diff --git a/crd-docs/cr/kiali.io_v1alpha1_kiali.yaml b/crd-docs/cr/kiali.io_v1alpha1_kiali.yaml index bdd6be068..19b72a5ad 100644 --- a/crd-docs/cr/kiali.io_v1alpha1_kiali.yaml +++ b/crd-docs/cr/kiali.io_v1alpha1_kiali.yaml @@ -57,6 +57,7 @@ spec: deployment: accessible_namespaces: ["^((?!(istio-operator|kube-.*|openshift.*|ibm.*|kiali-operator)).)*$"] + additional_pod_containers_yaml: {} # default: additional_service_yaml is empty additional_service_yaml: externalName: "kiali.example.com" diff --git a/crd-docs/crd/kiali.io_kialis.yaml b/crd-docs/crd/kiali.io_kialis.yaml index 4ff57cd69..3234f56cb 100644 --- a/crd-docs/crd/kiali.io_kialis.yaml +++ b/crd-docs/crd/kiali.io_kialis.yaml @@ -217,6 +217,10 @@ spec: type: array items: type: string + additional_pod_containers_yaml: + description: "Additional containers to add to the list of pod containers. Use this to add sidecar(s) to the Kiali pod. Use with care since sidecars may cause the Kiali container itself to operate incorrectly. It is up to the user who added the additional containers to ensure it works properly inside the Kiali pod; Kiali makes no guarantee additional containers will work. You can utilize container environment variables to pass data to the containers via mounted custom secrets (see spec.deployment.custom_secrets)." + type: object + x-kubernetes-preserve-unknown-fields: true additional_service_yaml: description: "Additional custom yaml to add to the service definition. This is used mainly to customize the service type. For example, if the `deployment.service_type` is set to 'LoadBalancer' and you want to set the loadBalancerIP, you can do so here with: `additional_service_yaml: { 'loadBalancerIP': '78.11.24.19' }`. Another example would be if the `deployment.service_type` is set to 'ExternalName' you will need to configure the name via: `additional_service_yaml: { 'externalName': 'my.kiali.example.com' }`. A final example would be if external IPs need to be set: `additional_service_yaml: { 'externalIPs': ['80.11.12.10'] }`" type: object diff --git a/manifests/kiali-community/1.54.0/manifests/kiali.v1.54.0.clusterserviceversion.yaml b/manifests/kiali-community/1.54.0/manifests/kiali.v1.54.0.clusterserviceversion.yaml index 8b87d6c27..4fcc250e8 100644 --- a/manifests/kiali-community/1.54.0/manifests/kiali.v1.54.0.clusterserviceversion.yaml +++ b/manifests/kiali-community/1.54.0/manifests/kiali.v1.54.0.clusterserviceversion.yaml @@ -227,6 +227,8 @@ spec: value: "false" - name: ALLOW_AD_HOC_KIALI_IMAGE value: "false" + - name: ALLOW_AD_HOC_CONTAINERS + value: "false" - name: PROFILE_TASKS_TASK_OUTPUT_LIMIT value: "100" - name: ANSIBLE_DEBUG_LOGS diff --git a/manifests/kiali-ossm/manifests/kiali.clusterserviceversion.yaml b/manifests/kiali-ossm/manifests/kiali.clusterserviceversion.yaml index 93a075bf3..eabf450f6 100644 --- a/manifests/kiali-ossm/manifests/kiali.clusterserviceversion.yaml +++ b/manifests/kiali-ossm/manifests/kiali.clusterserviceversion.yaml @@ -264,6 +264,8 @@ spec: value: "false" - name: ALLOW_AD_HOC_KIALI_IMAGE value: "false" + - name: ALLOW_AD_HOC_CONTAINERS + value: "false" - name: PROFILE_TASKS_TASK_OUTPUT_LIMIT value: "100" - name: ANSIBLE_DEBUG_LOGS diff --git a/manifests/kiali-upstream/1.54.0/manifests/kiali.v1.54.0.clusterserviceversion.yaml b/manifests/kiali-upstream/1.54.0/manifests/kiali.v1.54.0.clusterserviceversion.yaml index 5f02b98c5..93b2b54eb 100644 --- a/manifests/kiali-upstream/1.54.0/manifests/kiali.v1.54.0.clusterserviceversion.yaml +++ b/manifests/kiali-upstream/1.54.0/manifests/kiali.v1.54.0.clusterserviceversion.yaml @@ -227,6 +227,8 @@ spec: value: "false" - name: ALLOW_AD_HOC_KIALI_IMAGE value: "false" + - name: ALLOW_AD_HOC_CONTAINERS + value: "false" - name: PROFILE_TASKS_TASK_OUTPUT_LIMIT value: "100" - name: ANSIBLE_DEBUG_LOGS diff --git a/roles/default/kiali-deploy/defaults/main.yml b/roles/default/kiali-deploy/defaults/main.yml index 1e7fce9f1..e539e0aad 100644 --- a/roles/default/kiali-deploy/defaults/main.yml +++ b/roles/default/kiali-deploy/defaults/main.yml @@ -52,6 +52,7 @@ kiali_defaults: deployment: accessible_namespaces: ["^((?!