volker.raschek/athens-proxy-charts
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

feat(pod): add switch to enable checksum annotation

Browse Source 
Depending on the environment or tooling in which the chart is deployed, you may
or may not want to have the checksum annotation.

In the past, these were enforced. The default remains that the checksum
annotation is added. It now only contains a switch that allows you to optionally
disable it.
This commit is contained in:
Markus Pesch
2025-11-30 15:04:35 +01:00
parent c5dcab2be1
commit e3a79bbb3b
8 changed files with 322 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
README.md
View File

@@ -266,6 +266,7 @@ spec:
| Name | Description | Value |
| --------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------- |
| `certificate.enabled` | Issue a TLS certificate via cert-manager. If enabled, the environment variables `ATHENS_TLSCERT_FILE` and `ATHENS_TLSKEY_FILE` will be automatically added. | `false` |
| `certificate.addSHASumAnnotation` | Add an pod annotation with the sha sum of the secret containing the TLS certificates. | `true` |
| `certificate.existingSecret.enabled` | Use an existing secret of the type `kubernetes.io/tls`. | `false` |
| `certificate.existingSecret.secretName` | Name of the secret containing the TLS certificate and private key. | `""` |
| `certificate.new.annotations` | Additional certificate annotations. | `{}` |
@@ -296,30 +297,35 @@ spec:
| Name | Description | Value |
| ------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------- |
| `config.env.enabled` | Enable mounting of the secret as environment variables. | `false` |
| `config.env.addSHASumAnnotation` | Add an pod annotation with the sha sum of the config map containing the configuration. | `true` |
| `config.env.existingSecret.enabled` | Mount an existing secret containing the application specific environment variables. | `false` |
| `config.env.existingSecret.secretName` | Name of the existing secret containing the application specific environment variables. | `""` |
| `config.env.secret.annotations` | Additional annotations of the secret containing the database credentials. | `{}` |
| `config.env.secret.labels` | Additional labels of the secret containing the database credentials. | `{}` |
| `config.env.secret.envs` | List of environment variables stored in a secret and mounted into the container. | `{}` |
| `config.downloadMode.enabled` | Enable mounting of a download mode file into the container file system. If enabled, the env `ATHENS_DOWNLOAD_MODE` will automatically be defined. | `false` |
| `config.downloadMode.addSHASumAnnotation` | Add an pod annotation with the sha sum of the config map containing the downloadMode config. | `true` |
| `config.downloadMode.existingConfigMap.enabled` | Enable to use an external config map for mounting the download mode file. | `false` |
| `config.downloadMode.existingConfigMap.configMapName` | The name of the existing config map which should be used to mount the download mode file. | `""` |
| `config.downloadMode.existingConfigMap.downloadModeKey` | The name of the key inside the config map where the content of the download mode file is stored. | `downloadMode` |
| `config.downloadMode.configMap.annotations` | Additional annotations of the config map containing the download mode file. | `{}` |
| `config.downloadMode.configMap.labels` | Additional labels of the config map containing the download mode file. | `{}` |
| `config.gitConfig.enabled` | Enable mounting of a .gitconfig file into the container file system. | `false` |
| `config.gitConfig.addSHASumAnnotation` | Add an pod annotation with the sha sum of the config map containing the git config. | `true` |
| `config.gitConfig.existingConfigMap.enabled` | Enable to use an external config map for mounting the .gitconfig file. | `false` |
| `config.gitConfig.existingConfigMap.configMapName` | The name of the existing config map which should be used to mount the .gitconfig file. | `""` |
| `config.gitConfig.existingConfigMap.gitConfigKey` | The name of the key inside the config map where the content of the .gitconfig file is stored. | `nil` |
| `config.gitConfig.configMap.annotations` | Additional annotations of the config map containing the .gitconfig file. | `{}` |
| `config.gitConfig.configMap.labels` | Additional labels of the config map containing the .gitconfig file. | `{}` |
| `config.netrc.enabled` | Enable mounting of a .netrc file into the container file system. | `false` |
| `config.netrc.addSHASumAnnotation` | Add an pod annotation with the sha sum of the secret containing the netrc file. | `true` |
| `config.netrc.existingSecret.enabled` | Enable to use an external secret for mounting the .netrc file. | `false` |
| `config.netrc.existingSecret.secretName` | The name of the existing secret which should be used to mount the .netrc file. | `""` |
| `config.netrc.existingSecret.netrcKey` | The name of the key inside the secret where the content of the .netrc file is stored. | `.netrc` |
| `config.netrc.secret.annotations` | Additional annotations of the secret containing the database credentials. | `{}` |
| `config.netrc.secret.labels` | Additional labels of the secret containing the database credentials. | `{}` |
| `config.ssh.enabled` | Enable mounting of a .netrc file into the container file system. | `false` |
| `config.ssh.addSHASumAnnotation` | Add an pod annotation with the sha sum of the secret containing the ssh keys. | `true` |
| `config.ssh.existingSecret.enabled` | Enable to use an external secret for mounting the public and private SSH key files. | `false` |
| `config.ssh.existingSecret.secretName` | The name of the existing secret which should be used to mount the public and private SSH key files. | `""` |
| `config.ssh.existingSecret.configKey` | The name of the key inside the secret where the content of the SSH client config file is stored. | `config` |

