Skip to content

Commit

Permalink
Merge pull request kubernetes-sigs#3192 from stelucz/main
Browse files Browse the repository at this point in the history 
Add env values from Secret in the same way as EBS CSI driver does
  • Loading branch information
@k8s-ci-robot
k8s-ci-robot authored Nov 2, 2023
2 parents 70b2799 + f7596dd commit d3f1040
Show file tree
Hide file tree
Showing 3 changed files with 21 additions and 1 deletion.
1 change: 1 addition & 0 deletions helm/aws-load-balancer-controller/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -237,6 +237,7 @@ The default values set by the application itself can be confirmed [here](https:/
| `externalManagedTags` | Specifies the list of tag keys on AWS resources that are managed externally | `[]` |
| `livenessProbe` | Liveness probe settings for the controller | (see `values.yaml`) |
| `env` | Environment variables to set for aws-load-balancer-controller pod | None |
| `envSecretName` | AWS credentials as environment variables from Secret (Secret keys `key_id` and `access_key`). | None |
| `hostNetwork` | If `true`, use hostNetwork | `false` |
| `dnsPolicy` | Set dnsPolicy if required | `ClusterFirst` |
| `extraVolumeMounts` | Extra volume mounts for the pod | `[]` |
Expand Down
18 changes: 17 additions & 1 deletion helm/aws-load-balancer-controller/templates/deployment.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -155,13 +155,29 @@ spec:
{{- if ne .Values.defaultTargetType "instance" }}
- --default-target-type={{ .Values.defaultTargetType }}
{{- end }}
{{- if .Values.env }}
{{- if or .Values.env .Values.envSecretName }}
env:
{{- if .Values.env}}
{{- range $key, $value := .Values.env }}
- name: {{ $key }}
value: "{{ $value }}"
{{- end }}
{{- end }}
{{- if .Values.envSecretName }}
- name: AWS_ACCESS_KEY_ID
valueFrom:
secretKeyRef:
name: {{ .Values.envSecretName }}
key: key_id
optional: true
- name: AWS_SECRET_ACCESS_KEY
valueFrom:
secretKeyRef:
name: {{ .Values.envSecretName }}
key: access_key
optional: true
{{- end }}
{{- end }}
securityContext:
{{- toYaml .Values.securityContext | nindent 10 }}
image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
Expand Down
3 changes: 3 additions & 0 deletions helm/aws-load-balancer-controller/values.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -253,6 +253,9 @@ env:
# ENV_1: ""
# ENV_2: ""

# Use Environment variables credentials from Secret (aws-secret) for aws-load-balancer-controller pod similarly as The EBS CSI Driver does.
# envSecretName: aws-secret

# Specifies if aws-load-balancer-controller should be started in hostNetwork mode.
#
# This is required if using a custom CNI where the managed control plane nodes are unable to initiate
Expand Down

0 comments on commit d3f1040

Please sign in to comment.