Add kube_cert_agent_image value to main ytt template.

This needs to be overridden for Tilt usage, since the main image referenced by Tilt isn't actually pullable. Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-10-05 14:53:50 -05:00 · 2020-10-05 14:53:50 -05:00 · c1c75a8f22
commit c1c75a8f22
parent 7eed7ba19a
2 changed files with 9 additions and 0 deletions
--- a/deploy/deployment.yaml
+++ b/deploy/deployment.yaml
@ -40,11 +40,15 @@ data:
      apiService: (@= data.values.app_name + "-api" @)
    kubeCertAgent:
      namePrefix: (@= data.values.app_name + "-kube-cert-agent-" @)
+      (@ if data.values.kube_cert_agent_image: @)
+      image: (@= data.values.kube_cert_agent_image @)
+      (@ else: @)
      (@ if data.values.image_digest: @)
      image: (@= data.values.image_repo + "@" + data.values.image_digest @)
      (@ else: @)
      image: (@= data.values.image_repo + ":" + data.values.image_tag @)
      (@ end @)
+      (@ end @)
      (@ if data.values.image_pull_dockerconfigjson: @)
      imagePullSecrets:
        - image-pull-secret
--- a/deploy/values.yaml
+++ b/deploy/values.yaml
@ -15,6 +15,11 @@ image_repo: docker.io/getpinniped/pinniped-server
 image_digest: #! e.g. sha256:f3c4fdfd3ef865d4b97a1fd295d94acc3f0c654c46b6f27ffad5cf80216903c8
 image_tag: latest

+#! Optionally specify a different image for the "kube-cert-agent" pod which is scheduled
+#! on the control plane. This image needs only to include `sleep` and `cat` binaries.
+#! By default, the same image specified for image_repo/image_digest/image_tag will be re-used.
+kube_cert_agent_image:
+
 #! Specifies a secret to be used when pulling the above container image.
 #! Can be used when the above image_repo is a private registry.
 #! Typically the value would be the output of: kubectl create secret docker-registry x --docker-server=https://example.io --docker-username="USERNAME" --docker-password="PASSWORD" --dry-run=client -o json | jq -r '.data[".dockerconfigjson"]'