62
templates/_pod.tpl
View File

@@ -4,29 +4,65 @@
{{- define "athens-proxy.pod.annotations" }}
{{- include "athens-proxy.annotations" . }}
{{- if and .Values.certificate.enabled }}
{{- if and .Values.certificate.enabled .Values.certificate.addSHASumAnnotation }}
{{- $secretName := include "athens-proxy.certificates.server.name" $ }}
{{- if and .Values.certificate.existingSecret.enabled (gt (len .Values.certificate.existingSecret.secretName) 0) }}
{{- $secretName = .Values.certificate.existingSecret.secretName }}
{{- end }}
{{- $secret := lookup "v1" "Secret" .Release.Namespace $secretName }}
{{ printf "checksum/secret-%s: %s" $secretName ($secret | toYaml | sha256sum) }}
{{- $secret := lookup "v1" "Secret" .Release.Namespace $secretName | toYaml }}
{{ printf "checksum/secret-%s: %s" $secretName ($secret | sha256sum) }}
{{- end }}
{{- if and .Values.config.env.enabled (not .Values.config.env.existingSecret.enabled) }}
{{ printf "checksum/secret-%s: %s" (include "athens-proxy.secrets.env.name" $) (include (print $.Template.BasePath "/secretEnv.yaml") . | sha256sum) }}
{{- if and .Values.config.env.enabled .Values.config.env.addSHASumAnnotation }}
{{- $secretName := include "athens-proxy.secrets.env.name" $ }}
{{- $secret := include (print $.Template.BasePath "/secretEnv.yaml") $ }}
{{- if and .Values.config.env.existingSecret.enabled (gt (len .Values.config.env.existingSecret.secretName) 0) }}
{{- $secretName = .Values.config.env.existingSecret.secretName }}
{{- $secret := lookup "v1" "Secret" .Release.Namespace $secretName | toYaml }}
{{- end }}
{{- if and .Values.config.downloadMode.enabled (not .Values.config.downloadMode.existingConfigMap.enabled) }}
{{ printf "checksum/config-map-%s: %s" (include "athens-proxy.configMap.downloadMode.name" $) (include (print $.Template.BasePath "/configMapDownloadMode.yaml") . | sha256sum) }}
{{ printf "checksum/secret-%s: %s" $secretName ($secret | sha256sum) }}
{{- end }}
{{- if and .Values.config.gitConfig.enabled (not .Values.config.gitConfig.existingConfigMap.enabled) }}
{{ printf "checksum/config-map-%s: %s" (include "athens-proxy.configMap.gitConfig.name" $) (include (print $.Template.BasePath "/configMapGitConfig.yaml") . | sha256sum) }}
{{- if and .Values.config.downloadMode.enabled .Values.config.downloadMode.addSHASumAnnotation }}
{{- $configMapName := include "athens-proxy.configMap.downloadMode.name" $ }}
{{- $configMap := include (print $.Template.BasePath "/configMapDownloadMode.yaml") . }}
{{- if and .Values.config.downloadMode.existingConfigMap.enabled (gt (len .Values.config.downloadMode.existingConfigMap.configMapName) 0) }}
