From bd49c993de1a83733a72bb9908c4b296df18d1ac Mon Sep 17 00:00:00 2001
From: David Louks <2402775+dlouks@users.noreply.github.com>
Date: Mon, 21 Sep 2020 01:52:30 -0500
Subject: [PATCH] Added support for setting tiller_service_account and
 tiller_replicas (#6696)

* Added support for setting tiller_service_account and tiller_replicas

* Specify helm 2 version to ensure we have a test path that still hits helm 2 code

* Moved tiller_service_account to defaults.yml. Fixed is tiller_replicas defined check.
---
 roles/kubernetes-apps/helm/defaults/main.yml | 6 ++++++
 roles/kubernetes-apps/helm/tasks/main.yml    | 6 ++++--
 tests/files/packet_centos7-calico-ha.yml     | 3 +++
 3 files changed, 13 insertions(+), 2 deletions(-)

diff --git a/roles/kubernetes-apps/helm/defaults/main.yml b/roles/kubernetes-apps/helm/defaults/main.yml
index 1042b985c..d4fc904d9 100644
--- a/roles/kubernetes-apps/helm/defaults/main.yml
+++ b/roles/kubernetes-apps/helm/defaults/main.yml
@@ -45,3 +45,9 @@ tiller_namespace: kube-system
 
 # Limit the maximum number of revisions saved per release. Use 0 for no limit.
 # tiller_max_history: 0
+
+# The name of the tiller service account
+tiller_service_account: tiller
+
+# The number of tiller pod replicas. If not defined, tiller defaults to a single replica
+# tiller_replicas: 1
diff --git a/roles/kubernetes-apps/helm/tasks/main.yml b/roles/kubernetes-apps/helm/tasks/main.yml
index 754ef74eb..83bedb38b 100644
--- a/roles/kubernetes-apps/helm/tasks/main.yml
+++ b/roles/kubernetes-apps/helm/tasks/main.yml
@@ -59,7 +59,7 @@
     {% if helm_skip_refresh %} --skip-refresh{% endif %}
     {% if helm_stable_repo_url is defined %} --stable-repo-url {{ helm_stable_repo_url }}{% endif %}
     --upgrade --tiller-image={{ tiller_image_repo }}:{{ tiller_image_tag }}
-    {% if rbac_enabled %} --service-account=tiller{% endif %}
+    {% if rbac_enabled %} --service-account={{ tiller_service_account }}{% endif %}
     {% if tiller_node_selectors is defined %} --node-selectors {{ tiller_node_selectors }}{% endif %}
     --override spec.template.spec.priorityClassName={% if tiller_namespace == 'kube-system' %}system-cluster-critical{% else %}k8s-cluster-critical{% endif %}
     {% if tiller_override is defined and tiller_override %} --override {{ tiller_override }}{% endif %}
@@ -68,6 +68,7 @@
     {% if tiller_secure_release_info %} --override 'spec.template.spec.containers[0].command'='{/tiller,--storage=secret}' {% endif %}
     --override spec.selector.matchLabels.'name'='tiller',spec.selector.matchLabels.'app'='helm'
     {% if tiller_wait %} --wait{% endif %}
+    {% if tiller_replicas is defined %} --replicas {{ tiller_replicas | int }}{% endif %}
     --output yaml
     | sed 's@apiVersion: extensions/v1beta1@apiVersion: apps/v1@'
     | {{ bin_dir }}/kubectl apply -f -
@@ -87,7 +88,7 @@
     {{ bin_dir }}/helm init --upgrade --tiller-image={{ tiller_image_repo }}:{{ tiller_image_tag }} --tiller-namespace={{ tiller_namespace }}
     {% if helm_skip_refresh %} --skip-refresh{% endif %}
     {% if helm_stable_repo_url is defined %} --stable-repo-url {{ helm_stable_repo_url }}{% endif %}
-    {% if rbac_enabled %} --service-account=tiller{% endif %}
+    {% if rbac_enabled %} --service-account={{ tiller_service_account }}{% endif %}
     {% if tiller_node_selectors is defined %} --node-selectors {{ tiller_node_selectors }}{% endif %}
     --override spec.template.spec.priorityClassName={% if tiller_namespace == 'kube-system' %}system-cluster-critical{% else %}k8s-cluster-critical{% endif %}
     {% if tiller_override is defined and tiller_override %} --override {{ tiller_override }}{% endif %}
@@ -96,6 +97,7 @@
     {% if tiller_secure_release_info %} --override 'spec.template.spec.containers[0].command'='{/tiller,--storage=secret}' {% endif %}
     --override spec.selector.matchLabels.'name'='tiller',spec.selector.matchLabels.'app'='helm'
     {% if tiller_wait %} --wait{% endif %}
+    {% if tiller_replicas is defined %} --replicas {{ tiller_replicas | int }}{% endif %}
     --output yaml
     | sed 's@apiVersion: extensions/v1beta1@apiVersion: apps/v1@'
     | {{ bin_dir }}/kubectl apply -f -
diff --git a/tests/files/packet_centos7-calico-ha.yml b/tests/files/packet_centos7-calico-ha.yml
index 526f12899..d0b488dc1 100644
--- a/tests/files/packet_centos7-calico-ha.yml
+++ b/tests/files/packet_centos7-calico-ha.yml
@@ -12,3 +12,6 @@ dns_min_replicas: 1
 typha_enabled: true
 calico_backend: kdd
 typha_secure: true
+
+# Test helm 2 install
+helm_version: v2.16.7