amazon-eks-pod-identity-webhook icon indicating copy to clipboard operation
amazon-eks-pod-identity-webhook copied to clipboard

Published 20 hours ago verified publisher icon aws

Helm Chart for Deployments

Open jinglejengel opened this issue 5 years ago • 8 comments

What would you like to be added: Helm chart for standardised deployment

Why is this needed: Helm is widely used in the k8s community for deploying resources across clusters. This would allow for teams to bake existing workflows in things like terraform, ansible, etc. more easily than the current Makefile, as well as allow more customisation where needed for teams that may have different access control needs or configuration needs wrt some of the resources created for this.

Looking at the Makefile, I don't think this is an insurmountable task at all :D Looks like the only iffy part might be the cert generation?

If I can find the spare cycles, I might just pick this one up myself.

jinglejengel avatar Sep 04 '19 18:09 jinglejengel

Hey thanks, I think a Helm chart would be great, and I'd be happy to be a co-maintainer on one in https://github.com/helm/charts/. I think we'd want to keep it in the helm/charts repository so we can get all the CI/release goodness that is automatically setup there

micahhausler avatar Sep 04 '19 19:09 micahhausler

@micahhausler agreed on putting it in the helm repo, figured I'd file the FR here for tracking for the EKS side of the house. (:

jinglejengel avatar Sep 04 '19 19:09 jinglejengel

I made a PR: https://github.com/helm/charts/pull/17099

We don't have a docker image yet due to https://github.com/aws/amazon-eks-pod-identity-webhook/issues/5 but the merge process for the charts repo is very slow so I figured I'd open the PR now.

Questions:

  1. The name of the chart. I shortened it and removed eks. My reasoning is that amazon is too general and long and that eks is not 100% accurate as it can and will be used in non-eks clusters. Happy to rename it if you want though.
  2. Is the installation instruction correct? And the NOTES.txt? I wrote this after reading the Makefile and README.

max-rocket-internet avatar Sep 12 '19 15:09 max-rocket-internet

Thanks for making the Chart PR! I'll review it later today

  1. I think the name is great

  2. I'll comment on the chart later today

I think in order to be an OWNER in a chart repo you have to be a github.com/helm org member, which unfortunately isn't automated yet. I'm happy to join as a Member and will comment on the Chart PR, but @max-rocket-internet you should probably poke some org admin who can invite the listed OWNERS. I'll have @jqmichael and @nckturner comment on the chart PR with their owner/org request status

micahhausler avatar Sep 12 '19 17:09 micahhausler

I think the name is great

🎉

you should probably poke some org admin who can invite the listed OWNERS. I'll have @jqmichael and @nckturner comment on the chart PR with their owner/org request status

I'll try but I don't see much movement in that area these days. It seems it's always the same people (and bottleneck) for reviewing chart PRs.

max-rocket-internet avatar Sep 13 '19 09:09 max-rocket-internet

NB, for anyone arriving here: @max-rocket-internet has closed the initial PR opened in the main helm repo in favour of one in the aws repo: https://github.com/aws/eks-charts/pull/28 (also opened by him). Upvote it there (bearing in mind it is stalled on an a docker image build).

hlascelles avatar Jan 11 '20 14:01 hlascelles

For continuation, there's a new PR in the aws repo now that a docker image has been published: https://github.com/aws/eks-charts/pull/286

danopia avatar Oct 22 '20 08:10 danopia

In meantime, I provide a helm chart which optionally support the cert-manager or static generated tls certificates.

https://github.com/jkroepke/helm-charts/tree/main/charts/amazon-eks-pod-identity-webhook

jkroepke avatar Apr 01 '22 15:04 jkroepke