{{- $configMapName = .Values.config.downloadMode.existingConfigMap.configMapName }}
{{- $configMap := lookup "v1" "ConfigMap" .Release.Namespace $configMapName | toYaml }}
{{- end }}
{{- if and .Values.config.netrc.enabled (not .Values.config.netrc.existingSecret.enabled) }}
{{ printf "checksum/secret-%s: %s" (include "athens-proxy.secrets.netrc.name" $) (include (print $.Template.BasePath "/secretNetRC.yaml") . | sha256sum) }}
{{ printf "checksum/config-map-%s: %s" $configMapName ($configMap | sha256sum) }}
{{- end }}
{{- if and .Values.config.ssh.enabled (not .Values.config.ssh.existingSecret.enabled) }}
{{ printf "checksum/secret-%s: %s" (include "athens-proxy.secrets.ssh.name" $) (include (print $.Template.BasePath "/secretSSH.yaml") . | sha256sum) }}
{{- if and .Values.config.gitConfig.enabled .Values.config.gitConfig.addSHASumAnnotation }}
{{- $configMapName := include "athens-proxy.configMap.gitConfig.name" $ }}
{{- $configMap := include (print $.Template.BasePath "/configMapGitConfig.yaml") . }}
{{- if and .Values.config.gitConfig.existingConfigMap.enabled (gt (len .Values.config.gitConfig.existingConfigMap.configMapName) 0) }}
{{- $configMapName = .Values.config.gitConfig.existingConfigMap.configMapName }}
{{- $configMap := lookup "v1" "ConfigMap" .Release.Namespace $configMapName | toYaml }}
{{- end }}
{{ printf "checksum/config-map-%s: %s" $configMapName ($configMap | sha256sum) }}
{{- end }}
{{- if and .Values.config.netrc.enabled .Values.config.netrc.addSHASumAnnotation }}
{{- $secretName := include "athens-proxy.secrets.netrc.name" $ }}
{{- $secret := include (print $.Template.BasePath "/secretNetRC.yaml") $ }}
{{- if and .Values.config.netrc.existingSecret.enabled (gt (len .Values.config.netrc.existingSecret.secretName) 0) }}
{{- $secretName = .Values.config.netrc.existingSecret.secretName }}
{{- $secret := lookup "v1" "Secret" .Release.Namespace $secretName | toYaml }}
{{- end }}
{{ printf "checksum/secret-%s: %s" $secretName ($secret | sha256sum) }}
{{- end }}
{{- if and .Values.config.ssh.enabled .Values.config.ssh.addSHASumAnnotation }}
{{- $secretName := include "athens-proxy.secrets.ssh.name" $ }}
{{- $secret := include (print $.Template.BasePath "/secretSSH.yaml") $ }}
{{- if and .Values.config.ssh.existingSecret.enabled (gt (len .Values.config.ssh.existingSecret.secretName) 0) }}
{{- $secretName = .Values.config.ssh.existingSecret.secretName }}
{{- $secret := lookup "v1" "Secret" .Release.Namespace $secretName | toYaml }}
{{- end }}
{{ printf "checksum/secret-%s: %s" $secretName ($secret | sha256sum) }}
{{- end }}
{{- end }}
{{/* labels */}}

