Merge branch 'main' into helm-operator-podlabels

hashicorp · Dec 2, 2024 · 9c2c3ac · 9c2c3ac
2 parents d7532b3 + c555f54
commit 9c2c3ac
Show file tree

Hide file tree

Showing 4 changed files with 39 additions and 0 deletions.
diff --git a/.changes/unreleased/ENHANCEMENTS-495-20241127-090349.yaml b/.changes/unreleased/ENHANCEMENTS-495-20241127-090349.yaml
@@ -0,0 +1,5 @@
+kind: ENHANCEMENTS
+body: '`Helm Chart`: Add the ability to configure `affinity` and `tolerations` for the Deployment of the operator.'
+time: 2024-11-27T09:03:49.589507226+01:00
+custom:
+    PR: "495"
diff --git a/charts/hcp-terraform-operator/README.md b/charts/hcp-terraform-operator/README.md
@@ -168,6 +168,7 @@ For a more detailed explanation, please refer to the [FAQ](../../docs/faq.md#gen
 | kubeRbacProxy.resources.requests.cpu | string | `"50m"` | Guaranteed minimum amount of CPU to be used by a container. |
 | kubeRbacProxy.resources.requests.memory | string | `"64Mi"` | Guaranteed minimum amount of memory to be used by a container. |
 | kubeRbacProxy.securityContext | object | `{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"seccompProfile":{"type":"RuntimeDefault"}}` | Container security context. More information in [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/). |
+| operator.affinity | object | `{}` | Kubernetes Affinity. More information: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity |
 | operator.image.pullPolicy | string | `"IfNotPresent"` | Image pull policy. |
 | operator.image.repository | string | `"hashicorp/hcp-terraform-operator"` | Image repository. |
 | operator.image.tag | string | `""` | Image tag. Defaults to `.Chart.AppVersion`. |
@@ -179,6 +180,7 @@ For a more detailed explanation, please refer to the [FAQ](../../docs/faq.md#gen
 | operator.skipTLSVerify | bool | `false` | Whether or not to ignore TLS certification warnings. |
 | operator.syncPeriod | string | `"1h"` | The minimum frequency at which watched resources are reconciled. Format: `5s`, `1m`, etc. |
 | operator.tfeAddress | string | `""` | The API URL of a Terraform Enterprise instance. |
+| operator.tolerations | list | `[]` | Kubernetes Tolerations. More information: https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ |
 | operator.watchedNamespaces | list | `[]` | List of namespaces the controllers should watch. |
 | podLabels | object | `{}` | Additional labels to add to the Operator pods. |
 | priorityClassName | string | `""` | Deployment priorityClassName. More information in [Kubernetes documentation](https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/). |

diff --git a/charts/hcp-terraform-operator/templates/deployment.yaml b/charts/hcp-terraform-operator/templates/deployment.yaml
@@ -103,6 +103,14 @@ spec:
             {{- toYaml .Values.kubeRbacProxy.resources | nindent 12 }}
           securityContext:
             {{- toYaml .Values.kubeRbacProxy.securityContext | nindent 12 }}
+      {{- with .Values.operator.affinity }}
+      affinity:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.operator.tolerations }}
+      tolerations:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
       serviceAccountName: {{ include "hcp-terraform-operator.serviceAccountName" . }}
       securityContext:
         {{- toYaml .Values.securityContext | nindent 8 }}

diff --git a/charts/hcp-terraform-operator/values.yaml b/charts/hcp-terraform-operator/values.yaml
@@ -47,6 +47,30 @@ operator:
     seccompProfile:
       type: RuntimeDefault
 
+  # Usage example:
+  # affinity:
+  #   nodeAffinity:
+  #     requiredDuringSchedulingIgnoredDuringExecution:
+  #       nodeSelectorTerms:
+  #       - matchExpressions:
+  #         - key: kubernetes.io/arch
+  #           operator: In
+  #           values:
+  #         - amd64
+  #
+  # -- Kubernetes Affinity. More information: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity
+  affinity: {}
+
+  # Usage example:
+  # tolerations:
+  # - key: "kubernetes.azure.com/scalesetpriority"
+  #   operator: "Equal"
+  #   value: "spot"
+  #   effect: "NoSchedule"
+  #
+  # -- Kubernetes Tolerations. More information: https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/
+  tolerations: []
+
   # -- The minimum frequency at which watched resources are reconciled. Format: `5s`, `1m`, etc.
   syncPeriod: 1h