From 4f41ec46e49110f164f22bca4f3e56bdfe7c79a5 Mon Sep 17 00:00:00 2001
From: Gregor Tudan <Gregor@tudan.de>
Date: Fri, 22 Nov 2024 15:39:06 +0100
Subject: [PATCH] feat: allow templates in annotations (#256)

---------

Co-authored-by: Pierluigi Lenoci <pierluigi.lenoci@sap.com>
---
 helm/oauth2-proxy/Chart.yaml                  |  8 ++---
 helm/oauth2-proxy/ci/tpl-values.yaml          | 33 +++++++++++++++++++
 .../configmap-authenticated-emails-file.yaml  |  4 +--
 helm/oauth2-proxy/templates/configmap.yaml    |  4 +--
 helm/oauth2-proxy/templates/deployment.yaml   |  4 +--
 helm/oauth2-proxy/templates/hpa.yaml          |  4 +--
 helm/oauth2-proxy/templates/ingress.yaml      |  2 +-
 helm/oauth2-proxy/templates/secret-alpha.yaml |  5 +--
 .../secret-authenticated-emails-file.yaml     |  4 +--
 helm/oauth2-proxy/templates/secret.yaml       |  4 +--
 helm/oauth2-proxy/templates/service.yaml      |  4 +--
 .../templates/serviceaccount.yaml             |  2 +-
 .../templates/servicemonitor.yaml             |  2 +-
 13 files changed, 57 insertions(+), 23 deletions(-)

diff --git a/helm/oauth2-proxy/Chart.yaml b/helm/oauth2-proxy/Chart.yaml
index 3bcbba3c..fe850f01 100644
--- a/helm/oauth2-proxy/Chart.yaml
+++ b/helm/oauth2-proxy/Chart.yaml
@@ -1,5 +1,5 @@
 name: oauth2-proxy
-version: 7.7.31
+version: 7.8.0
 apiVersion: v2
 appVersion: 7.7.1
 home: https://oauth2-proxy.github.io/oauth2-proxy/
@@ -34,8 +34,8 @@ maintainers:
 kubeVersion: ">=1.16.0-0"
 annotations:
   artifacthub.io/changes: |
-    - kind: fixed
-      description: Added missing executable permission for check-redis.sh
+    - kind: added
+      description: allow templates in annotations
       links:
         - name: Github PR
-          url: https://github.com/oauth2-proxy/manifests/pull/255
+          url: https://github.com/oauth2-proxy/manifests/pull/256
diff --git a/helm/oauth2-proxy/ci/tpl-values.yaml b/helm/oauth2-proxy/ci/tpl-values.yaml
index 5b0adaef..d2176530 100644
--- a/helm/oauth2-proxy/ci/tpl-values.yaml
+++ b/helm/oauth2-proxy/ci/tpl-values.yaml
@@ -8,6 +8,8 @@ ingress:
   tls:
     - hosts:
         - "{{ $.Release.Name }}.local"
+  annotations:
+    test-annotations/test: "{{ $.Release.Name }}"
 oauth2-proxy:
   checkDeprecation: false
   config:
@@ -27,3 +29,34 @@ extraVolumes:
       items:
         - key: secret
           path: secret
+
+authenticatedEmailsFile:
+  annotations:
+    test-annotations/test: "{{ $.Release.Name }}"
+
+config:
+  annotations:
+    test-annotations/test: "{{ $.Release.Name }}"
+
+deploymentAnnotations:
+  test-annotations/test: "{{ $.Release.Name }}"
+
+autoscaling:
+  annotations:
+    test-annotations/test: "{{ $.Release.Name }}"
+
+alphaConfig:
+  annotations:
+    test-annotations/test: "{{ $.Release.Name }}"
+
+service:
+  annotations:
+    test-annotations/test: "{{ $.Release.Name }}"
+
+serviceAccount:
+  annotations:
+    test-annotations/test: "{{ $.Release.Name }}"
+
+serviceMonitor:
+  annotations:
+    test-annotations/test: "{{ $.Release.Name }}"
diff --git a/helm/oauth2-proxy/templates/configmap-authenticated-emails-file.yaml b/helm/oauth2-proxy/templates/configmap-authenticated-emails-file.yaml
index d9f9cffe..68c9d766 100644
--- a/helm/oauth2-proxy/templates/configmap-authenticated-emails-file.yaml
+++ b/helm/oauth2-proxy/templates/configmap-authenticated-emails-file.yaml
