From 0a7077bba04ae1ae76e168e7c2a7e861791076df Mon Sep 17 00:00:00 2001 From: Flamarion Jorge Date: Fri, 2 Feb 2024 15:35:15 +0100 Subject: [PATCH 1/3] feat: Add custom CA support to Launch Agent --- charts/launch-agent/Chart.yaml | 2 +- charts/launch-agent/README.md | 3 ++- charts/launch-agent/templates/deployment.yaml | 20 ++++++++++++++++++- charts/launch-agent/values.yaml | 8 ++++++++ 4 files changed, 30 insertions(+), 3 deletions(-) diff --git a/charts/launch-agent/Chart.yaml b/charts/launch-agent/Chart.yaml index cbf320f1..66430bee 100644 --- a/charts/launch-agent/Chart.yaml +++ b/charts/launch-agent/Chart.yaml @@ -3,7 +3,7 @@ name: launch-agent icon: https://em-content.zobj.net/thumbs/240/apple/354/rocket_1f680.png description: A Helm chart for running the W&B Launch Agent in Kubernetes type: application -version: 0.11.9 +version: 0.12.9 maintainers: - name: wandb email: support@wandb.com diff --git a/charts/launch-agent/README.md b/charts/launch-agent/README.md index bd422d91..70a9aaa1 100644 --- a/charts/launch-agent/README.md +++ b/charts/launch-agent/README.md @@ -49,7 +49,7 @@ The table below describes all the available variables in the chart: | `agent.nodeSelector` | object | No | `{}` | Node selector for the agent pod. | | `agent.resources` | object | No | Limit to 1 CPU, 1Gi RAM | Pod spec resources block for the agent. true | | `agent.startTimeout` | int | No | `1800` | Timeout in seconds that the agent will wait for a job to start before timing out. | -| `agent.minAvailable` | int | No | `1` | Keep at 1 to prevent voluntary disruptions of the agent pod. Set to 0 to enable voluntary disruptions. +| `agent.minAvailable` | int | No | `1` | Keep at 1 to prevent voluntary disruptions of the agent pod. Set to 0 to enable voluntary disruptions. | | `namespace` | string | No | `wandb` | The namespace to deploy the agent into. | | `additionalTargetNamespaces` | list(string) | No | [`wandb`,`default`] | A list of namespaces the agent can run jobs in. | | `baseUrl` | string | No | `https://api.wandb.ai` | URL of your W&B server api. | @@ -60,3 +60,4 @@ The table below describes all the available variables in the chart: | `azureStorageAccessKey` | string | No | "" | Azure storage access key required for kaniko to acces build contexts in azure blob storage. | | `additionalEnvVars` | map(string) | No | {} | Map with environment variables to be set in the Launch Agent pod. | | `additionalSecretEnvVars` | map(string) | No | {} | Map with environment variables to be stored in the `launch-agent-secret-env-vars` secret and set in the Launch Agent Pod | +| `customCABundle` | object | No | {} | ConfigMap name and key with the CA Bundle content | diff --git a/charts/launch-agent/templates/deployment.yaml b/charts/launch-agent/templates/deployment.yaml index 2b7d4954..051b4e9a 100644 --- a/charts/launch-agent/templates/deployment.yaml +++ b/charts/launch-agent/templates/deployment.yaml @@ -6,7 +6,7 @@ metadata: namespace: {{ .Values.namespace }} annotations: checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }} - checksum/config: {{ include (print $.Template.BasePath "/secret.yaml") . | sha256sum }} + checksum/secret: {{ include (print $.Template.BasePath "/secret.yaml") . | sha256sum }} spec: replicas: 1 strategy: @@ -73,6 +73,10 @@ spec: key: {{ .name }} {{- end }} {{- end }} + {{- if and .Values.customCABundle.configMap.name .Values.customCABundle.configMap.key }} + - name: REQUESTS_CA_BUNDLE + value: /usr/local/share/ca-certificates/custom-ca.crt + {{- end }} volumeMounts: - name: wandb-launch-config mountPath: /home/launch_agent/.config/wandb @@ -85,6 +89,12 @@ spec: mountPath: /home/launch_agent/ readOnly: true {{ end }} + {{- if and .Values.customCABundle.configMap.name .Values.customCABundle.configMap.key }} + - name: custom-cabundle + mountPath: /usr/local/share/ca-certificates/custom-ca.crt + subPath: custom-ca.crt + readOnly: true + {{ end }} volumes: - name: wandb-launch-config configMap: @@ -97,6 +107,14 @@ spec: secret: secretName: git-config {{ end}} + {{- if and .Values.customCABundle.configMap.name .Values.customCABundle.configMap.key }} + - name: custom-cabundle + configMap: + name: {{ .Values.customCABundle.configMap.name }} + items: + - key: {{ .Values.customCABundle.configMap.key }} + path: custom-ca.crt + {{- end}} nodeSelector: {{- toYaml .Values.agent.nodeSelector | nindent 8 }} --- diff --git a/charts/launch-agent/values.yaml b/charts/launch-agent/values.yaml index 65e252f3..13f8b60c 100644 --- a/charts/launch-agent/values.yaml +++ b/charts/launch-agent/values.yaml @@ -63,3 +63,11 @@ serviceAccount: # Set to access key for azure storage if using kaniko with azure. azureStorageAccessKey: "" + +# Configure the agent to use a custom CA certificate bundle. +# This is useful if you need to use a self-signed certificate. +# The value should be the name of a configMap with the contents of the CA bundle. +customCABundle: + configMap: + name: + key: \ No newline at end of file From 5828282c1be74dcfdddf78a620fe0fc90718e183 Mon Sep 17 00:00:00 2001 From: Flamarion Jorge Date: Fri, 2 Feb 2024 15:46:50 +0100 Subject: [PATCH 2/3] Fix minor version --- charts/launch-agent/Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/launch-agent/Chart.yaml b/charts/launch-agent/Chart.yaml index 66430bee..cb8f8f76 100644 --- a/charts/launch-agent/Chart.yaml +++ b/charts/launch-agent/Chart.yaml @@ -3,7 +3,7 @@ name: launch-agent icon: https://em-content.zobj.net/thumbs/240/apple/354/rocket_1f680.png description: A Helm chart for running the W&B Launch Agent in Kubernetes type: application -version: 0.12.9 +version: 0.12.0 maintainers: - name: wandb email: support@wandb.com From 53f4d1cf7fdd95a88f7fbf172cadf9f712204e2b Mon Sep 17 00:00:00 2001 From: Flamarion Jorge Date: Fri, 2 Feb 2024 15:48:55 +0100 Subject: [PATCH 3/3] New line at the end of values.yaml to make the lint happy --- charts/launch-agent/values.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/launch-agent/values.yaml b/charts/launch-agent/values.yaml index 13f8b60c..7713a6b9 100644 --- a/charts/launch-agent/values.yaml +++ b/charts/launch-agent/values.yaml @@ -70,4 +70,4 @@ azureStorageAccessKey: "" customCABundle: configMap: name: - key: \ No newline at end of file + key: