From df0aec79766d89db6d4e95846784bfc62fde231d Mon Sep 17 00:00:00 2001 From: Dustin Specker Date: Fri, 25 Jan 2019 14:17:03 -0600 Subject: [PATCH] add post-upgrade hook and deletion policy to readonly SA token secret Before, the secret was not getting installed when upgrading from a previous version of this chart without the secret. On clean install it was working. Now, with the addition of the post-upgrade hook this chart will install the secret correctly when upgrading from a previous version without this secret. The deletion policy is required for sequential upgrades. Tiller does not keep track of resources installed via post-{install,upgrade} hooks, this causes an "Already exists" error when upgrading without this hook. With this hook, the secret will be deleted before upgrading, which will then install this resource. Change-Id: Ia3af5af8bcf28cae3ad31f427068a025a5a4c7fd --- sonobuoy/templates/serviceaccount-readonly.yaml | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/sonobuoy/templates/serviceaccount-readonly.yaml b/sonobuoy/templates/serviceaccount-readonly.yaml index 913db39e..e0b1b566 100644 --- a/sonobuoy/templates/serviceaccount-readonly.yaml +++ b/sonobuoy/templates/serviceaccount-readonly.yaml @@ -102,7 +102,17 @@ metadata: before creating a secret token for it. By default helm deploys secrets before ServiceAccounts which causes this secret to not exist since the ServiceAccount is missing. + post-upgrade hook is required when upgrading from a previous version of + this chart that did not have this secret. */}} - "helm.sh/hook": "post-install" + "helm.sh/hook": "post-install,post-upgrade" + {{/* + before--hook-creation hook is required for sequential upgrades. Tiller + does not keep track of resources installed via post-{install,upgrade} hooks, + this causes an "Already exists" error when upgrading without this hook. With + this hook, this secret will be deleted before upgrading, which will then install + this resource. + */}} + "helm.sh/hook-delete-policy": "before-hook-creation" --- {{- end }}