Added imagePullSecrets to deployment template #904
Conversation
|
|
Kuvesz
force-pushed
the
update_chart_with_imagepullsecrets
branch
from
8b85c68 to
8295a21
Compare
There was a problem hiding this comment.
The change itself looks okay even though I would argue we should add commented out example code into the values.yaml.
The only use-case I could come up with would possibly be an air-gapped system with access control over the images.
I'm hesitant to approve, because I don't want additional unused code in the code base, but also don't want to block progress or uniforming things.
To be honest I'm not exactly sure we need this either as I've stated in my original comment. Everything else will be fine without it really and we can come back to this if someone from the community feels like they need it? |
|
We can let it fly as the values.yaml already contains the corresponding config. |
I don't quite get why? Would you mind explaining it a bit further? |
When you add an imagepullsecret into a serviceaccount then a pod which use that serviceaccount will contain the imagepullsecret what is in the serviceaccount. Here you add that imagepullsecret into the deployment anyway. Our serviceaccount imagepullsecret solution is wrong I think because when a user disable ( ) the serviceaccount creation then the imagepullsecret will not be in the default serviceaccount and in the koperator's pod. |
What's in this PR?
I added imagePullSecrets to the deployment template and updated the chart version. Also updated release.yml to not include dev tags for now in releases.
Why?
Not sure when there would be a need for this as the images are publicly accessible but just in case it doesn't hurt if it's there.
Checklist