From 63b2a5cd3ef9def7b07f6f981648552118d22158 Mon Sep 17 00:00:00 2001 From: Vipul Agarwal Date: Mon, 9 Jan 2023 16:46:36 +0000 Subject: [PATCH 1/4] Add ability to configure resources in fulcio * createcerts job resources via `createcerts.resources` * add missing readme entry for fulcio container resources Signed-off-by: Vipul Agarwal --- charts/fulcio/README.md | 2 ++ charts/fulcio/templates/createcerts-job.yaml | 6 +++++- 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/charts/fulcio/README.md b/charts/fulcio/README.md index b97b3af4..8f435d57 100644 --- a/charts/fulcio/README.md +++ b/charts/fulcio/README.md @@ -86,6 +86,7 @@ helm uninstall [RELEASE_NAME] | createcerts.image.version | string | `"sha256:73e7ac35d0e5169bd14a5cb6caed2e7d44277dec3d1de92e08f4d055523089a1"` | | | createcerts.name | string | `"createcerts"` | | | createcerts.replicaCount | int | `1` | | +| createcerts.resources | string | `""` | | | createcerts.securityContext.runAsNonRoot | bool | `true` | | | createcerts.securityContext.runAsUser | int | `65533` | | | createcerts.serviceAccount.annotations | object | `{}` | | @@ -134,6 +135,7 @@ helm uninstall [RELEASE_NAME] | server.logging.production | bool | `false` | | | server.name | string | `"server"` | | | server.replicaCount | int | `1` | | +| server.resources | string | `""` | | | server.secret | string | `"fulcio-server-secret"` | | | server.securityContext.runAsNonRoot | bool | `true` | | | server.securityContext.runAsUser | int | `65533` | | diff --git a/charts/fulcio/templates/createcerts-job.yaml b/charts/fulcio/templates/createcerts-job.yaml index 1286561f..f1ba5c3d 100644 --- a/charts/fulcio/templates/createcerts-job.yaml +++ b/charts/fulcio/templates/createcerts-job.yaml @@ -29,8 +29,12 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace + {{- if .Values.createcerts.resources }} + resources: +{{ toYaml .Values.createcerts.resources | indent 12 }} + {{- end }} {{- if .Values.createcerts.securityContext }} securityContext: {{ toYaml .Values.createcerts.securityContext | indent 8 }} {{- end }} -{{- end }} +{{- end }} \ No newline at end of file From e9ed4ff192845388cefcf76ef29c48fcb056bd61 Mon Sep 17 00:00:00 2001 From: Vipul Agarwal Date: Tue, 17 Jan 2023 12:21:20 +0000 Subject: [PATCH 2/4] Update ctlog version in fulcio dependencies Signed-off-by: Vipul Agarwal --- charts/fulcio/Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/fulcio/Chart.yaml b/charts/fulcio/Chart.yaml index 92058678..636b7ef6 100644 --- a/charts/fulcio/Chart.yaml +++ b/charts/fulcio/Chart.yaml @@ -19,7 +19,7 @@ maintainers: dependencies: - name: ctlog - version: 0.2.37 + version: 0.2.39 repository: https://sigstore.github.io/helm-charts condition: ctlog.enabled From 4d85a9dd6873b4a171c15f45005eba0aa4b7267e Mon Sep 17 00:00:00 2001 From: Vipul Agarwal Date: Tue, 17 Jan 2023 22:34:22 +0000 Subject: [PATCH 3/4] Bump fulcio chart version Signed-off-by: Vipul Agarwal --- charts/fulcio/Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/fulcio/Chart.yaml b/charts/fulcio/Chart.yaml index 636b7ef6..0b8adb72 100644 --- a/charts/fulcio/Chart.yaml +++ b/charts/fulcio/Chart.yaml @@ -5,7 +5,7 @@ description: | type: application -version: 2.0.1 +version: 2.0.2 appVersion: 1.0.0 keywords: From cce333e689210def47c2efa4a769bb71fadd8c71 Mon Sep 17 00:00:00 2001 From: Vipul Agarwal Date: Tue, 17 Jan 2023 22:38:38 +0000 Subject: [PATCH 4/4] Update fulcio helm dependencies Signed-off-by: Vipul Agarwal --- charts/fulcio/Chart.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/fulcio/Chart.lock b/charts/fulcio/Chart.lock index 1e45a667..a3125bc5 100644 --- a/charts/fulcio/Chart.lock +++ b/charts/fulcio/Chart.lock @@ -1,6 +1,6 @@ dependencies: - name: ctlog repository: https://sigstore.github.io/helm-charts - version: 0.2.37 -digest: sha256:07c6f42ecb37aee8b5fd7b73e75eebfdcebfd457694c83ab44923ebff465726c -generated: "2022-11-29T13:30:52.48609-08:00" + version: 0.2.39 +digest: sha256:f3628318c3b7cba12d61a10bb97008e31d20a561fea8ab8d64ce43010eb7a0ec +generated: "2023-01-17T22:38:27.900918Z"