From 0cc1ef0d9b814a1e4e33067824d9979fe09021aa Mon Sep 17 00:00:00 2001
From: gdabisias <gdabisias@nvidia.com>
Date: Fri, 25 Aug 2023 15:43:00 +0200
Subject: [PATCH] Fix cluster secrets access for flyte-core helm charts when
 used in multi-cluster setup

Signed-off-by: gdabisias <gdabisias@nvidia.com>
---
 charts/flyte-core/templates/admin/deployment.yaml           | 2 ++
 .../templates/clusterresourcesync/deployment.yaml           | 6 +++---
 deployment/eks/flyte_aws_scheduler_helm_generated.yaml      | 2 ++
 deployment/eks/flyte_helm_controlplane_generated.yaml       | 2 ++
 deployment/eks/flyte_helm_generated.yaml                    | 2 ++
 deployment/gcp/flyte_helm_controlplane_generated.yaml       | 2 ++
 deployment/gcp/flyte_helm_generated.yaml                    | 2 ++
 deployment/sandbox/flyte_helm_generated.yaml                | 2 ++
 8 files changed, 17 insertions(+), 3 deletions(-)

diff --git a/charts/flyte-core/templates/admin/deployment.yaml b/charts/flyte-core/templates/admin/deployment.yaml
index 97deb99457..81587d1973 100755
--- a/charts/flyte-core/templates/admin/deployment.yaml
+++ b/charts/flyte-core/templates/admin/deployment.yaml
@@ -72,6 +72,8 @@ spec:
             name: clusters-config-volume
           - mountPath: /etc/secrets/
             name: admin-secrets
+          - mountPath: /var/run/credentials
+            name: cluster-secrets
         {{- end }}
         - name: generate-secrets
           image: "{{ .Values.flyteadmin.image.repository }}:{{ .Values.flyteadmin.image.tag }}"
diff --git a/charts/flyte-core/templates/clusterresourcesync/deployment.yaml b/charts/flyte-core/templates/clusterresourcesync/deployment.yaml
index b89a599ab7..7f3ad78269 100644
--- a/charts/flyte-core/templates/clusterresourcesync/deployment.yaml
+++ b/charts/flyte-core/templates/clusterresourcesync/deployment.yaml
@@ -41,7 +41,7 @@ spec:
             name: config-volume
           {{- if gt (len .Values.configmap.clusters.labelClusterMap) 0 }}
           - mountPath: /var/run/credentials
-            name: flyte-admin-secrets
+            name: cluster-secrets
           {{- end }}
       serviceAccountName: {{ .Values.cluster_resource_manager.service_account_name }}
       {{- if .Values.cluster_resource_manager.resources }}
@@ -55,9 +55,9 @@ spec:
             name: flyte-clusterresourcesync-config
           name: config-volume
         {{- if gt (len .Values.configmap.clusters.labelClusterMap) 0 }}
-        - name: flyte-admin-secrets
+        - name: cluster-secrets
           secret:
-            secretName: flyte-admin-secrets
+            secretName: cluster-secrets
         {{- end }}
         {{- if .Values.cluster_resource_manager.config.cluster_resources.standaloneDeployment }}
         - name: auth
diff --git a/deployment/eks/flyte_aws_scheduler_helm_generated.yaml b/deployment/eks/flyte_aws_scheduler_helm_generated.yaml
index 1d7f38973f..23004e5329 100644
--- a/deployment/eks/flyte_aws_scheduler_helm_generated.yaml
+++ b/deployment/eks/flyte_aws_scheduler_helm_generated.yaml
@@ -912,6 +912,8 @@ spec:
             name: clusters-config-volume
           - mountPath: /etc/secrets/
             name: admin-secrets
+          - mountPath: /var/run/credentials
+            name: cluster-secrets
         - name: generate-secrets
           image: "cr.flyte.org/flyteorg/flyteadmin:v1.1.118"
           imagePullPolicy: "IfNotPresent"
diff --git a/deployment/eks/flyte_helm_controlplane_generated.yaml b/deployment/eks/flyte_helm_controlplane_generated.yaml
index 67f3c30ade..98865881a0 100644
--- a/deployment/eks/flyte_helm_controlplane_generated.yaml
+++ b/deployment/eks/flyte_helm_controlplane_generated.yaml
@@ -618,6 +618,8 @@ spec:
             name: clusters-config-volume
           - mountPath: /etc/secrets/
             name: admin-secrets
+          - mountPath: /var/run/credentials
+            name: cluster-secrets
         - name: generate-secrets
           image: "cr.flyte.org/flyteorg/flyteadmin:v1.1.118"
           imagePullPolicy: "IfNotPresent"
diff --git a/deployment/eks/flyte_helm_generated.yaml b/deployment/eks/flyte_helm_generated.yaml
index 1d9d44f45e..ac726f0b0b 100644
--- a/deployment/eks/flyte_helm_generated.yaml
+++ b/deployment/eks/flyte_helm_generated.yaml
@@ -943,6 +943,8 @@ spec:
             name: clusters-config-volume
           - mountPath: /etc/secrets/
             name: admin-secrets
+          - mountPath: /var/run/credentials
+            name: cluster-secrets
         - name: generate-secrets
           image: "cr.flyte.org/flyteorg/flyteadmin:v1.1.118"
           imagePullPolicy: "IfNotPresent"
diff --git a/deployment/gcp/flyte_helm_controlplane_generated.yaml b/deployment/gcp/flyte_helm_controlplane_generated.yaml
index 4f0981d1cd..2fea809bf7 100644
--- a/deployment/gcp/flyte_helm_controlplane_generated.yaml
+++ b/deployment/gcp/flyte_helm_controlplane_generated.yaml
@@ -633,6 +633,8 @@ spec:
             name: clusters-config-volume
           - mountPath: /etc/secrets/
             name: admin-secrets
+          - mountPath: /var/run/credentials
+            name: cluster-secrets
         - name: generate-secrets
           image: "cr.flyte.org/flyteorg/flyteadmin:v1.1.118"
           imagePullPolicy: "IfNotPresent"
diff --git a/deployment/gcp/flyte_helm_generated.yaml b/deployment/gcp/flyte_helm_generated.yaml
index c51da57718..1f2e5b8c4c 100644
--- a/deployment/gcp/flyte_helm_generated.yaml
+++ b/deployment/gcp/flyte_helm_generated.yaml
@@ -966,6 +966,8 @@ spec:
             name: clusters-config-volume
           - mountPath: /etc/secrets/
             name: admin-secrets
+          - mountPath: /var/run/credentials
+            name: cluster-secrets
         - name: generate-secrets
           image: "cr.flyte.org/flyteorg/flyteadmin:v1.1.118"
           imagePullPolicy: "IfNotPresent"
diff --git a/deployment/sandbox/flyte_helm_generated.yaml b/deployment/sandbox/flyte_helm_generated.yaml
index ba20c28212..aa626de336 100644
--- a/deployment/sandbox/flyte_helm_generated.yaml
+++ b/deployment/sandbox/flyte_helm_generated.yaml
@@ -6786,6 +6786,8 @@ spec:
             name: clusters-config-volume
           - mountPath: /etc/secrets/
             name: admin-secrets
+          - mountPath: /var/run/credentials
+            name: cluster-secrets
         - name: generate-secrets
           image: "cr.flyte.org/flyteorg/flyteadmin:v1.1.118"
           imagePullPolicy: "IfNotPresent"