diff --git a/helm/solr-operator/Chart.yaml b/helm/solr-operator/Chart.yaml index a95c838a..81ba86c5 100644 --- a/helm/solr-operator/Chart.yaml +++ b/helm/solr-operator/Chart.yaml @@ -106,7 +106,7 @@ annotations: - name: Github PR url: https://github.com/apache/solr-operator/pull/790 - kind: fixed - description: Correct the placement and syntax of the imagePullSecret in the Solr-Operator Helm chart + description: Correct the placement and syntax of the image.imagePullSecret in the Solr-Operator Helm chart links: - name: Github PR url: https://github.com/apache/solr-operator/pull/782 @@ -124,6 +124,13 @@ annotations: url: https://github.com/apache/solr-operator/issues/817 - name: Github PR url: https://github.com/apache/solr-operator/pull/818 + - kind: added + description: Support global.imagePullSecrets for pulling images from private registries, this is merged with image.imagePullSecret. Both accept plain strings in addition to objects + links: + - name: Github Issue + url: https://github.com/apache/solr-operator/issues/338 + - name: Github PR + url: https://github.com/apache/solr-operator/pull/832 artifacthub.io/images: | - name: solr-operator image: apache/solr-operator:v0.10.0-prerelease diff --git a/helm/solr-operator/README.md b/helm/solr-operator/README.md index 50a34241..79acc1a4 100644 --- a/helm/solr-operator/README.md +++ b/helm/solr-operator/README.md @@ -171,6 +171,7 @@ The command removes all the Kubernetes components associated with the chart and | Key | Type | Default | Description | |-----|------|---------|-------------| +| global.imagePullSecrets | []object/string | `[]` | Secrets for pulling images from private registries. Accepts both Kubernetes-native format (`[{name: "secret"}]`) and plain strings (`["secret"]`). | | image.repository | string | `"apache/solr-operator"` | The repository of the Solr Operator image | | image.tag | string | `"v0.10.0-prerelease"` | The tag/version of the Solr Operator to run | | image.pullPolicy | string | `"IfNotPresent"` | | diff --git a/helm/solr-operator/templates/deployment.yaml b/helm/solr-operator/templates/deployment.yaml index 75413714..2def7ef7 100644 --- a/helm/solr-operator/templates/deployment.yaml +++ b/helm/solr-operator/templates/deployment.yaml @@ -38,14 +38,23 @@ spec: {{ toYaml .Values.labels | nindent 8 }} {{- end }} spec: + {{- if or .Values.global.imagePullSecrets .Values.image.imagePullSecret }} + imagePullSecrets: + {{- range .Values.global.imagePullSecrets }} + {{- if kindIs "string" . }} + - name: {{ . }} + {{- else }} + - name: {{ required "Each entry in global.imagePullSecrets must be a string or an object with a 'name' field" .name }} + {{- end }} + {{- end }} + {{- with .Values.image.imagePullSecret }} + - name: {{ . }} + {{- end }} + {{- end }} serviceAccountName: {{ include "solr-operator.serviceAccountName" . }} {{- if .Values.priorityClassName }} priorityClassName: {{ .Values.priorityClassName }} {{- end }} - {{- if .Values.image.imagePullSecret }} - imagePullSecrets: - - name: {{ .Values.image.imagePullSecret }} - {{- end }} containers: - name: {{ .Chart.Name }} image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" diff --git a/helm/solr-operator/values.yaml b/helm/solr-operator/values.yaml index 3a293e3f..7453b614 100644 --- a/helm/solr-operator/values.yaml +++ b/helm/solr-operator/values.yaml @@ -19,6 +19,11 @@ replicaCount: 1 +global: + # List the secrets needed to pull images from a private registry. + # Accepts both Kubernetes-native format [{name: "secret"}] and plain strings ["secret"]. + imagePullSecrets: [] + # Development mode configures certain settings for convenient development. # When 'true', logging will use: encoder=console, level=debug, stacktrace-level=warn development: false diff --git a/helm/solr/Chart.yaml b/helm/solr/Chart.yaml index 224b3edf..29a4bafb 100644 --- a/helm/solr/Chart.yaml +++ b/helm/solr/Chart.yaml @@ -53,6 +53,13 @@ annotations: links: - name: Github PR url: https://github.com/apache/solr-operator/pull/811 + - kind: added + description: global.imagePullSecrets and podOptions.imagePullSecrets now accept plain strings in addition to objects, and are merged correctly into the Solr pods + links: + - name: Github Issue + url: https://github.com/apache/solr-operator/issues/338 + - name: Github PR + url: https://github.com/apache/solr-operator/pull/832 artifacthub.io/containsSecurityUpdates: "false" artifacthub.io/recommendations: | - url: https://artifacthub.io/packages/helm/apache-solr/solr-operator diff --git a/helm/solr/README.md b/helm/solr/README.md index 2d95171a..a7a10786 100644 --- a/helm/solr/README.md +++ b/helm/solr/README.md @@ -265,7 +265,7 @@ Configure Solr to use a separate TLS certificate for client auth. | Key | Type | Default | Description | |-----|------|---------|-------------| -| global.imagePullSecrets | []object | | The list of imagePullSecrets to include in pods | +| global.imagePullSecrets | []object/string | | The list of imagePullSecrets to include in all pods (Solr and ZK). Accepts both Kubernetes-native format (`[{name: "secret"}]`) and plain strings (`["secret"]`). | | global.clusterDomain | string | | The cluster domain the Kubernetes is addressed under. | ### Custom Kubernetes Options @@ -300,7 +300,7 @@ When using the helm chart, omit `customSolrKubeOptions.` | podOptions.readinessProbe | object | | Custom readiness probe for the Solr container | | podOptions.startupProbe | object | | Custom startup probe for the Solr container | | podOptions.lifecycle | object | | Custom lifecycle for the Solr container | -| podOptions.imagePullSecrets | []object | | List of image pull secrets to inject into the Solr pod, in addition to `global.imagePullSecrets` | +| podOptions.imagePullSecrets | []object/string | | List of image pull secrets to inject into the Solr pod, in addition to `global.imagePullSecrets`. Accepts both Kubernetes-native format (`[{name: "secret"}]`) and plain strings (`["secret"]`). | | podOptions.volumes | []object | | List of additional volumes to attach to the Solr pod, and optionally how to mount them to the Solr container | | statefulSetOptions.annotations | map[string]string | | Custom annotations to add to the Solr statefulSet | | statefulSetOptions.labels | map[string]string | | Custom labels to add to the Solr statefulSet | diff --git a/helm/solr/templates/_custom_option_helpers.tpl b/helm/solr/templates/_custom_option_helpers.tpl index 4082e6c4..b74c52d2 100644 --- a/helm/solr/templates/_custom_option_helpers.tpl +++ b/helm/solr/templates/_custom_option_helpers.tpl @@ -71,7 +71,13 @@ containerSecurityContext: {{ end }} {{- if (or .Values.podOptions.imagePullSecrets .Values.global.imagePullSecrets) -}} imagePullSecrets: - {{- toYaml (append .Values.podOptions.imagePullSecrets .Values.global.imagePullSecrets) | nindent 2 }} +{{- range (concat .Values.podOptions.imagePullSecrets .Values.global.imagePullSecrets) }} +{{- if kindIs "string" . }} + - name: {{ . }} +{{- else }} + - name: {{ required "Each entry in imagePullSecrets must be a string or an object with a 'name' field" .name }} +{{- end }} +{{- end }} {{ end }} {{- if .Values.podOptions.volumes -}} volumes: diff --git a/helm/solr/values.yaml b/helm/solr/values.yaml index 595fd85f..281a7579 100644 --- a/helm/solr/values.yaml +++ b/helm/solr/values.yaml @@ -24,6 +24,9 @@ fullnameOverride: "" replicas: null global: + # List the secrets needed to pull images from a private registry. + # Accepts both Kubernetes-native format [{name: "secret"}] and plain strings ["secret"]. + # These are merged with podOptions.imagePullSecrets and applied to the Solr pods. imagePullSecrets: [] clusterDomain: "" @@ -325,6 +328,8 @@ podOptions: # Lifecycle for the Solr container lifecycle: {} + # List of image pull secrets to inject into the Solr pod, in addition to global.imagePullSecrets. + # Accepts both Kubernetes-native format [{name: "secret"}] and plain strings ["secret"]. imagePullSecrets: [] resources: {}