From ea8aaf8528cd80d5c4c9ea187908ce48f8c0135c Mon Sep 17 00:00:00 2001
From: Sjoerd Simons <sjoerd@collabora.com>
Date: Tue, 26 Apr 2022 15:00:25 +0200
Subject: [PATCH 1/2] Remove service account creation
OBS doesn't talk to the kubernetes api so there is no reason to create
service accounts
Signed-off-by: Sjoerd Simons <sjoerd@collabora.com>
---
.../charts/backend/templates/serviceaccount.yaml | 12 ------------
helm/open-build-service/charts/backend/values.yaml | 9 ---------
.../charts/frontend/templates/deployment.yaml | 1 -
.../charts/frontend/templates/serviceaccount.yaml | 12 ------------
helm/open-build-service/charts/frontend/values.yaml | 9 ---------
5 files changed, 43 deletions(-)
delete mode 100644 helm/open-build-service/charts/backend/templates/serviceaccount.yaml
delete mode 100644 helm/open-build-service/charts/frontend/templates/serviceaccount.yaml
diff --git a/helm/open-build-service/charts/backend/templates/serviceaccount.yaml b/helm/open-build-service/charts/backend/templates/serviceaccount.yaml
deleted file mode 100644
index a43e942508..0000000000
--- a/helm/open-build-service/charts/backend/templates/serviceaccount.yaml
+++ /dev/null
@@ -1,12 +0,0 @@
-{{- if .Values.serviceAccount.create -}}
-apiVersion: v1
-kind: ServiceAccount
-metadata:
- name: {{ include "backend.serviceAccountName" . }}
- labels:
- {{- include "backend.labels" . | nindent 4 }}
- {{- with .Values.serviceAccount.annotations }}
- annotations:
- {{- toYaml . | nindent 4 }}
- {{- end }}
-{{- end }}
diff --git a/helm/open-build-service/charts/backend/values.yaml b/helm/open-build-service/charts/backend/values.yaml
index 243ae48b46..b77e20ba29 100644
--- a/helm/open-build-service/charts/backend/values.yaml
+++ b/helm/open-build-service/charts/backend/values.yaml
@@ -20,15 +20,6 @@ imagePullSecrets: []
nameOverride: ""
fullnameOverride: ""
-serviceAccount:
- # Specifies whether a service account should be created
- create: true
- # Annotations to add to the service account
- annotations: {}
- # The name of the service account to use.
- # If not set and create is true, a name is generated using the fullname template
- name: ""
-
podAnnotations: {}
podSecurityContext: {}
diff --git a/helm/open-build-service/charts/frontend/templates/deployment.yaml b/helm/open-build-service/charts/frontend/templates/deployment.yaml
index 9d01829bd5..77a8e1a0d8 100644
--- a/helm/open-build-service/charts/frontend/templates/deployment.yaml
+++ b/helm/open-build-service/charts/frontend/templates/deployment.yaml
@@ -24,7 +24,6 @@ spec:
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
- serviceAccountName: {{ include "frontend.serviceAccountName" . }}
securityContext:
{{- toYaml .Values.podSecurityContext | nindent 8 }}
containers:
diff --git a/helm/open-build-service/charts/frontend/templates/serviceaccount.yaml b/helm/open-build-service/charts/frontend/templates/serviceaccount.yaml
deleted file mode 100644
index cc64909118..0000000000
--- a/helm/open-build-service/charts/frontend/templates/serviceaccount.yaml
+++ /dev/null
@@ -1,12 +0,0 @@
-{{- if .Values.serviceAccount.create -}}
-apiVersion: v1
-kind: ServiceAccount
-metadata:
- name: {{ include "frontend.serviceAccountName" . }}
- labels:
- {{- include "frontend.labels" . | nindent 4 }}
- {{- with .Values.serviceAccount.annotations }}
- annotations:
- {{- toYaml . | nindent 4 }}
- {{- end }}
-{{- end }}
diff --git a/helm/open-build-service/charts/frontend/values.yaml b/helm/open-build-service/charts/frontend/values.yaml
index 5d7c343a5a..90f9c2be52 100644
--- a/helm/open-build-service/charts/frontend/values.yaml
+++ b/helm/open-build-service/charts/frontend/values.yaml
@@ -27,15 +27,6 @@ mariadb:
# rootPassword: someobs
database: obsapi
-serviceAccount:
- # Specifies whether a service account should be created
- create: true
- # Annotations to add to the service account
- annotations: {}
- # The name of the service account to use.
- # If not set and create is true, a name is generated using the fullname template
- name: ""
-
podAnnotations: {}
podSecurityContext: {}
--
GitLab
From ef9b697365801e2069e47a5a9b625637610c4a53 Mon Sep 17 00:00:00 2001
From: Sjoerd Simons <sjoerd@collabora.com>
Date: Tue, 26 Apr 2022 15:20:26 +0200
Subject: [PATCH 2/2] Switch to stateful set
The backend better fits to a stateful set rather then a replicaset; As
obviously the backend has a lot of state and a 1:1 relationship with its
volumes
Signed-off-by: Sjoerd Simons <sjoerd@collabora.com>
---
.../templates/{deployment.yaml => statefulset.yaml} | 10 +++-------
1 file changed, 3 insertions(+), 7 deletions(-)
rename helm/open-build-service/charts/backend/templates/{deployment.yaml => statefulset.yaml} (93%)
diff --git a/helm/open-build-service/charts/backend/templates/deployment.yaml b/helm/open-build-service/charts/backend/templates/statefulset.yaml
similarity index 93%
rename from helm/open-build-service/charts/backend/templates/deployment.yaml
rename to helm/open-build-service/charts/backend/templates/statefulset.yaml
index 8fc777d0a0..24e3002d81 100644
--- a/helm/open-build-service/charts/backend/templates/deployment.yaml
+++ b/helm/open-build-service/charts/backend/templates/statefulset.yaml
@@ -3,18 +3,17 @@
.Values.global.backend.architectures
-}}
apiVersion: apps/v1
-kind: Deployment
+kind: StatefulSet
metadata:
name: {{ include "backend.fullname" . }}
labels:
{{- include "backend.labels" . | nindent 4 }}
spec:
- {{- if not .Values.autoscaling.enabled }}
- replicas: {{ .Values.replicaCount }}
- {{- end }}
+ replicas: 1
selector:
matchLabels:
{{- include "backend.selectorLabels" . | nindent 6 }}
+ serviceName: {{ include "backend.fullname" . }}
template:
metadata:
{{- with .Values.podAnnotations }}
@@ -28,9 +27,6 @@ spec:
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
- serviceAccountName: {{ include "backend.serviceAccountName" . }}
- securityContext:
- {{- toYaml .Values.podSecurityContext | nindent 8 }}
containers:
- name: {{ .Chart.Name }}
securityContext:
--
GitLab