@@ -6,9 +6,9 @@ metadata:
   labels:
     app: {{ template "oauth2-proxy.name" . }}
 {{- include "oauth2-proxy.labels" . | indent 4 }}
-{{- if .Values.authenticatedEmailsFile.annotations }}
+{{- with .Values.authenticatedEmailsFile.annotations }}
   annotations:
-{{ toYaml .Values.authenticatedEmailsFile.annotations | indent 4 }}
+{{ tpl ( toYaml . ) $ | indent 4 }}
 {{- end }}
   name: {{ template "oauth2-proxy.fullname" . }}-accesslist
   namespace: {{ template "oauth2-proxy.namespace" $ }}
diff --git a/helm/oauth2-proxy/templates/configmap.yaml b/helm/oauth2-proxy/templates/configmap.yaml
index 94d7806d..0f164d23 100644
--- a/helm/oauth2-proxy/templates/configmap.yaml
+++ b/helm/oauth2-proxy/templates/configmap.yaml
@@ -3,9 +3,9 @@
 apiVersion: v1
 kind: ConfigMap
 metadata:
-{{- if .Values.config.annotations }}
+{{- with .Values.config.annotations }}
   annotations:
-{{ toYaml .Values.config.annotations | indent 4 }}
+{{ tpl ( toYaml . ) $ | indent 4 }}
 {{- end }}
   labels:
     app: {{ template "oauth2-proxy.name" . }}
diff --git a/helm/oauth2-proxy/templates/deployment.yaml b/helm/oauth2-proxy/templates/deployment.yaml
index 95a2359e..8ed2f70d 100644
--- a/helm/oauth2-proxy/templates/deployment.yaml
+++ b/helm/oauth2-proxy/templates/deployment.yaml
@@ -4,9 +4,9 @@ metadata:
   labels:
     app: {{ template "oauth2-proxy.name" . }}
 {{- include "oauth2-proxy.labels" . | indent 4 }}
-  {{- if .Values.deploymentAnnotations }}
+  {{- with .Values.deploymentAnnotations }}
   annotations:
-{{ toYaml .Values.deploymentAnnotations | indent 4 }}
+{{ tpl ( toYaml . ) $ | indent 4 }}
   {{- end }}
   name: {{ template "oauth2-proxy.fullname" . }}
   namespace: {{ template "oauth2-proxy.namespace" $ }}
diff --git a/helm/oauth2-proxy/templates/hpa.yaml b/helm/oauth2-proxy/templates/hpa.yaml
index 841964da..a6d74617 100644
--- a/helm/oauth2-proxy/templates/hpa.yaml
+++ b/helm/oauth2-proxy/templates/hpa.yaml
@@ -5,9 +5,9 @@ metadata:
   labels:
     app: {{ template "oauth2-proxy.name" . }}
 {{- include "oauth2-proxy.labels" . | indent 4 }}
-  {{- if .Values.autoscaling.annotations }}
+  {{- with .Values.autoscaling.annotations }}
   annotations:
-{{ toYaml .Values.autoscaling.annotations | indent 8 }}
+{{ tpl ( toYaml . ) $ | indent 8 }}
   {{- end }}
   name: {{ template "oauth2-proxy.fullname" . }}
   namespace: {{ template "oauth2-proxy.namespace" $ }}
diff --git a/helm/oauth2-proxy/templates/ingress.yaml b/helm/oauth2-proxy/templates/ingress.yaml
index 53238204..8cc7953e 100644
--- a/helm/oauth2-proxy/templates/ingress.yaml
+++ b/helm/oauth2-proxy/templates/ingress.yaml
@@ -17,7 +17,7 @@ metadata:
   namespace: {{ template "oauth2-proxy.namespace" $ }}
 {{- with .Values.ingress.annotations }}
   annotations:
-{{ toYaml . | indent 4 }}
+{{ tpl ( toYaml . ) $ | indent 4 }}
 {{- end }}
 spec:
   {{- if and .Values.ingress.className ( eq "true" ( include "ingress.supportsIngressClassName" . ) ) }}
diff --git a/helm/oauth2-proxy/templates/secret-alpha.yaml b/helm/oauth2-proxy/templates/secret-alpha.yaml
index 15bb8933..ba2c02d5 100644
--- a/helm/oauth2-proxy/templates/secret-alpha.yaml
+++ b/helm/oauth2-proxy/templates/secret-alpha.yaml
@@ -7,8 +7,9 @@
 apiVersion: v1
 kind: Secret
 metadata:
-{{- if .Values.alphaConfig.annotations }}
