Skip to content

Commit

Permalink
fix: vault-env oom killed
Browse files Browse the repository at this point in the history 
Signed-off-by: Bence Csati <[email protected]>
  • Loading branch information
@csatib02
csatib02 committed Dec 15, 2024
1 parent 427420b commit df97e40
Show file tree
Hide file tree
Showing 2 changed files with 15 additions and 12 deletions.
19 changes: 11 additions & 8 deletions e2e/main_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -43,7 +43,10 @@ import (
)

// Upgrade this when a new version is released
const vaultOperatorVersion = "1.22.4"
const (
defaultTimeout = 2 * time.Minute
vaultOperatorVersion = "1.22.4"
)

var testenv env.Environment

Expand Down Expand Up @@ -132,7 +135,7 @@ func installVaultOperator(ctx context.Context, cfg *envconf.Config) (context.Con
helm.WithArgs("--create-namespace"),
helm.WithVersion(vaultOperatorVersion),
helm.WithWait(),
helm.WithTimeout("2m"),
helm.WithTimeout(defaultTimeout.String()),
)
if err != nil {
return ctx, fmt.Errorf("installing vault-operator: %w", err)
Expand All @@ -148,7 +151,7 @@ func uninstallVaultOperator(ctx context.Context, cfg *envconf.Config) (context.C
helm.WithName("vault-operator"),
helm.WithNamespace("vault-operator"),
helm.WithWait(),
helm.WithTimeout("2m"),
helm.WithTimeout(defaultTimeout.String()),
)
if err != nil {
return ctx, fmt.Errorf("uninstalling vault-operator: %w", err)
Expand Down Expand Up @@ -176,7 +179,7 @@ func installVaultSecretsWebhook(ctx context.Context, cfg *envconf.Config) (conte
helm.WithNamespace("vault-secrets-webhook"),
helm.WithArgs("-f", "deploy/vault-secrets-webhook/values.yaml", "--set", "image.tag="+version),
helm.WithWait(),
helm.WithTimeout("2m"),
helm.WithTimeout(defaultTimeout.String()),
)
if err != nil {
return ctx, fmt.Errorf("installing vault-secrets-webhook: %w", err)
Expand All @@ -192,7 +195,7 @@ func uninstallVaultSecretsWebhook(ctx context.Context, cfg *envconf.Config) (con
helm.WithName("vault-secrets-webhook"),
helm.WithNamespace("vault-secrets-webhook"),
helm.WithWait(),
helm.WithTimeout("2m"),
helm.WithTimeout(defaultTimeout.String()),
)
if err != nil {
return ctx, fmt.Errorf("uninstalling vault-secrets-webhook: %w", err)
Expand Down Expand Up @@ -233,7 +236,7 @@ func installVault(ctx context.Context, cfg *envconf.Config) (context.Context, er
}

// wait for the statefulSet to become available
err = wait.For(conditions.New(r).ResourcesFound(statefulSets), wait.WithTimeout(1*time.Minute))
err = wait.For(conditions.New(r).ResourcesFound(statefulSets), wait.WithTimeout(defaultTimeout))
if err != nil {
return ctx, err
}
Expand All @@ -245,7 +248,7 @@ func installVault(ctx context.Context, cfg *envconf.Config) (context.Context, er
}

// wait for the pod to become available
err = wait.For(conditions.New(r).PodReady(&pod), wait.WithTimeout(1*time.Minute))
err = wait.For(conditions.New(r).PodReady(&pod), wait.WithTimeout(defaultTimeout))
if err != nil {
return ctx, err
}
Expand All @@ -263,7 +266,7 @@ func waitForVaultTLS(ctx context.Context, cfg *envconf.Config) (context.Context,
}

// wait for the vault-tls secret to become available
err := wait.For(conditions.New(cfg.Client().Resources()).ResourcesFound(vaultTLSSecrets), wait.WithTimeout(1*time.Minute))
err := wait.For(conditions.New(cfg.Client().Resources()).ResourcesFound(vaultTLSSecrets), wait.WithTimeout(defaultTimeout))
if err != nil {
return ctx, err
}
Expand Down
8 changes: 4 additions & 4 deletions pkg/webhook/config.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -412,25 +412,25 @@ func parseVaultConfig(obj metav1.Object, ar *model.AdmissionReview) VaultConfig
if val, err := resource.ParseQuantity(viper.GetString("VAULT_ENV_CPU_REQUEST")); err == nil {
vaultConfig.EnvCPURequest = val
} else {
vaultConfig.EnvCPURequest = resource.MustParse("50m")
vaultConfig.EnvCPURequest = resource.MustParse("100m")
}

if val, err := resource.ParseQuantity(viper.GetString("VAULT_ENV_MEMORY_REQUEST")); err == nil {
vaultConfig.EnvMemoryRequest = val
} else {
vaultConfig.EnvMemoryRequest = resource.MustParse("64Mi")
vaultConfig.EnvMemoryRequest = resource.MustParse("128Mi")
}

if val, err := resource.ParseQuantity(viper.GetString("VAULT_ENV_CPU_LIMIT")); err == nil {
vaultConfig.EnvCPULimit = val
} else {
vaultConfig.EnvCPULimit = resource.MustParse("250m")
vaultConfig.EnvCPULimit = resource.MustParse("500m")
}

if val, err := resource.ParseQuantity(viper.GetString("VAULT_ENV_MEMORY_LIMIT")); err == nil {
vaultConfig.EnvMemoryLimit = val
} else {
vaultConfig.EnvMemoryLimit = resource.MustParse("64Mi")
vaultConfig.EnvMemoryLimit = resource.MustParse("256Mi")
}

if val, ok := annotations[common.MutateProbesAnnotation]; ok {
Expand Down

0 comments on commit df97e40

Please sign in to comment.