Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[KEDA] Update helm values to work from v2.14.0 #1024

Merged
merged 3 commits into from
Jun 23, 2024
Merged
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
40 changes: 21 additions & 19 deletions lib/addons/keda/index.ts
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ import { HelmAddOn, HelmAddOnProps, HelmAddOnUserProps } from "../helm-addon";
export interface KedaAddOnProps extends HelmAddOnUserProps {
/**
* Version of the helm chart to deploy
*/
*/
version?: string;
/**
* Name of the KEDA operator
Expand All @@ -25,22 +25,28 @@ export interface KedaAddOnProps extends HelmAddOnUserProps {
/**
* securityContext: fsGroup
* Check the workaround for SQS Scalar with IRSA https://github.com/kedacore/keda/issues/837#issuecomment-789037326
*/
*
* @deprecated Has no effect for version 2.14 and above. Update podSecurityContext.operator.fsGroup in Values instead. KEDA-is-secure-by-default with fsGroup: 1000
*/
podSecurityContextFsGroup?: number;
/**
* securityContext:runAsGroup
* Check the workaround for SQS Scalar with IRSA https://github.com/kedacore/keda/issues/837#issuecomment-789037326
*/
*
* @deprecated Has no effect for version 2.14 and above. Update podSecurityContext.operator.runAsGroup in Values instead. KEDA-is-secure-by-default with runAsGroup: 1000
*/
securityContextRunAsGroup?: number;
/**
* securityContext:runAsUser
* Check the workaround for SQS Scalar with IRSA https://github.com/kedacore/keda/issues/837#issuecomment-789037326
*
* @deprecated Has no effect for version 2.14 and above. Update podSecurityContext.operator.runAsUser in Values instead. KEDA-is-secure-by-default with runAsUser: 1000
*/
securityContextRunAsUser?: number;
/**
* An array of Managed IAM Policies which Service Account needs for IRSA Eg: irsaRoles:["CloudWatchFullAccess","AmazonSQSFullAccess"]. If not empty
* An array of Managed IAM Policies which Service Account of KEDA operator needs for IRSA Eg: irsaRoles:["CloudWatchFullAccess","AmazonSQSFullAccess"]. If not empty
* Service Account will be Created by CDK with IAM Roles Mapped (IRSA). In case if its empty, Keda will create the Service Account with out IAM Roles
*/
*/
irsaRoles?: string[];

}
Expand All @@ -52,7 +58,7 @@ const defaultProps: HelmAddOnProps & KedaAddOnProps = {
name: "blueprints-keda-addon",
chart: "keda",
namespace:"keda",
version: "2.13.2",
version: "2.14.2",
release: "keda",
repository: "https://kedacore.github.io/charts",
values: {},
Expand All @@ -74,19 +80,20 @@ export class KedaAddOn extends HelmAddOn {
}

deploy(clusterInfo: ClusterInfo): Promise<Construct> {

const cluster = clusterInfo.cluster;
let values: Values = populateValues(this.options);
values = merge(values, this.props.values ?? {});


const namespace = createNamespace(this.options.namespace! , cluster);

if (this.options.irsaRoles!.length > 0) {
//Create Service Account with IRSA
const opts = { name: this.options.kedaOperatorName, namespace: this.options.namespace };
elamaran11 marked this conversation as resolved.
Show resolved Hide resolved
const sa = cluster.addServiceAccount(this.options.kedaServiceAccountName!, opts);
setRoles(sa,this.options.irsaRoles!);
const namespace = createNamespace(this.options.namespace! , cluster);
sa.node.addDependency(namespace);

const chart = this.addHelmChart(clusterInfo, values);
chart.node.addDependency(sa);
return Promise.resolve(chart);
Expand All @@ -96,8 +103,8 @@ export class KedaAddOn extends HelmAddOn {
const chart = this.addHelmChart(clusterInfo, values);
return Promise.resolve(chart);
}


}
}

Expand All @@ -108,14 +115,10 @@ export class KedaAddOn extends HelmAddOn {
function populateValues(helmOptions: KedaAddOnProps): Values {
const values = helmOptions.values ?? {};

// Check the workaround for SQS Scalar https://github.com/kedacore/keda/issues/837
setPath(values, "operator.name", helmOptions.kedaOperatorName);
setPath(values, "podSecurityContext.fsGroup", helmOptions.podSecurityContextFsGroup);
vumdao marked this conversation as resolved.
Show resolved Hide resolved
setPath(values, "securityContext.runAsGroup", helmOptions.securityContextRunAsGroup);
setPath(values, "securityContext.runAsUser", helmOptions.securityContextRunAsUser);
//In Case irsaRoles array is non empty, code should not allow Keda to create Service Account, CDK will create Service Account with IRSA enabled
setPath(values, "serviceAccount.create", helmOptions.irsaRoles!.length > 0 ? false : true);
setPath(values, "serviceAccount.name", helmOptions.kedaServiceAccountName);
setPath(values, "serviceAccount.operator.create", helmOptions.irsaRoles!.length > 0 ? false : true);
setPath(values, "serviceAccount.operator.name", helmOptions.kedaServiceAccountName);

return values;
}
Expand All @@ -131,4 +134,3 @@ function populateValues(helmOptions: KedaAddOnProps): Values {
sa.role.addManagedPolicy(policy);
});
}

Loading