(istio-operator|kube-.*|openshift.*|ibm.*|kiali-operator)).)*$"] + additional_pod_containers_yaml: {} #additional_service_yaml: affinity: node: {} diff --git a/roles/default/kiali-deploy/tasks/main.yml b/roles/default/kiali-deploy/tasks/main.yml index 866b4bff8..08bc43b77 100644 --- a/roles/default/kiali-deploy/tasks/main.yml +++ b/roles/default/kiali-deploy/tasks/main.yml @@ -143,6 +143,13 @@ # restrict to 40 chars, not 63, because instance_name is a prefix and we need to prepend additional chars for some resource names (like "-service-account") - kiali_vars.deployment.instance_name is not regex('^(?![0-9]+$)(?!-)[a-z0-9-]{,40}(? 0 + - lookup('env', 'ALLOW_AD_HOC_CONTAINERS') | default('false', True) != "true" + - set_fact: status_environment: "{{ status_environment | default({}) | combine({item.0: item.1}) }}" loop: "{{ data[0] | zip(data[1]) | list }}" diff --git a/roles/default/kiali-deploy/tasks/snake_camel_case.yaml b/roles/default/kiali-deploy/tasks/snake_camel_case.yaml index cdddbe4f1..45852e076 100644 --- a/roles/default/kiali-deploy/tasks/snake_camel_case.yaml +++ b/roles/default/kiali-deploy/tasks/snake_camel_case.yaml @@ -167,3 +167,12 @@ when: - kiali_vars.external_services.tracing.query_scope is defined - kiali_vars.external_services.tracing.query_scope | length > 0 + +- name: Replace snake_case with camelCase in deployment.additional_pod_containers_yaml + set_fact: + kiali_vars: | + {% set a=kiali_vars['deployment'].pop('additional_pod_containers_yaml') %} + {{ kiali_vars | combine({'deployment': {'additional_pod_containers_yaml': current_cr.spec.deployment.additional_pod_containers_yaml }}, recursive=True) }} + when: + - kiali_vars.deployment.additional_pod_containers_yaml is defined + - kiali_vars.deployment.additional_pod_containers_yaml | length > 0 diff --git a/roles/default/kiali-deploy/templates/kubernetes/deployment.yaml b/roles/default/kiali-deploy/templates/kubernetes/deployment.yaml index 40b527cff..fb7a48d4c 100644 --- a/roles/default/kiali-deploy/templates/kubernetes/deployment.yaml +++ b/roles/default/kiali-deploy/templates/kubernetes/deployment.yaml @@ -120,6 +120,9 @@ spec: {{ kiali_vars.deployment.resources | to_nice_yaml(indent=0) | trim | indent(10) }} {% else %} resources: null +{% endif %} +{% if kiali_vars.deployment.additional_pod_containers_yaml|length > 0 %} + {{ kiali_vars.deployment.additional_pod_containers_yaml | to_nice_yaml(indent=0) | trim | indent(6) }} {% endif %} volumes: - name: kiali-configuration diff --git a/roles/default/kiali-deploy/templates/openshift/deployment.yaml b/roles/default/kiali-deploy/templates/openshift/deployment.yaml index 05aa5e3c1..68ffac54a 100644 --- a/roles/default/kiali-deploy/templates/openshift/deployment.yaml +++ b/roles/default/kiali-deploy/templates/openshift/deployment.yaml @@ -124,6 +124,9 @@ spec: {{ kiali_vars.deployment.resources | to_nice_yaml(indent=0) | trim | indent(10) }} {% else %} resources: null +{% endif %} +{% if kiali_vars.deployment.additional_pod_containers_yaml|length > 0 %} + {{ kiali_vars.deployment.additional_pod_containers_yaml | to_nice_yaml(indent=0) | trim | indent(6) }} {% endif %} volumes: - name: kiali-configuration