From f964f57faf09bca79f11de239cc92afcd31788ee Mon Sep 17 00:00:00 2001 From: John Sanda Date: Wed, 6 Jan 2021 01:25:53 -0500 Subject: [PATCH] use pre-upgrade hook to set resource policy on CRD --- .../customresourcedefinition.yaml | 0 .../templates/preserve-crd/cluster_role.yaml | 15 ++++++++++++ .../preserve-crd/cluster_role_binding.yaml | 15 ++++++++++++ .../templates/preserve-crd/job.yaml | 23 +++++++++++++++++++ .../preserve-crd/service_account.yaml | 8 +++++++ 5 files changed, 61 insertions(+) rename charts/cass-operator-chart/{templates => crds}/customresourcedefinition.yaml (100%) create mode 100644 charts/cass-operator-chart/templates/preserve-crd/cluster_role.yaml create mode 100644 charts/cass-operator-chart/templates/preserve-crd/cluster_role_binding.yaml create mode 100644 charts/cass-operator-chart/templates/preserve-crd/job.yaml create mode 100644 charts/cass-operator-chart/templates/preserve-crd/service_account.yaml diff --git a/charts/cass-operator-chart/templates/customresourcedefinition.yaml b/charts/cass-operator-chart/crds/customresourcedefinition.yaml similarity index 100% rename from charts/cass-operator-chart/templates/customresourcedefinition.yaml rename to charts/cass-operator-chart/crds/customresourcedefinition.yaml diff --git a/charts/cass-operator-chart/templates/preserve-crd/cluster_role.yaml b/charts/cass-operator-chart/templates/preserve-crd/cluster_role.yaml new file mode 100644 index 000000000..a0ce80520 --- /dev/null +++ b/charts/cass-operator-chart/templates/preserve-crd/cluster_role.yaml @@ -0,0 +1,15 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: {{ .Release.Name }}-preserve-crd + annotations: + "helm.sh/hook": pre-upgrade + "helm.sh/hook-delete-policy": hook-succeeded,before-hook-creation +rules: + - apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: + - get + - patch diff --git a/charts/cass-operator-chart/templates/preserve-crd/cluster_role_binding.yaml b/charts/cass-operator-chart/templates/preserve-crd/cluster_role_binding.yaml new file mode 100644 index 000000000..238598887 --- /dev/null +++ b/charts/cass-operator-chart/templates/preserve-crd/cluster_role_binding.yaml @@ -0,0 +1,15 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: {{ .Release.Name }}-preserve-crd + annotations: + "helm.sh/hook": pre-upgrade + "helm.sh/hook-delete-policy": hook-succeeded,before-hook-creation +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: {{ .Release.Name }}-preserve-crd +subjects: + - kind: ServiceAccount + namespace: {{ .Release.Namespace }} + name: {{ .Release.Name }}-preserve-crd diff --git a/charts/cass-operator-chart/templates/preserve-crd/job.yaml b/charts/cass-operator-chart/templates/preserve-crd/job.yaml new file mode 100644 index 000000000..fc6555cc6 --- /dev/null +++ b/charts/cass-operator-chart/templates/preserve-crd/job.yaml @@ -0,0 +1,23 @@ +apiVersion: batch/v1 +kind: Job +metadata: + name: {{ .Release.Name }}-preserve-crd + annotations: + "helm.sh/hook": pre-upgrade + "helm.sh/hook-delete-policy": hook-succeeded,before-hook-creation +spec: + backoffLimit: 3 + template: + spec: + restartPolicy: Never + serviceAccountName: {{ .Release.Name }}-preserve-crd + containers: + - name: apply-resource-policy + image: bitnami/kubectl:1.20.1 + imagePullPolicy: IfNotPresent + args: + - patch + - crd + - cassandradatacenters.cassandra.datastax.com + - -p + - '{"metadata":{"annotations": {"helm.sh/resource-policy": "keep"}}}' \ No newline at end of file diff --git a/charts/cass-operator-chart/templates/preserve-crd/service_account.yaml b/charts/cass-operator-chart/templates/preserve-crd/service_account.yaml new file mode 100644 index 000000000..88748404f --- /dev/null +++ b/charts/cass-operator-chart/templates/preserve-crd/service_account.yaml @@ -0,0 +1,8 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + #namespace: {{ .Release.Namespace }} + name: {{ .Release.Name }}-preserve-crd + annotations: + "helm.sh/hook": pre-upgrade + "helm.sh/hook-delete-policy": hook-succeeded,before-hook-creation