chaos-mesh icon indicating copy to clipboard operation
chaos-mesh copied to clipboard

Published 20 hours ago verified publisher icon chaos-mesh

chore: add service account creation as optional and allow podSecurityContext

Open awatterson22 opened this issue 1 year ago • 4 comments

What would you like to be added:

For helmchart, could the following fields be added?

  • In values.yaml, change the serviceAccount field to look like this:
controllerManager:
  .
  .
  serviceAccount:
    create: true
    name: chaos-controller-manager
  • In values.yaml: chaosDaemon.podSecurityContext: {}
      chaosDaemon:
        .
        .
        podSecurityPolicy: false
        podSecurityContext: {}
  • Then in helm/chaos-mesh/templates/controller-manager-deployment.yaml, change the if statement to this:
{{- if .Values.controllerManager.serviceAccount.create }}
serviceAccountName: {{ .Values.controllerManager.serviceAccount.name }}
  • Then in helm/chaos-mesh/templates/controller-manager-rbac.yaml, add the following if statement around the serviceAccount:
{{- if .Values.controllerManager.serviceAccount.create }}
.
.
.
{{- end }}

Why is this needed:

  • I would like to be able to not ignore the service account creation as I create it in another process and would like the ability to template the podSecurityContext for the chaosDaemon.

awatterson22 avatar Feb 23 '24 14:02 awatterson22

hi @awatterson22 , could you create a PR and help us complete it? Thanks! ❤️

STRRL avatar Mar 05 '24 14:03 STRRL

hi @STRRL, thank you for your reply. I have created a PR here: https://github.com/chaos-mesh/chaos-mesh/pull/4390. Just need to add my DCO and should be all set to be reviewed. Thank you!

awatterson22 avatar Apr 04 '24 16:04 awatterson22

@STRRL, my PR is ready for review: https://github.com/chaos-mesh/chaos-mesh/pull/4390. Thank you

awatterson22 avatar Apr 15 '24 12:04 awatterson22

copy that, we would triage and review it later.

STRRL avatar Apr 15 '24 12:04 STRRL