-  annotations: {{- toYaml .Values.alphaConfig.annotations | nindent 4 }}
+{{- with .Values.alphaConfig.annotations }}
+  annotations:
+{{ tpl ( toYaml . ) $ | indent 4 }}
 {{- end }}
   labels:
     app: {{ template "oauth2-proxy.name" . }}
diff --git a/helm/oauth2-proxy/templates/secret-authenticated-emails-file.yaml b/helm/oauth2-proxy/templates/secret-authenticated-emails-file.yaml
index 95f85a80..9b607dd3 100644
--- a/helm/oauth2-proxy/templates/secret-authenticated-emails-file.yaml
+++ b/helm/oauth2-proxy/templates/secret-authenticated-emails-file.yaml
@@ -7,9 +7,9 @@ metadata:
   labels:
     app: {{ template "oauth2-proxy.name" . }}
 {{- include "oauth2-proxy.labels" . | indent 4 }}
-{{- if .Values.authenticatedEmailsFile.annotations }}
+{{- with .Values.authenticatedEmailsFile.annotations }}
   annotations:
-{{ toYaml .Values.authenticatedEmailsFile.annotations | indent 4 }}
+{{ tpl ( toYaml . ) $ | indent 4 }}
 {{- end }}
   name: {{ template "oauth2-proxy.fullname" . }}-accesslist
   namespace: {{ template "oauth2-proxy.namespace" $ }}
diff --git a/helm/oauth2-proxy/templates/secret.yaml b/helm/oauth2-proxy/templates/secret.yaml
index f3364e95..a0418434 100644
--- a/helm/oauth2-proxy/templates/secret.yaml
+++ b/helm/oauth2-proxy/templates/secret.yaml
@@ -2,9 +2,9 @@
 apiVersion: v1
 kind: Secret
 metadata:
-{{- if .Values.config.annotations }}
+{{- with .Values.config.annotations }}
   annotations:
-{{ toYaml .Values.config.annotations | indent 4 }}
+{{ tpl ( toYaml . ) $ | indent 4 }}
 {{- end }}
   labels:
     app: {{ template "oauth2-proxy.name" . }}
diff --git a/helm/oauth2-proxy/templates/service.yaml b/helm/oauth2-proxy/templates/service.yaml
index e2e8f9d9..e8d02aeb 100644
--- a/helm/oauth2-proxy/templates/service.yaml
+++ b/helm/oauth2-proxy/templates/service.yaml
@@ -6,9 +6,9 @@ metadata:
 {{- include "oauth2-proxy.labels" . | indent 4 }}
   name: {{ template "oauth2-proxy.fullname" . }}
   namespace: {{ template "oauth2-proxy.namespace" $ }}
-{{- if .Values.service.annotations }}
+{{- with .Values.service.annotations }}
   annotations:
-{{ toYaml .Values.service.annotations | indent 4 }}
+{{ tpl ( toYaml . ) $ | indent 4 }}
 {{- end }}
 spec:
 {{- if (or (eq .Values.service.type "ClusterIP") (empty .Values.service.type)) }}
diff --git a/helm/oauth2-proxy/templates/serviceaccount.yaml b/helm/oauth2-proxy/templates/serviceaccount.yaml
index 2a89c4b9..e38cd7a7 100644
--- a/helm/oauth2-proxy/templates/serviceaccount.yaml
+++ b/helm/oauth2-proxy/templates/serviceaccount.yaml
@@ -10,7 +10,7 @@ kind: ServiceAccount
 metadata:
   {{- with .Values.serviceAccount.annotations }}
   annotations:
-    {{- toYaml . | nindent 4 }}
+{{ tpl ( toYaml . ) $ | indent 4 }}
   {{- end }}
   labels:
     app: {{ $name }}
diff --git a/helm/oauth2-proxy/templates/servicemonitor.yaml b/helm/oauth2-proxy/templates/servicemonitor.yaml
index 3802666b..99d62fd4 100644
--- a/helm/oauth2-proxy/templates/servicemonitor.yaml
+++ b/helm/oauth2-proxy/templates/servicemonitor.yaml
@@ -4,7 +4,7 @@ kind: ServiceMonitor
 metadata:
   {{- with .Values.metrics.serviceMonitor.annotations }}
   annotations:
-    {{- toYaml . | nindent 4 }}
+{{ tpl ( toYaml . ) $ | indent 4 }}
   {{- end }}
   name: {{ template "oauth2-proxy.fullname" . }}
 {{- if .Values.metrics.serviceMonitor.namespace }}