Skip to content

add support for overriding name of PDB#5090

Merged
Skarlso merged 8 commits intoexternal-secrets:mainfrom
megashby:feat-override-pdb-naming
Aug 8, 2025
Merged

add support for overriding name of PDB#5090
Skarlso merged 8 commits intoexternal-secrets:mainfrom
megashby:feat-override-pdb-naming

Conversation

@megashby
Copy link
Copy Markdown
Contributor

@megashby megashby commented Aug 1, 2025
edited
Loading

Problem Statement

Reporter wanted a way to have more control over the naming convention of the PDB, and the previous logic of suffixing with -pdb was not sufficient

Related Issue

Fixes #5042

Proposed Changes

Allow overriding the name of the PodDisruptionValue , webhook PodDisruption Budget, and Cert controller pod disruption budgets by first checking for .podDisruptionBudget.nameOverride before defaulting to original values

Checklist

  • I have read the contribution guidelines
  • All commits are signed with git commit --signoff
  • My changes have reasonable test coverage
  • All tests pass with make test
  • I ensured my PR is ready for review with make reviewable
Screenshot 2025-08-03 at 10 38 50 AM

@megashby megashby requested a review from a team as a code owner August 1, 2025 02:52
@megashby megashby requested a review from Skarlso August 1, 2025 02:52
@Skarlso
Copy link
Copy Markdown
Contributor

Skarlso commented Aug 1, 2025

Yes, please move it into the _helpers.tpl file. 🙇

And then apply to all three pod distribution budget templates.

megashby added 2 commits August 2, 2025 17:46
@megashby
add support for overriding name of PDB
df408cb 
Signed-off-by: Meg Ashby <meg@alloy.com>
@megashby
moving logic to _helpers.tpl, also making changes to webhook and cert…
e1f5c51 
…Controller pdbs

Signed-off-by: Meg Ashby <meg@alloy.com>
@megashby megashby force-pushed the feat-override-pdb-naming branch from c38d2f4 to e1f5c51 Compare August 2, 2025 21:47
Skarlso
Skarlso reviewed Aug 3, 2025
View reviewed changes
deploy/charts/external-secrets/templates/_helpers.tpl
{{- end -}}

{{- define "external-secrets.pdbName" -}}
{{- .Values.podDisruptionBudget.nameOverride | default (printf "%s-pdb" (include "external-secrets.fullname" .)) }}
Copy link
Copy Markdown
Contributor

@Skarlso Skarlso Aug 3, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This does not exist yet. nameOverride is not a thing in the values.yaml file. Make sure you create that first. :)

Then add a little test like this:

suite: test pod distribution budget deployment
templates:
  - poddisruptionbudget.yaml
tests:
  - it: should set podDisruptionBudget to set value if given
    set:
      podDisruptionBudget.nameOverride: MyCustomName
    asserts:
      - equal:
          path: metadata.name
          value: MyCustomName

Or something like that into a new file under deploy/charts/external-secrets/tests. And once you run make helm.test you should see your new test there. And then make it fail by setting something different for MyCustonName and that should give you some confidence as to what you wrote is actually working. :)

Copy link
Copy Markdown
Contributor Author

@megashby megashby Aug 3, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks so much for the guidance, makes total sense. I will attach screenshots of local test output to the main thread of this PR to show they've passed.

megashby and others added 3 commits August 3, 2025 10:23
@megashby
add test cases for each pdb type, add in defaults to values.aml
2e68174 
Signed-off-by: Meg Ashby <meg@alloy.com>
@megashby
add docs
227f6a9 
Signed-off-by: Meg Ashby <meg@alloy.com>
@megashby
Merge branch 'main' into feat-override-pdb-naming
78b3301 
Signed-off-by: Meg Ashby <megashby@comcast.net>
@megashby megashby requested a review from Skarlso August 6, 2025 14:20
Skarlso
Skarlso reviewed Aug 7, 2025
View reviewed changes
Copy link
Copy Markdown
Contributor

@Skarlso Skarlso left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just one comment. This looks fantastic already. :) Thank you!

deploy/charts/external-secrets/templates/_helpers.tpl Outdated
{{/*
Create the name of the pod disruption budget to use in the webhook
*/}}
{{- define "external-secrets.webookPdbName" -}}
Copy link
Copy Markdown
Contributor

@Skarlso Skarlso Aug 7, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Type in the name. webook.

Copy link
Copy Markdown
Contributor Author

@megashby megashby Aug 7, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

omg, shame. 🙈

Copy link
Copy Markdown
Contributor Author

@megashby megashby Aug 7, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

resolved 👍

megashby added 2 commits August 7, 2025 11:26
@megashby
Update _helpers.tpl
f4a30ef 
Signed-off-by: Meg Ashby <megashby@comcast.net>
@megashby
Update webhook-poddisruptionbudget.yaml
2f6a1de 
Signed-off-by: Meg Ashby <megashby@comcast.net>
@Skarlso
Copy link
Copy Markdown
Contributor

Skarlso commented Aug 8, 2025

/ok-to-test sha=2f6a1de3b8b6a6106307c6fb66d6bbeb99bbaefd

@eso-service-account-app
Copy link
Copy Markdown
Contributor

eso-service-account-app bot commented Aug 8, 2025

[Bot] - ✅ e2e for 2f6a1de3b8b6a6106307c6fb66d6bbeb99bbaefd passed

@sonarqubecloud
Copy link
Copy Markdown

sonarqubecloud bot commented Aug 8, 2025

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@Skarlso Skarlso merged commit b798d6d into external-secrets:main Aug 8, 2025
22 checks passed
alliseeisgold pushed a commit to alliseeisgold/external-secrets that referenced this pull request Aug 25, 2025
@megashby @Skarlso
add support for overriding name of PDB (external-secrets#5090)
358fa34 
* add support for overriding name of PDB

Signed-off-by: Meg Ashby <meg@alloy.com>

* moving logic to _helpers.tpl, also making changes to webhook and certController pdbs

Signed-off-by: Meg Ashby <meg@alloy.com>

* add test cases for each pdb type, add in defaults to values.aml

Signed-off-by: Meg Ashby <meg@alloy.com>

* add docs

Signed-off-by: Meg Ashby <meg@alloy.com>

* Update _helpers.tpl

Signed-off-by: Meg Ashby <megashby@comcast.net>

* Update webhook-poddisruptionbudget.yaml

Signed-off-by: Meg Ashby <megashby@comcast.net>

---------

Signed-off-by: Meg Ashby <meg@alloy.com>
Signed-off-by: Meg Ashby <megashby@comcast.net>
Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Skarlso Skarlso Skarlso approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

PDB naming convention

2 participants

@megashby @Skarlso