76
unittests/deployment/downloadMode.yaml
View File

@@ -40,6 +40,7 @@ tests:
- it: Rendering default with mounted gitconfig configMap
set:
config.downloadMode.enabled: true
config.downloadMode.addSHASumAnnotation: true
persistence.enabled: true
asserts:
- exists:
@@ -69,16 +70,87 @@ tests:
name: athens-proxy-unittest-download-mode-file
template: templates/deployment.yaml
- it: Rendering default with mounted gitconfig configMap
set:
config.downloadMode.enabled: true
config.downloadMode.addSHASumAnnotation: false
persistence.enabled: true
asserts:
- notExists:
path: spec.template.metadata.annotations.checksum/config-map-athens-proxy-unittest-download-mode-file
template: templates/deployment.yaml
- contains:
path: spec.template.spec.containers[0].env
content:
name: ATHENS_DOWNLOAD_MODE
value: file:/etc/athens/config/download-mode.d/download-mode
template: templates/deployment.yaml
- contains:
path: spec.template.spec.containers[0].volumeMounts
content:
name: download-mode
mountPath: /etc/athens/config/download-mode.d
template: templates/deployment.yaml
- contains:
path: spec.template.spec.volumes
content:
name: download-mode
configMap:
items:
- key: downloadMode
mode: 0644
path: download-mode
name: athens-proxy-unittest-download-mode-file
template: templates/deployment.yaml
- it: Rendering with custom download mode configMap
set:
config.downloadMode.enabled: true
config.downloadMode.addSHASumAnnotation: true
config.downloadMode.existingConfigMap.enabled: true
config.downloadMode.existingConfigMap.configMapName: "my-custom-configmap"
config.downloadMode.existingConfigMap.downloadModeKey: "my-custom-download-mode-filename-key"
persistence.enabled: true
asserts:
- notExists:
path: spec.template.metadata.annotations.checksum/config-map-athens-proxy-unittest-download-mode-file
- exists:
path: spec.template.metadata.annotations.checksum/config-map-my-custom-configmap
template: templates/deployment.yaml
- contains:
path: spec.template.spec.containers[0].env
content:
name: ATHENS_DOWNLOAD_MODE
value: file:/etc/athens/config/download-mode.d/download-mode
template: templates/deployment.yaml
- contains:
path: spec.template.spec.containers[0].volumeMounts
content:
name: download-mode
mountPath: /etc/athens/config/download-mode.d
template: templates/deployment.yaml
- contains:
path: spec.template.spec.volumes
content:
name: download-mode
configMap:
items:
- key: "my-custom-download-mode-filename-key"
path: "download-mode"
mode: 0644
name: my-custom-configmap
template: templates/deployment.yaml
- it: Rendering with custom download mode configMap, but without sha sum annotation
set:
config.downloadMode.enabled: true
config.downloadMode.addSHASumAnnotation: false
config.downloadMode.existingConfigMap.enabled: true
config.downloadMode.existingConfigMap.configMapName: "my-custom-configmap"
config.downloadMode.existingConfigMap.downloadModeKey: "my-custom-download-mode-filename-key"
persistence.enabled: true
asserts:
- notExists:
path: spec.template.metadata.annotations.checksum/config-map-my-custom-configmap
template: templates/deployment.yaml
- contains:
path: spec.template.spec.containers[0].env

37
unittests/deployment/env.yaml
View File

@@ -35,10 +35,10 @@ tests:
name: athens-proxy-unittest-env
template: templates/deployment.yaml
- it: Rendering default with mounted env secret
- it: Rendering default with mounted env secret, but without sha sum annotation
set:
config.env.enabled: true
config.env.existingSecret.enabled: true
config.env.addSHASumAnnotation: false
asserts:
- notExists:
path: spec.template.metadata.annotations.checksum/secret-athens-proxy-unittest-env
@@ -49,3 +49,36 @@ tests:
secretRef:
name: athens-proxy-unittest-env
template: templates/deployment.yaml
- it: Rendering default with mounted existing env secret
set:
config.env.enabled: true
config.env.existingSecret.enabled: true
config.env.existingSecret.secretName: my-secret
asserts:
- exists:
path: spec.template.metadata.annotations.checksum/secret-my-secret
template: templates/deployment.yaml
- contains:
path: spec.template.spec.containers[0].envFrom
content:
secretRef:
name: my-secret
template: templates/deployment.yaml
- it: Rendering default with mounted existing env secret, but without sha sum annotation
set:
config.env.enabled: true
config.env.addSHASumAnnotation: false
config.env.existingSecret.enabled: true
config.env.existingSecret.secretName: my-secret
asserts:
- notExists:
path: spec.template.metadata.annotations.checksum/secret-my-secret
template: templates/deployment.yaml
- contains:
path: spec.template.spec.containers[0].envFrom
content:
secretRef:
name: my-secret
template: templates/deployment.yaml

69
unittests/deployment/gitConfig.yaml
View File

@@ -41,6 +41,7 @@ tests:
- it: Rendering default with mounted gitconfig configMap
set:
config.gitConfig.enabled: true
config.gitConfig.addSHASumAnnotation: true
persistence.enabled: true
asserts:
- exists:
@@ -67,16 +68,80 @@ tests:
name: athens-proxy-unittest-gitconfig
template: templates/deployment.yaml
- it: Rendering default with mounted gitconfig configMap, but without sha sum annotation
set:
config.gitConfig.enabled: true
config.gitConfig.addSHASumAnnotation: false
persistence.enabled: true
asserts:
- notExists:
path: spec.template.metadata.annotations.checksum/config-map-athens-proxy-unittest-gitconfig
template: templates/deployment.yaml
- contains:
path: spec.template.spec.containers[0].volumeMounts
content:
name: secrets
mountPath: /root/.gitconfig
subPath: .gitconfig
template: templates/deployment.yaml
- contains:
path: spec.template.spec.volumes
content:
name: secrets
projected:
sources:
- configMap:
items:
- key: .gitconfig
path: .gitconfig
mode: 0644
name: athens-proxy-unittest-gitconfig
template: templates/deployment.yaml
- it: Rendering with custom gitconfig configMap
set:
config.gitConfig.enabled: true
config.gitConfig.addSHASumAnnotation: true
config.gitConfig.existingConfigMap.enabled: true
config.gitConfig.existingConfigMap.configMapName: "my-custom-configmap"
config.gitConfig.existingConfigMap.gitConfigKey: "my-gitconfig-key"
persistence.enabled: true
asserts:
- notExists:
path: spec.template.metadata.annotations.checksum/config-map-athens-proxy-unittest-gitconfig
- exists:
path: spec.template.metadata.annotations.checksum/config-map-my-custom-configmap
template: templates/deployment.yaml
- contains:
path: spec.template.spec.containers[0].volumeMounts
content:
name: secrets
mountPath: /root/.gitconfig
subPath: .gitconfig
template: templates/deployment.yaml
- contains:
path: spec.template.spec.volumes
content:
name: secrets
projected:
sources:
- configMap:
items:
- key: my-gitconfig-key
path: .gitconfig
mode: 0644
name: my-custom-configmap
template: templates/deployment.yaml
- it: Rendering with custom gitconfig configMap, but without sha sum annotations
set:
config.gitConfig.enabled: true
config.gitConfig.addSHASumAnnotation: false
config.gitConfig.existingConfigMap.enabled: true
config.gitConfig.existingConfigMap.configMapName: "my-custom-configmap"
config.gitConfig.existingConfigMap.gitConfigKey: "my-gitconfig-key"
persistence.enabled: true
asserts:
- notExists:
path: spec.template.metadata.annotations.checksum/config-map-my-custom-configmap
template: templates/deployment.yaml
- contains:
path: spec.template.spec.containers[0].volumeMounts

69
unittests/deployment/netrc.yaml
View File

@@ -40,6 +40,7 @@ tests:
- it: Rendering default with mounted netrc secret
set:
config.netrc.enabled: true
config.netrc.addSHASumAnnotation: true
persistence.enabled: true
asserts:
- exists:
@@ -66,16 +67,80 @@ tests:
name: athens-proxy-unittest-netrc
template: templates/deployment.yaml
- it: Rendering default with mounted netrc secret, but without sha sum annotation
set:
config.netrc.enabled: true
config.netrc.addSHASumAnnotation: false
persistence.enabled: true
asserts:
- notExists:
path: spec.template.metadata.annotations.checksum/secret-athens-proxy-unittest-netrc
template: templates/deployment.yaml
- contains:
path: spec.template.spec.containers[0].volumeMounts
content:
name: secrets
mountPath: /root/.netrc
subPath: .netrc
template: templates/deployment.yaml
- contains:
path: spec.template.spec.volumes
content:
name: secrets
projected:
sources:
- secret:
items:
- key: .netrc
path: .netrc
mode: 0600
name: athens-proxy-unittest-netrc
template: templates/deployment.yaml
- it: Rendering with custom netrc secret
set:
config.netrc.enabled: true
config.netrc.addSHASumAnnotation: true
config.netrc.existingSecret.enabled: true
config.netrc.existingSecret.secretName: "my-custom-secret"
config.netrc.existingSecret.netrcKey: "my-netrc-key"
persistence.enabled: true
asserts:
- notExists:
path: spec.template.metadata.annotations.checksum/secret-athens-proxy-unittest-netc
- exists:
path: spec.template.metadata.annotations.checksum/secret-my-custom-secret
template: templates/deployment.yaml
- contains:
path: spec.template.spec.containers[0].volumeMounts
content:
name: secrets
mountPath: /root/.netrc
subPath: .netrc
template: templates/deployment.yaml
- contains:
path: spec.template.spec.volumes
content:
name: secrets
projected:
sources:
- secret:
items:
- key: my-netrc-key
path: .netrc
mode: 0600
name: my-custom-secret
template: templates/deployment.yaml
- it: Rendering with custom netrc secret, but without sha sum annotation
set:
config.netrc.enabled: true
config.netrc.addSHASumAnnotation: false
config.netrc.existingSecret.enabled: true
config.netrc.existingSecret.secretName: "my-custom-secret"
config.netrc.existingSecret.netrcKey: "my-netrc-key"
persistence.enabled: true
asserts:
- notExists:
path: spec.template.metadata.annotations.checksum/secret-my-custom-secret
template: templates/deployment.yaml
- contains:
path: spec.template.spec.containers[0].volumeMounts

17
unittests/deployment/ssh.yaml
View File

@@ -107,6 +107,7 @@ tests:
- it: Rendering default with mounted ssh keys
set:
config.ssh.enabled: true
config.ssh.addSHASumAnnotation: true
config.ssh.secret.id_ed25519: foo
config.ssh.secret.id_ed25519_pub: bar
config.ssh.secret.id_rsa: foo
@@ -180,6 +181,7 @@ tests:
- it: Rendering with custom ssh secret
set:
config.ssh.enabled: true
config.ssh.addSHASumAnnotation: true
config.ssh.existingSecret.enabled: true
config.ssh.existingSecret.secretName: "my-custom-secret"
config.ssh.existingSecret.configKey : "my-config-key"
@@ -189,8 +191,8 @@ tests:
config.ssh.existingSecret.id_rsaPubKey : "my-public-rsa-key"
persistence.enabled: true
asserts:
- notExists:
path: spec.template.metadata.annotations.checksum/secret-athens-proxy-unittest-ssh
- exists:
path: spec.template.metadata.annotations.checksum/secret-my-custom-secret
template: templates/deployment.yaml
- contains:
path: spec.template.spec.containers[0].volumeMounts
@@ -252,3 +254,14 @@ tests:
mode: 0644
name: my-custom-secret
template: templates/deployment.yaml
- it: Rendering with custom ssh secret, but without sha sum annotation
set:
config.ssh.enabled: true
config.ssh.addSHASumAnnotation: false
config.ssh.existingSecret.enabled: true
config.ssh.existingSecret.secretName: "my-custom-secret"
asserts:
- notExists:
path: spec.template.metadata.annotations.checksum/secret-my-custom-secret
template: templates/deployment.yaml

