From 438735bb578236d42c6d2825cab95968d5daaa61 Mon Sep 17 00:00:00 2001
From: Kirby Liu <kliu@vivsoft.io>
Date: Tue, 9 Jul 2024 18:13:27 +0000
Subject: [PATCH] Enable Service Account Annotation for elasticsearch
---
chart/templates/elasticsearch-kibana/values.yaml | 13 +++++++++++--
chart/values.schema.json | 6 ++++++
chart/values.yaml | 9 +++++++--
3 files changed, 24 insertions(+), 4 deletions(-)
diff --git a/chart/templates/elasticsearch-kibana/values.yaml b/chart/templates/elasticsearch-kibana/values.yaml
index 2aa0fdfe46..3d1af240ea 100644
--- a/chart/templates/elasticsearch-kibana/values.yaml
+++ b/chart/templates/elasticsearch-kibana/values.yaml
@@ -15,7 +15,7 @@ imagePullPolicy: {{ .Values.imagePullPolicy }}
istio:
enabled: {{ .Values.istio.enabled }}
hardened:
- {{- if or (dig "istio" "hardened" "enabled" false .Values.loki.values) (dig "istio" "hardened" "enabled" false .Values.elasticsearchKibana.values) }}
+ {{- if or (dig "istio" "hardened" "enabled" false .Values.loki.values) (dig "hardened" "enabled" false .Values.istio.values) (dig "istio" "hardened" "enabled" false .Values.elasticsearchKibana.values) }}
enabled: true
{{- else }}
enabled: false
@@ -79,7 +79,11 @@ kibana:
podAnnotations:
{{ include "istioAnnotation" . }}
{{- end }}
-
+{{- if not .Values.elasticsearchKibana.serviceAccountAnnotations.kibana }}
+ serviceAccountAnnotations: {}
+{{- else }}
+ serviceAccountAnnotations: {{ toYaml .Values.elasticsearchKibana.serviceAccountAnnotations.kibana | nindent 4 }}
+{{- end }}
monitoring:
enabled: {{ .Values.monitoring.enabled }}
@@ -229,4 +233,9 @@ elasticsearch:
podAnnotations:
{{ include "istioAnnotation" . }}
{{- end }}
+ {{- if not .Values.elasticsearchKibana.serviceAccountAnnotations.elasticsearch }}
+ serviceAccountAnnotations: {}
+ {{- else }}
+ serviceAccountAnnotations: {{ toYaml .Values.elasticsearchKibana.serviceAccountAnnotations.elasticsearch | nindent 4 }}
+ {{- end }}
{{- end -}}
diff --git a/chart/values.schema.json b/chart/values.schema.json
index 48d3b510ba..8e788d5216 100644
--- a/chart/values.schema.json
+++ b/chart/values.schema.json
@@ -451,6 +451,12 @@
}
},
"additionalProperties": false
+ },
+ "serviceAccountAnnotations": {
+ "properties": {
+ "elasticsearch": true,
+ "kibana": true
+ }
}
},
"allOf": [
diff --git a/chart/values.yaml b/chart/values.yaml
index 3a2c5ee3ac..5d068e462f 100644
--- a/chart/values.yaml
+++ b/chart/values.yaml
@@ -570,11 +570,11 @@ elasticsearchKibana:
git:
repo: https://repo1.dso.mil/big-bang/product/packages/elasticsearch-kibana.git
path: "./chart"
- tag: "1.17.0-bb.1"
+ tag: "1.17.0-bb.2"
helmRepo:
repoName: "registry1"
chartName: "elasticsearch-kibana"
- tag: "1.17.0-bb.1"
+ tag: "1.17.0-bb.2"
# -- Flux reconciliation overrides specifically for the Logging (EFK) Package
flux:
@@ -594,6 +594,11 @@ elasticsearchKibana:
# -- Elasticsearch/Kibana OIDC client secret
client_secret: ""
+
+ # -- Elasticsearch/Kibana Service Account Annotations
+ serviceAccountAnnotations:
+ elasticsearch: {}
+ kibana: {}
license:
# -- Toggle trial license installation of elasticsearch. Note that enterprise (non trial) is required for SSO to work.
--
GitLab