From 0507e74eeb5cdd1413042ddc8476274fdbae3dd9 Mon Sep 17 00:00:00 2001 From: calvix Date: Thu, 16 May 2024 13:22:59 +0200 Subject: [PATCH] aws-pod-identity-china (#624) * aws-pod-identity-china * fix-dot * fix2 * aws-pod-identity-china * trim --- CHANGELOG.md | 4 ++++ .../templates/aws-pod-identity-webhook-app.yaml | 13 ++++++++++--- 2 files changed, 14 insertions(+), 3 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 489caf71..8b9c88b9 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -7,6 +7,10 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 ## [Unreleased] +### Changed + +- Set token audience for `aws-pod-identity-webhook` based on AWS region. + ## [0.76.0] - 2024-05-14 ### ⚠️ Breaking change diff --git a/helm/cluster-aws/templates/aws-pod-identity-webhook-app.yaml b/helm/cluster-aws/templates/aws-pod-identity-webhook-app.yaml index 0f451e63..be75580d 100644 --- a/helm/cluster-aws/templates/aws-pod-identity-webhook-app.yaml +++ b/helm/cluster-aws/templates/aws-pod-identity-webhook-app.yaml @@ -1,4 +1,12 @@ -{{- if .Values.global.apps.awsPodIdentityWebhook.values -}} +{{- define "awsPodIdentityWebhookValuesDefault" }} + aws: + tokenAudience: {{ include "awsApiServerApiAudiences" $ | trim -}} +{{- end }} +{{- $awsPodIdentityWebhookValues := (include "awsPodIdentityWebhookValuesDefault" $ ) | fromYaml -}} +{{- $customAwsPodIdentityWebhookValues := .Values.global.apps.awsPodIdentityWebhook.values -}} +{{- if $customAwsPodIdentityWebhookValues -}} +{{- $awsPodIdentityWebhookValues = mergeOverwrite $awsPodIdentityWebhookValues (deepCopy $customAwsPodIdentityWebhookValues) -}} +{{- end -}} apiVersion: v1 kind: ConfigMap metadata: @@ -8,8 +16,7 @@ metadata: {{- include "labels.common" . | nindent 4 }} data: values: | - {{- toYaml .Values.global.apps.awsPodIdentityWebhook.values | nindent 4 }} -{{- end }} + {{- $awsPodIdentityWebhookValues | toYaml | nindent 4 }} --- apiVersion: application.giantswarm.io/v1alpha1 kind: App