Skip to content
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 7 additions & 1 deletion helm/charts/nats/files/nats-box/deployment/container.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -46,4 +46,10 @@ volumeMounts:
{{- end }}

resources:
{{- toYaml .Values.natsBox.container.resources | nindent 2 }}
{{- toYaml .Values.natsBox.container.resources | nindent 2 }}

# security context
{{- with .Values.natsBox.container.securityContext }}
securityContext:
{{- toYaml . | nindent 2 }}
{{- end }}
7 changes: 6 additions & 1 deletion helm/charts/nats/files/nats-box/deployment/pod-template.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ spec:

# service discovery uses DNS; don't need service env vars
enableServiceLinks: false

{{- with .Values.global.image.pullSecretNames }}
imagePullSecrets:
{{- range . }}
Expand Down Expand Up @@ -42,3 +42,8 @@ spec:
secret:
secretName: {{ .secretName | quote }}
{{- end }}
# security context
{{- with .Values.natsBox.podTemplate.securityContext }}
securityContext:
{{- toYaml . | nindent 4 }}
{{- end }}
5 changes: 5 additions & 0 deletions helm/charts/nats/files/stateful-set/nats-container.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -107,3 +107,8 @@ volumeMounts:

resources:
{{- toYaml .Values.container.resources | nindent 2 }}

{{- with .Values.container.securityContext }}
securityContext:
{{- toYaml . | nindent 2 }}
{{- end }}
10 changes: 8 additions & 2 deletions helm/charts/nats/files/stateful-set/pod-template.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,7 @@ spec:

# service discovery uses DNS; don't need service env vars
enableServiceLinks: false

{{- with .Values.global.image.pullSecretNames }}
imagePullSecrets:
{{- range . }}
Expand Down Expand Up @@ -69,7 +69,13 @@ spec:
- {{ merge (dict "topologyKey" $k "labelSelector" (dict "matchLabels" (include "nats.selectorLabels" $ | fromYaml))) $v | toYaml | nindent 4 }}
{{- end }}
{{- end}}

# terminationGracePeriodSeconds determines how long to wait for graceful shutdown
# this should be at least `lameDuckGracePeriod` + 20s shutdown overhead
terminationGracePeriodSeconds: 60

# security context
{{- with .Values.podTemplate.securityContext }}
securityContext:
{{- toYaml . | nindent 4 }}
{{- end }}
Original file line number Diff line number Diff line change
Expand Up @@ -29,3 +29,8 @@ args:
{{- end }}
{{- $monitorProto := ternary "https" "http" .Values.config.monitor.tls.enabled }}
- {{ $monitorProto }}://{{ .Values.promExporter.monitorDomain }}:{{ .Values.config.monitor.port }}/

{{- with .Values.promExporter.securityContext }}
securityContext:
{{- toYaml . | nindent 2 }}
{{- end }}
5 changes: 5 additions & 0 deletions helm/charts/nats/files/stateful-set/reloader-container.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -25,3 +25,8 @@ volumeMounts:
{{- end }}
{{- end }}
{{- end }}

{{- with .Values.reloader.securityContext }}
securityContext:
{{- toYaml . | nindent 2 }}
{{- end }}
18 changes: 17 additions & 1 deletion helm/charts/nats/values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -365,6 +365,9 @@ container:
# cpu: 100m
# memory: 128Mi

# security context
securityContext: {}

############################################################
# stateful set -> pod template -> reloader container
############################################################
Expand All @@ -386,6 +389,9 @@ reloader:
natsVolumeMountPrefixes:
- /etc/

# security context
securityContext: {}

# merge or patch the container
# https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.24/#container-v1-core
merge: {}
Expand All @@ -412,6 +418,9 @@ promExporter:
# env var map, see nats.env for an example
env: {}

# security context
securityContext: {}

# merge or patch the container
# https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.24/#container-v1-core
merge: {}
Expand Down Expand Up @@ -494,6 +503,9 @@ podTemplate:
#
topologySpreadConstraints: {}

# security context
securityContext: {}

# merge or patch the pod template
# https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.24/#pod-v1-core
merge: {}
Expand Down Expand Up @@ -594,7 +606,8 @@ natsBox:
registry:
digest:
fullImageName:
resources: {}
resources: {}
securityContext: {}

# env var map, see nats.env for an example
env: {}
Expand All @@ -619,6 +632,9 @@ natsBox:

# deployment -> pod template
podTemplate:
# security context
securityContext: {}

# merge or patch the pod template
# https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.24/#pod-v1-core
merge: {}
Expand Down