test-pulsar-admin- + annotations: + argocd.argoproj.io/hook: PostSync +spec: + template: + spec: + serviceAccountName: {{ template "pulsar.fullname" . }}-argocd-hook-serviceaccount + containers: + - name: pulsar-producer + image: "bitnami/kubectl" + command: + - "bin/bash" + - "-c" + - "kubectl exec -n sn-platform-test sn-platform-slim-toolset-0 -- bin/pulsar-admin clusters list" + restartPolicy: Never + backoffLimit: 1 +{{- end }} diff --git a/charts/sn-platform-slim/templates/argocd-hook/test-pulsar-pulsarctl.yaml b/charts/sn-platform-slim/templates/argocd-hook/test-pulsar-pulsarctl.yaml new file mode 100644 index 000000000..7a17d5c64 --- /dev/null +++ b/charts/sn-platform-slim/templates/argocd-hook/test-pulsar-pulsarctl.yaml @@ -0,0 +1,40 @@ +# +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. +# + +{{- if .Values.argocd_hook.tests.test_pulsar_producer }} +apiVersion: batch/v1 +kind: Job +metadata: + generateName: test-pulsar-pulsarctl- + annotations: + argocd.argoproj.io/hook: PostSync +spec: + template: + spec: + serviceAccountName: {{ template "pulsar.fullname" . }}-argocd-hook-serviceaccount + containers: + - name: pulsar-producer + image: "bitnami/kubectl" + command: + - "bin/bash" + - "-c" + - "kubectl exec -n sn-platform-test sn-platform-slim-toolset-0 -- bin/pulsarctl clusters list" + restartPolicy: Never + backoffLimit: 1 +{{- end }} diff --git a/charts/sn-platform-slim/values.yaml b/charts/sn-platform-slim/values.yaml index 8fabbca96..0d0438bc4 100644 --- a/charts/sn-platform-slim/values.yaml +++ b/charts/sn-platform-slim/values.yaml @@ -114,6 +114,14 @@ monitoring: # monitoring - datadog datadog: false +### ArgoCD Hook +## +## Control what hooks to run after deploying sn-platform-slim chart +argocd_hook: + tests: + test_pulsar_producer: false + enabled: false + ## Images ## ## Control what images to use for each component