From e0eb5d20f16bb7e23806e4f0d9ad5e2bb7ae39b3 Mon Sep 17 00:00:00 2001 From: Eric Paulsen Date: Tue, 18 Oct 2022 21:23:26 -0500 Subject: [PATCH 01/11] helm: add certs secret mount --- helm/templates/_helpers.tpl | 10 ++++++++++ helm/values.yaml | 10 ++++++++++ 2 files changed, 20 insertions(+) diff --git a/helm/templates/_helpers.tpl b/helm/templates/_helpers.tpl index b0b04baacbe20..3d7c5e4468ac3 100644 --- a/helm/templates/_helpers.tpl +++ b/helm/templates/_helpers.tpl @@ -98,6 +98,11 @@ volumes: secret: secretName: {{ .Values.coder.tls.secretName | quote }} {{- end }} +{{- if .Values.certs.secret.name }} +- name: {{ .Values.certs.secret.name | quote }} + secret: + secretName: {{ .Values.certs.secret.name | quote }} +{{- end }} {{- else }} volumes: {{ if and (not .Values.coder.tls.secretNames) (not .Values.coder.tls.secretName) }}[]{{ end }} {{- end }} @@ -119,6 +124,11 @@ volumeMounts: mountPath: "/etc/ssl/certs/coder/{{ .Values.coder.tls.secretName }}" readOnly: true {{- end }} +{{- if .Values.certs.secret.name }} +- name: {{ .Values.coder.certs.secret.name | quote }} + mountPath: /etc/ssl/certs/{{ .Values.certs.secret.key }} + subPath: {{ .Values.certs.secret.key | quote }} + readOnly: true {{- else }} volumeMounts: [] {{- end }} diff --git a/helm/values.yaml b/helm/values.yaml index 392a53c187492..b568efb916a01 100644 --- a/helm/values.yaml +++ b/helm/values.yaml @@ -33,6 +33,8 @@ coder: # It is recommended to keep this on if you are using Kubernetes templates # within Coder. workspacePerms: true + # coder.serviceAccount.annotations -- The Coder service account annotations. + # coder.env -- The environment variables to set for Coder. These can be used # to configure all aspects of `coder server`. Please see `coder server --help` @@ -68,6 +70,14 @@ coder: # cpu: 100m # memory: 128Mi + # coder.certs -- Certificate to mount inside the Coder pod (e.g. CA bundle). + certs: + secret: + # coder.certs.secret.name -- Name of the secret. + name: "" + # coder.certs.secret.key -- Key pointing to a certificate in the secret. + key: "" + # coder.service -- The Service object to expose for Coder. service: # coder.service.enable -- Whether to create the Service object. From 28555c1e484b4929232b7c5772eee6a782183f2d Mon Sep 17 00:00:00 2001 From: Eric Paulsen Date: Tue, 18 Oct 2022 21:27:43 -0500 Subject: [PATCH 02/11] fix: values ref --- helm/templates/_helpers.tpl | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/helm/templates/_helpers.tpl b/helm/templates/_helpers.tpl index 3d7c5e4468ac3..b10b6318964f1 100644 --- a/helm/templates/_helpers.tpl +++ b/helm/templates/_helpers.tpl @@ -98,10 +98,10 @@ volumes: secret: secretName: {{ .Values.coder.tls.secretName | quote }} {{- end }} -{{- if .Values.certs.secret.name }} -- name: {{ .Values.certs.secret.name | quote }} +{{- if .Values.coder.certs.secret.name }} +- name: {{ .Values.coder.certs.secret.name | quote }} secret: - secretName: {{ .Values.certs.secret.name | quote }} + secretName: {{ .Values.coder.certs.secret.name | quote }} {{- end }} {{- else }} volumes: {{ if and (not .Values.coder.tls.secretNames) (not .Values.coder.tls.secretName) }}[]{{ end }} @@ -124,10 +124,10 @@ volumeMounts: mountPath: "/etc/ssl/certs/coder/{{ .Values.coder.tls.secretName }}" readOnly: true {{- end }} -{{- if .Values.certs.secret.name }} +{{- if .Values.coder.certs.secret.name }} - name: {{ .Values.coder.certs.secret.name | quote }} - mountPath: /etc/ssl/certs/{{ .Values.certs.secret.key }} - subPath: {{ .Values.certs.secret.key | quote }} + mountPath: /etc/ssl/certs/{{ .Values.coder.certs.secret.key }} + subPath: {{ .Values.coder.certs.secret.key | quote }} readOnly: true {{- else }} volumeMounts: [] From 7444091333a55d2e3834b930a95079c512a6327a Mon Sep 17 00:00:00 2001 From: Eric Paulsen Date: Tue, 18 Oct 2022 21:39:09 -0500 Subject: [PATCH 03/11] fix: conditional brackets --- helm/templates/_helpers.tpl | 1 + 1 file changed, 1 insertion(+) diff --git a/helm/templates/_helpers.tpl b/helm/templates/_helpers.tpl index b10b6318964f1..e52e6e1d854a6 100644 --- a/helm/templates/_helpers.tpl +++ b/helm/templates/_helpers.tpl @@ -129,6 +129,7 @@ volumeMounts: mountPath: /etc/ssl/certs/{{ .Values.coder.certs.secret.key }} subPath: {{ .Values.coder.certs.secret.key | quote }} readOnly: true +{{- end }} {{- else }} volumeMounts: [] {{- end }} From b816d6a3e3e575c01be16537d18807b0621eba05 Mon Sep 17 00:00:00 2001 From: Eric Paulsen Date: Tue, 18 Oct 2022 22:42:58 -0500 Subject: [PATCH 04/11] rm: comment --- helm/values.yaml | 2 -- 1 file changed, 2 deletions(-) diff --git a/helm/values.yaml b/helm/values.yaml index b568efb916a01..e533acec55de2 100644 --- a/helm/values.yaml +++ b/helm/values.yaml @@ -33,8 +33,6 @@ coder: # It is recommended to keep this on if you are using Kubernetes templates # within Coder. workspacePerms: true - # coder.serviceAccount.annotations -- The Coder service account annotations. - # coder.env -- The environment variables to set for Coder. These can be used # to configure all aspects of `coder server`. Please see `coder server --help` From c133461ee098b0e0511e6db0162134fc4bf7f9eb Mon Sep 17 00:00:00 2001 From: Eric Paulsen Date: Wed, 19 Oct 2022 10:35:35 -0500 Subject: [PATCH 05/11] refactor: cert secrets list --- helm/templates/_helpers.tpl | 23 +++++++++++------------ helm/values.yaml | 9 ++++----- 2 files changed, 15 insertions(+), 17 deletions(-) diff --git a/helm/templates/_helpers.tpl b/helm/templates/_helpers.tpl index e52e6e1d854a6..184759cb68bde 100644 --- a/helm/templates/_helpers.tpl +++ b/helm/templates/_helpers.tpl @@ -86,7 +86,7 @@ Scheme Coder volume definitions. */}} {{- define "coder.volumes" }} -{{- if or .Values.coder.tls.secretNames .Values.coder.tls.secretName }} +{{- if or .Values.coder.tls.secretNames .Values.coder.tls.secretName .Values.coder.certs.secretNames }} volumes: {{ range $secretName := .Values.coder.tls.secretNames -}} - name: "tls-{{ $secretName }}" @@ -98,13 +98,13 @@ volumes: secret: secretName: {{ .Values.coder.tls.secretName | quote }} {{- end }} -{{- if .Values.coder.certs.secret.name }} -- name: {{ .Values.coder.certs.secret.name | quote }} +{{ range $certSecretNames := .Values.coder.certs.secretNames -}} +- name: {{ $certSecretNames | quote }} secret: - secretName: {{ .Values.coder.certs.secret.name | quote }} -{{- end }} + secretName: {{ $certSecretNames | quote }} +{{ end -}} {{- else }} -volumes: {{ if and (not .Values.coder.tls.secretNames) (not .Values.coder.tls.secretName) }}[]{{ end }} +volumes: {{ if and (not .Values.coder.tls.secretNames) (not .Values.coder.tls.secretName) (not .Values.coder.certs.secretNames) }}[]{{ end }} {{- end }} {{- end }} @@ -112,7 +112,7 @@ volumes: {{ if and (not .Values.coder.tls.secretNames) (not .Values.coder.tls.se Coder volume mounts. */}} {{- define "coder.volumeMounts" }} -{{- if or .Values.coder.tls.secretNames .Values.coder.tls.secretName }} +{{- if or .Values.coder.tls.secretNames .Values.coder.tls.secretName .Values.coder.certs.secretNames }} volumeMounts: {{ range $secretName := .Values.coder.tls.secretNames -}} - name: "tls-{{ $secretName }}" @@ -124,12 +124,11 @@ volumeMounts: mountPath: "/etc/ssl/certs/coder/{{ .Values.coder.tls.secretName }}" readOnly: true {{- end }} -{{- if .Values.coder.certs.secret.name }} -- name: {{ .Values.coder.certs.secret.name | quote }} - mountPath: /etc/ssl/certs/{{ .Values.coder.certs.secret.key }} - subPath: {{ .Values.coder.certs.secret.key | quote }} +{{ range $certSecretNames := .Values.coder.certs.secretNames -}} +- name: {{ $certSecretNames | quote }} + mountPath: "/etc/ssl/certs/{{ $certSecretName }}" readOnly: true -{{- end }} +{{ end }} {{- else }} volumeMounts: [] {{- end }} diff --git a/helm/values.yaml b/helm/values.yaml index e533acec55de2..ee15969456b4a 100644 --- a/helm/values.yaml +++ b/helm/values.yaml @@ -70,11 +70,10 @@ coder: # coder.certs -- Certificate to mount inside the Coder pod (e.g. CA bundle). certs: - secret: - # coder.certs.secret.name -- Name of the secret. - name: "" - # coder.certs.secret.key -- Key pointing to a certificate in the secret. - key: "" + # coder.certs.secretNames -- A list of CA certificate secrets to mount into + # the Coder pod. The secrets should exist in the same namespace as the Helm + # deployment. + secretNames: [] # coder.service -- The Service object to expose for Coder. service: From 01eca8496053a79c5dc97e9ab9efa4d2eda96539 Mon Sep 17 00:00:00 2001 From: Eric Paulsen Date: Wed, 19 Oct 2022 11:06:23 -0500 Subject: [PATCH 06/11] fix: undefined var --- helm/templates/_helpers.tpl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/helm/templates/_helpers.tpl b/helm/templates/_helpers.tpl index 184759cb68bde..d30d781a27bfe 100644 --- a/helm/templates/_helpers.tpl +++ b/helm/templates/_helpers.tpl @@ -126,7 +126,7 @@ volumeMounts: {{- end }} {{ range $certSecretNames := .Values.coder.certs.secretNames -}} - name: {{ $certSecretNames | quote }} - mountPath: "/etc/ssl/certs/{{ $certSecretName }}" + mountPath: "/etc/ssl/certs/{{ $certSecretNames }}" readOnly: true {{ end }} {{- else }} From 502a4a45a12c4c29ec9a99fbc52f73dcbefc5740 Mon Sep 17 00:00:00 2001 From: Dean Sheather Date: Wed, 19 Oct 2022 20:59:53 +0000 Subject: [PATCH 07/11] chore: remove deprecated value coder.tls.secretName --- helm/templates/NOTES.txt | 8 +++---- helm/templates/_helpers.tpl | 45 ++++++++++--------------------------- helm/values.yaml | 3 --- 3 files changed, 15 insertions(+), 41 deletions(-) diff --git a/helm/templates/NOTES.txt b/helm/templates/NOTES.txt index 38b987acbd45b..18fc33c10d272 100644 --- a/helm/templates/NOTES.txt +++ b/helm/templates/NOTES.txt @@ -1,8 +1,6 @@ -{{- if .Values.coder.tls.secretName }} - -WARN: coder.tls.secretName is deprecated and will be removed in a future - release. Please use coder.tls.secretNames instead. -{{- end }} +{{/* +Deprecation notices: +*/}} Enjoy Coder! Please create an issue at https://github.com/coder/coder if you run into any problems! :) diff --git a/helm/templates/_helpers.tpl b/helm/templates/_helpers.tpl index d30d781a27bfe..96de38ef9f0ad 100644 --- a/helm/templates/_helpers.tpl +++ b/helm/templates/_helpers.tpl @@ -46,7 +46,7 @@ Coder Docker image URI Coder listen port (must be > 1024) */}} {{- define "coder.port" }} -{{- if or .Values.coder.tls.secretNames .Values.coder.tls.secretName -}} +{{- if .Values.coder.tls.secretNames -}} 8443 {{- else -}} 8080 @@ -57,7 +57,7 @@ Coder listen port (must be > 1024) Coder service port */}} {{- define "coder.servicePort" }} -{{- if or .Values.coder.tls.secretNames .Values.coder.tls.secretName -}} +{{- if .Values.coder.tls.secretNames -}} 443 {{- else -}} 80 @@ -68,7 +68,7 @@ Coder service port Port name */}} {{- define "coder.portName" }} -{{- if or .Values.coder.tls.secretNames .Values.coder.tls.secretName -}} +{{- if .Values.coder.tls.secretNames -}} https {{- else -}} http @@ -86,25 +86,15 @@ Scheme Coder volume definitions. */}} {{- define "coder.volumes" }} -{{- if or .Values.coder.tls.secretNames .Values.coder.tls.secretName .Values.coder.certs.secretNames }} +{{- if .Values.coder.tls.secretNames }} volumes: {{ range $secretName := .Values.coder.tls.secretNames -}} - name: "tls-{{ $secretName }}" secret: secretName: {{ $secretName | quote }} {{ end -}} -{{- if .Values.coder.tls.secretName -}} -- name: "tls-{{ .Values.coder.tls.secretName }}" - secret: - secretName: {{ .Values.coder.tls.secretName | quote }} -{{- end }} -{{ range $certSecretNames := .Values.coder.certs.secretNames -}} -- name: {{ $certSecretNames | quote }} - secret: - secretName: {{ $certSecretNames | quote }} -{{ end -}} {{- else }} -volumes: {{ if and (not .Values.coder.tls.secretNames) (not .Values.coder.tls.secretName) (not .Values.coder.certs.secretNames) }}[]{{ end }} +volumes: [] {{- end }} {{- end }} @@ -112,23 +102,13 @@ volumes: {{ if and (not .Values.coder.tls.secretNames) (not .Values.coder.tls.se Coder volume mounts. */}} {{- define "coder.volumeMounts" }} -{{- if or .Values.coder.tls.secretNames .Values.coder.tls.secretName .Values.coder.certs.secretNames }} +{{- if .Values.coder.tls.secretNames }} volumeMounts: {{ range $secretName := .Values.coder.tls.secretNames -}} - name: "tls-{{ $secretName }}" mountPath: "/etc/ssl/certs/coder/{{ $secretName }}" readOnly: true {{ end }} -{{- if .Values.coder.tls.secretName -}} -- name: "tls-{{ .Values.coder.tls.secretName }}" - mountPath: "/etc/ssl/certs/coder/{{ .Values.coder.tls.secretName }}" - readOnly: true -{{- end }} -{{ range $certSecretNames := .Values.coder.certs.secretNames -}} -- name: {{ $certSecretNames | quote }} - mountPath: "/etc/ssl/certs/{{ $certSecretNames }}" - readOnly: true -{{ end }} {{- else }} volumeMounts: [] {{- end }} @@ -138,13 +118,13 @@ volumeMounts: [] Coder TLS environment variables. */}} {{- define "coder.tlsEnv" }} -{{- if or .Values.coder.tls.secretNames .Values.coder.tls.secretName }} +{{- if .Values.coder.tls.secretNames }} - name: CODER_TLS_ENABLE value: "true" - name: CODER_TLS_CERT_FILE - value: "{{ range $idx, $secretName := .Values.coder.tls.secretNames -}}{{ if $idx }},{{ end }}/etc/ssl/certs/coder/{{ $secretName }}/tls.crt{{- end }}{{ if .Values.coder.tls.secretName -}}/etc/ssl/certs/coder/{{ .Values.coder.tls.secretName }}/tls.crt{{- end }}" + value: "{{ range $idx, $secretName := .Values.coder.tls.secretNames -}}{{ if $idx }},{{ end }}/etc/ssl/certs/coder/{{ $secretName }}/tls.crt{{- end }}" - name: CODER_TLS_KEY_FILE - value: "{{ range $idx, $secretName := .Values.coder.tls.secretNames -}}{{ if $idx }},{{ end }}/etc/ssl/certs/coder/{{ $secretName }}/tls.key{{- end }}{{ if .Values.coder.tls.secretName -}}/etc/ssl/certs/coder/{{ .Values.coder.tls.secretName }}/tls.key{{- end }}" + value: "{{ range $idx, $secretName := .Values.coder.tls.secretNames -}}{{ if $idx }},{{ end }}/etc/ssl/certs/coder/{{ $secretName }}/tls.key{{- end }}" {{- end }} {{- end }} @@ -172,10 +152,9 @@ included at the top of coder.yaml. */}} {{- define "coder.verifyDeprecated" }} {{/* -Deprecated value coder.tls.secretName should not be used alongside new value -coder.tls.secretName. +Deprecated value coder.tls.secretName must not be used. */}} -{{- if and .Values.coder.tls.secretName .Values.coder.tls.secretNames }} -{{ fail "You must specify either coder.tls.secretName or coder.tls.secretNames, not both." }} +{{- if .Values.coder.tls.secretName }} +{{ fail "coder.tls.secretName is deprecated, use coder.tls.secretNames instead." }} {{- end }} {{- end }} diff --git a/helm/values.yaml b/helm/values.yaml index ee15969456b4a..dc6eb75d1cf69 100644 --- a/helm/values.yaml +++ b/helm/values.yaml @@ -53,9 +53,6 @@ coder: # will be automatically mounted into the pod if specified, and the correct # "CODER_TLS_*" environment variables will be set for you. secretNames: [] - # coder.tls.secretName -- Deprecated. Use `coder.tls.secretNames` instead. - # This will be removed in a future release. - # secretName: "" # coder.resources -- The resources to request for Coder. These are optional # and are not set by default. From c655bf8b0e87c84d9ead30bffc1ad89552ce7e78 Mon Sep 17 00:00:00 2001 From: Dean Sheather Date: Wed, 19 Oct 2022 21:07:31 +0000 Subject: [PATCH 08/11] chore: improve helm volumes logic --- helm/templates/_helpers.tpl | 34 ++++++++++++++++++++++++---------- 1 file changed, 24 insertions(+), 10 deletions(-) diff --git a/helm/templates/_helpers.tpl b/helm/templates/_helpers.tpl index 96de38ef9f0ad..db0cb7879c183 100644 --- a/helm/templates/_helpers.tpl +++ b/helm/templates/_helpers.tpl @@ -85,33 +85,47 @@ Scheme {{/* Coder volume definitions. */}} -{{- define "coder.volumes" }} -{{- if .Values.coder.tls.secretNames }} -volumes: +{{- define "coder.volumeList" }} {{ range $secretName := .Values.coder.tls.secretNames -}} - name: "tls-{{ $secretName }}" secret: secretName: {{ $secretName | quote }} {{ end -}} -{{- else }} -volumes: [] {{- end }} + +{{/* +Coder volumes yaml. +*/}} +{{- define "coder.volumes" }} +{{- if trim (include "coder.volumeList" .) -}} +volumes: +{{- include "coder.volumeList" . -}} +{{- else -}} +volumes: [] +{{- end -}} {{- end }} {{/* Coder volume mounts. */}} -{{- define "coder.volumeMounts" }} -{{- if .Values.coder.tls.secretNames }} -volumeMounts: +{{- define "coder.volumeMountList" }} {{ range $secretName := .Values.coder.tls.secretNames -}} - name: "tls-{{ $secretName }}" mountPath: "/etc/ssl/certs/coder/{{ $secretName }}" readOnly: true {{ end }} -{{- else }} -volumeMounts: [] {{- end }} + +{{/* +Coder volume mounts yaml. +*/}} +{{- define "coder.volumeMounts" }} +{{- if trim (include "coder.volumeMountList" .) -}} +volumeMounts: +{{- include "coder.volumeMountList" . -}} +{{- else -}} +volumeMounts: [] +{{- end -}} {{- end }} {{/* From 5e2a75c41f1338accd47123f10106634db9ad882 Mon Sep 17 00:00:00 2001 From: Dean Sheather Date: Wed, 19 Oct 2022 21:27:45 +0000 Subject: [PATCH 09/11] feat: add support for multiple CA bundles to helm --- helm/templates/_helpers.tpl | 13 ++++++++++++- helm/values.yaml | 13 +++++++++---- 2 files changed, 21 insertions(+), 5 deletions(-) diff --git a/helm/templates/_helpers.tpl b/helm/templates/_helpers.tpl index db0cb7879c183..681c54dcb6f60 100644 --- a/helm/templates/_helpers.tpl +++ b/helm/templates/_helpers.tpl @@ -91,6 +91,11 @@ Coder volume definitions. secret: secretName: {{ $secretName | quote }} {{ end -}} +{{ range $secret := .Values.coder.certs.secrets -}} +- name: "ca-cert-{{ $secret.name }}" + secret: + secretName: {{ $secret.name | quote }} +{{ end -}} {{- end }} {{/* @@ -113,7 +118,13 @@ Coder volume mounts. - name: "tls-{{ $secretName }}" mountPath: "/etc/ssl/certs/coder/{{ $secretName }}" readOnly: true -{{ end }} +{{ end -}} +{{ range $secret := .Values.coder.certs.secrets -}} +- name: "ca-cert-{{ $secret.name }}" + mountPath: "/etc/ssl/certs/{{ $secret.name }}.crt" + subPath: {{ $secret.key | quote }} + readOnly: true +{{ end -}} {{- end }} {{/* diff --git a/helm/values.yaml b/helm/values.yaml index dc6eb75d1cf69..3897f618ec933 100644 --- a/helm/values.yaml +++ b/helm/values.yaml @@ -65,12 +65,17 @@ coder: # cpu: 100m # memory: 128Mi - # coder.certs -- Certificate to mount inside the Coder pod (e.g. CA bundle). + # coder.certs -- CA bundles to mount inside the Coder pod. certs: - # coder.certs.secretNames -- A list of CA certificate secrets to mount into - # the Coder pod. The secrets should exist in the same namespace as the Helm + # coder.certs.secrets -- A list of CA bundle secrets to mount into the Coder + # pod. The secrets should exist in the same namespace as the Helm # deployment. - secretNames: [] + # + # The given key in each secret is mounted at + # `/etc/ssl/certs/{secret_name}.crt`. + secrets: [] + # - name: "my-ca-bundle" + # key: "ca-bundle.crt" # coder.service -- The Service object to expose for Coder. service: From d113cd79a35452a5536a03508dbc8096cec8bfb8 Mon Sep 17 00:00:00 2001 From: Eric Paulsen Date: Mon, 24 Oct 2022 14:06:03 -0400 Subject: [PATCH 10/11] fix: grammar --- helm/values.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/helm/values.yaml b/helm/values.yaml index c7200e9944b44..c75c3424e13b9 100644 --- a/helm/values.yaml +++ b/helm/values.yaml @@ -17,7 +17,7 @@ coder: # coder.image.pullPolicy -- The pull policy to use for the image. See: # https://kubernetes.io/docs/concepts/containers/images/#image-pull-policy pullPolicy: IfNotPresent - # coder.image.pullSecret -- The secret used for pulling the Coder image from + # coder.image.pullSecrets -- The secrets used for pulling the Coder image from # a private registry. pullSecrets: [] # - name: "pull-secret" From 479006bb10715fa42fe6f2a74baffe5a43c56dc4 Mon Sep 17 00:00:00 2001 From: Eric Paulsen Date: Wed, 7 Dec 2022 17:06:31 -0600 Subject: [PATCH 11/11] resolve: conflict --- helm/values.yaml | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/helm/values.yaml b/helm/values.yaml index eccb048e6e5ae..3a4e53bd84799 100644 --- a/helm/values.yaml +++ b/helm/values.yaml @@ -70,7 +70,6 @@ coder: # cpu: 100m # memory: 128Mi -<<<<<<< HEAD # coder.certs -- CA bundles to mount inside the Coder pod. certs: # coder.certs.secrets -- A list of CA bundle secrets to mount into the Coder @@ -82,7 +81,7 @@ coder: secrets: [] # - name: "my-ca-bundle" # key: "ca-bundle.crt" -======= + # coder.affinity -- Allows specifying an affinity rule for the `coder` deployment. # The default rule prefers to schedule coder pods on different # nodes, which is only applicable if coder.replicaCount is greater than 1. @@ -111,7 +110,6 @@ coder: # See: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector nodeSelector: {} # kubernetes.io/os: linux ->>>>>>> main # coder.service -- The Service object to expose for Coder. service: