diff --git a/charts/actions-runner-controller/README.md b/charts/actions-runner-controller/README.md index 92ef1e47..d291bb6f 100644 --- a/charts/actions-runner-controller/README.md +++ b/charts/actions-runner-controller/README.md @@ -102,8 +102,11 @@ All additional docs are kept in the `docs/` folder, this README is solely for do | `githubWebhookServer.tolerations` | Set the githubWebhookServer pod tolerations | | | `githubWebhookServer.affinity` | Set the githubWebhookServer pod affinity rules | | | `githubWebhookServer.priorityClassName` | Set the githubWebhookServer pod priorityClassName | | +| `githubWebhookServer.terminationGracePeriodSeconds` | Set the githubWebhookServer pod terminationGracePeriodSeconds. Useful when using preStop hooks to drain/sleep. | `10` | +| `githubWebhookServer.lifecycle` | Set the githubWebhookServer pod lifecycle hooks | `{}` | | `githubWebhookServer.service.type` | Set githubWebhookServer service type | | | `githubWebhookServer.service.ports` | Set githubWebhookServer service ports | `[{"port":80, "targetPort:"http", "protocol":"TCP", "name":"http"}]` | +| `githubWebhookServer.service.loadBalancerSourceRanges` | Set githubWebhookServer loadBalancerSourceRanges for restricting loadBalancer type services | `[]` | | `githubWebhookServer.ingress.enabled` | Deploy an ingress kind for the githubWebhookServer | false | | `githubWebhookServer.ingress.annotations` | Set annotations for the ingress kind | | | `githubWebhookServer.ingress.hosts` | Set hosts configuration for ingress | `[{"host": "chart-example.local", "paths": []}]` | @@ -135,17 +138,20 @@ All additional docs are kept in the `docs/` folder, this README is solely for do | `actionsMetricsServer.tolerations` | Set the actionsMetricsServer pod tolerations | | | `actionsMetricsServer.affinity` | Set the actionsMetricsServer pod affinity rules | | | `actionsMetricsServer.priorityClassName` | Set the actionsMetricsServer pod priorityClassName | | +| `actionsMetricsServer.terminationGracePeriodSeconds` | Set the actionsMetricsServer pod terminationGracePeriodSeconds. Useful when using preStop hooks to drain/sleep. | `10` | +| `actionsMetricsServer.lifecycle` | Set the actionsMetricsServer pod lifecycle hooks | `{}` | | `actionsMetricsServer.service.type` | Set actionsMetricsServer service type | | | `actionsMetricsServer.service.ports` | Set actionsMetricsServer service ports | `[{"port":80, "targetPort:"http", "protocol":"TCP", "name":"http"}]` | +| `actionsMetricsServer.service.loadBalancerSourceRanges` | Set actionsMetricsServer loadBalancerSourceRanges for restricting loadBalancer type services | `[]` | | `actionsMetricsServer.ingress.enabled` | Deploy an ingress kind for the actionsMetricsServer | false | | `actionsMetricsServer.ingress.annotations` | Set annotations for the ingress kind | | | `actionsMetricsServer.ingress.hosts` | Set hosts configuration for ingress | `[{"host": "chart-example.local", "paths": []}]` | | `actionsMetricsServer.ingress.tls` | Set tls configuration for ingress | | | `actionsMetricsServer.ingress.ingressClassName` | Set ingress class name | | -| `actionsMetrics.serviceMonitor` | Deploy serviceMonitor kind for for use with prometheus-operator CRDs | false | -| `actionsMetrics.serviceAnnotations` | Set annotations for the provisioned actions metrics service resource | | -| `actionsMetrics.port` | Set port of actions metrics service | 8443 | -| `actionsMetrics.proxy.enabled` | Deploy kube-rbac-proxy container in controller pod | true | -| `actionsMetrics.proxy.image.repository` | The "repository/image" of the kube-proxy container | quay.io/brancz/kube-rbac-proxy | -| `actionsMetrics.proxy.image.tag` | The tag of the kube-proxy image to use when pulling the container | v0.13.1 | -| `actionsMetrics.serviceMonitorLabels` | Set labels to apply to ServiceMonitor resources | | +| `actionsMetrics.serviceMonitor` | Deploy serviceMonitor kind for for use with prometheus-operator CRDs | false | +| `actionsMetrics.serviceAnnotations` | Set annotations for the provisioned actions metrics service resource | | +| `actionsMetrics.port` | Set port of actions metrics service | 8443 | +| `actionsMetrics.proxy.enabled` | Deploy kube-rbac-proxy container in controller pod | true | +| `actionsMetrics.proxy.image.repository` | The "repository/image" of the kube-proxy container | quay.io/brancz/kube-rbac-proxy | +| `actionsMetrics.proxy.image.tag` | The tag of the kube-proxy image to use when pulling the container | v0.13.1 | +| `actionsMetrics.serviceMonitorLabels` | Set labels to apply to ServiceMonitor resources | | diff --git a/charts/actions-runner-controller/templates/actionsmetrics.deployment.yaml b/charts/actions-runner-controller/templates/actionsmetrics.deployment.yaml index 5eac2002..d7cb67b2 100644 --- a/charts/actions-runner-controller/templates/actionsmetrics.deployment.yaml +++ b/charts/actions-runner-controller/templates/actionsmetrics.deployment.yaml @@ -50,6 +50,12 @@ spec: {{- end }} command: - "/actions-metrics-server" + {{- if .Values.actionsMetricsServer.lifecycle }} + {{- with .Values.actionsMetricsServer.lifecycle }} + lifecycle: + {{- toYaml . | nindent 10 }} + {{- end }} + {{- end }} env: - name: GITHUB_WEBHOOK_SECRET_TOKEN valueFrom: @@ -142,7 +148,7 @@ spec: securityContext: {{- toYaml .Values.securityContext | nindent 12 }} {{- end }} - terminationGracePeriodSeconds: 10 + terminationGracePeriodSeconds: {{ .Values.actionsMetricsServer.terminationGracePeriodSeconds }} {{- with .Values.actionsMetricsServer.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} diff --git a/charts/actions-runner-controller/templates/actionsmetrics.service.yaml b/charts/actions-runner-controller/templates/actionsmetrics.service.yaml index 2c70f24b..0cfae32a 100644 --- a/charts/actions-runner-controller/templates/actionsmetrics.service.yaml +++ b/charts/actions-runner-controller/templates/actionsmetrics.service.yaml @@ -23,4 +23,10 @@ spec: {{- end }} selector: {{- include "actions-runner-controller-actions-metrics-server.selectorLabels" . | nindent 4 }} + {{- if .Values.actionsMetricsServer.service.loadBalancerSourceRanges }} + loadBalancerSourceRanges: + {{- range $ip := .Values.actionsMetricsServer.service.loadBalancerSourceRanges }} + - {{ $ip -}} + {{- end }} + {{- end }} {{- end }} diff --git a/charts/actions-runner-controller/values.yaml b/charts/actions-runner-controller/values.yaml index b1def68e..9d4dab84 100644 --- a/charts/actions-runner-controller/values.yaml +++ b/charts/actions-runner-controller/values.yaml @@ -360,6 +360,7 @@ actionsMetricsServer: protocol: TCP name: http #nodePort: someFixedPortForUseWithTerraformCdkCfnEtc + loadBalancerSourceRanges: [] ingress: enabled: false ingressClassName: "" @@ -389,4 +390,5 @@ actionsMetricsServer: # - secretName: chart-example-tls # hosts: # - chart-example.local - + terminationGracePeriodSeconds: 10 + lifecycle: {}