12
values.yaml
View File

@@ -8,7 +8,9 @@ fullnameOverride: ""
## @section Certificate
certificate:
## @param certificate.enabled Issue a TLS certificate via cert-manager. If enabled, the environment variables `ATHENS_TLSCERT_FILE` and `ATHENS_TLSKEY_FILE` will be automatically added.
## @param certificate.addSHASumAnnotation Add an pod annotation with the sha sum of the secret containing the TLS certificates.
enabled: false
addSHASumAnnotation: true
## @param certificate.existingSecret.enabled Use an existing secret of the type `kubernetes.io/tls`.
## @param certificate.existingSecret.secretName Name of the secret containing the TLS certificate and private key.
@@ -80,7 +82,9 @@ certificate:
config:
env:
## @param config.env.enabled Enable mounting of the secret as environment variables.
## @param config.env.addSHASumAnnotation Add an pod annotation with the sha sum of the config map containing the configuration.
enabled: false
addSHASumAnnotation: true
## @param config.env.existingSecret.enabled Mount an existing secret containing the application specific environment variables.
## @param config.env.existingSecret.secretName Name of the existing secret containing the application specific environment variables.
@@ -168,7 +172,9 @@ config:
downloadMode:
## @param config.downloadMode.enabled Enable mounting of a download mode file into the container file system. If enabled, the env `ATHENS_DOWNLOAD_MODE` will automatically be defined.
## @param config.downloadMode.addSHASumAnnotation Add an pod annotation with the sha sum of the config map containing the downloadMode config.
enabled: false
addSHASumAnnotation: true
## @param config.downloadMode.existingConfigMap.enabled Enable to use an external config map for mounting the download mode file.
## @param config.downloadMode.existingConfigMap.configMapName The name of the existing config map which should be used to mount the download mode file.
@@ -204,7 +210,9 @@ config:
gitConfig:
## @param config.gitConfig.enabled Enable mounting of a .gitconfig file into the container file system.
## @param config.gitConfig.addSHASumAnnotation Add an pod annotation with the sha sum of the config map containing the git config.
enabled: false
addSHASumAnnotation: true
## @param config.gitConfig.existingConfigMap.enabled Enable to use an external config map for mounting the .gitconfig file.
## @param config.gitConfig.existingConfigMap.configMapName The name of the existing config map which should be used to mount the .gitconfig file.
@@ -230,7 +238,9 @@ config:
netrc:
## @param config.netrc.enabled Enable mounting of a .netrc file into the container file system.
## @param config.netrc.addSHASumAnnotation Add an pod annotation with the sha sum of the secret containing the netrc file.
enabled: false
addSHASumAnnotation: true
## @param config.netrc.existingSecret.enabled Enable to use an external secret for mounting the .netrc file.
## @param config.netrc.existingSecret.secretName The name of the existing secret which should be used to mount the .netrc file.
@@ -262,7 +272,9 @@ config:
ssh:
## @param config.ssh.enabled Enable mounting of a .netrc file into the container file system.
## @param config.ssh.addSHASumAnnotation Add an pod annotation with the sha sum of the secret containing the ssh keys.
enabled: false
addSHASumAnnotation: true
## @param config.ssh.existingSecret.enabled Enable to use an external secret for mounting the public and private SSH key files.
## @param config.ssh.existingSecret.secretName The name of the existing secret which should be used to mount the public and private SSH key files.