From 5d3336aaa02eb4a689a28abd09a2428bf979828e Mon Sep 17 00:00:00 2001
From: ddl-ebrown <ethan.brown@dominodatalab.com>
Date: Thu, 29 Feb 2024 14:50:40 -0800
Subject: [PATCH] Adds missing priorityClassName to webhook values

 - All the other pods can have their priorityClassName set except for
   the webhook

Signed-off-by: ddl-ebrown <ethan.brown@dominodatalab.com>
---
 charts/flyte-core/README.md                          | 1 +
 charts/flyte-core/templates/propeller/webhook.yaml   | 3 +++
 charts/flyte-core/values.yaml                        | 2 ++
 docker/sandbox-bundled/manifests/complete-agent.yaml | 4 ++--
 docker/sandbox-bundled/manifests/complete.yaml       | 4 ++--
 docker/sandbox-bundled/manifests/dev.yaml            | 4 ++--
 6 files changed, 12 insertions(+), 6 deletions(-)

diff --git a/charts/flyte-core/README.md b/charts/flyte-core/README.md
index 31fd4791b9e..02fd65538a2 100644
--- a/charts/flyte-core/README.md
+++ b/charts/flyte-core/README.md
@@ -290,6 +290,7 @@ helm install gateway bitnami/contour -n flyte
 | storage.s3.secretKey | string | `""` | AWS IAM user secret access key to use for S3 bucket auth, only used if authType is set to accesskey |
 | storage.type | string | `"sandbox"` | Sets the storage type. Supported values are sandbox, s3, gcs and custom. |
 | webhook.enabled | bool | `true` | enable or disable secrets webhook |
+| webhook.priorityClassName | string | `""` | Sets priorityClassName for webhook pod |
 | webhook.securityContext | object | `{"fsGroup":65534,"fsGroupChangePolicy":"Always","runAsNonRoot":true,"runAsUser":1001,"seLinuxOptions":{"type":"spc_t"}}` | Sets securityContext for webhook pod(s). |
 | webhook.service | object | `{"annotations":{"projectcontour.io/upstream-protocol.h2c":"grpc"},"type":"ClusterIP"}` | Service settings for the webhook |
 | webhook.serviceAccount | object | `{"annotations":{},"create":true,"imagePullSecrets":[]}` | Configuration for service accounts for the webhook |
diff --git a/charts/flyte-core/templates/propeller/webhook.yaml b/charts/flyte-core/templates/propeller/webhook.yaml
index 941ed1add1f..7e108c2a7b4 100644
--- a/charts/flyte-core/templates/propeller/webhook.yaml
+++ b/charts/flyte-core/templates/propeller/webhook.yaml
@@ -39,6 +39,9 @@ spec:
       securityContext: {{ tpl (toYaml .) $ | nindent 8 }}
       {{- end }}
       serviceAccountName: {{ template "flyte-pod-webhook.name" . }}
+      {{- if .Values.webhook.priorityClassName }}
+      priorityClassName: {{ .Values.webhook.priorityClassName }}
+      {{- end }}
 {{- if .Values.webhook.enabled }}
       initContainers:
       - name: generate-secrets
diff --git a/charts/flyte-core/values.yaml b/charts/flyte-core/values.yaml
index d5c21c51310..1093aaab14f 100755
--- a/charts/flyte-core/values.yaml
+++ b/charts/flyte-core/values.yaml
@@ -444,6 +444,8 @@ secrets:
 webhook:
   # -- enable or disable secrets webhook
   enabled: true
+  # -- Sets priorityClassName for webhook pod
+  priorityClassName: ""
   # -- Configuration for service accounts for the webhook
   serviceAccount:
     # -- Should a service account be created for the webhook
diff --git a/docker/sandbox-bundled/manifests/complete-agent.yaml b/docker/sandbox-bundled/manifests/complete-agent.yaml
index 6de7c86be98..e46b0c1478e 100644
--- a/docker/sandbox-bundled/manifests/complete-agent.yaml
+++ b/docker/sandbox-bundled/manifests/complete-agent.yaml
@@ -816,7 +816,7 @@ type: Opaque
 ---
 apiVersion: v1
 data:
-  haSharedSecret: UDI2NklEa2dSNUhNeTFteA==
+  haSharedSecret: dUxYSnl2VFoydkJFSndZeQ==
   proxyPassword: ""
   proxyUsername: ""
 kind: Secret
@@ -1412,7 +1412,7 @@ spec:
     metadata:
       annotations:
         checksum/config: 8f50e768255a87f078ba8b9879a0c174c3e045ffb46ac8723d2eedbe293c8d81
-        checksum/secret: d57403ae8ea0fce27bceda25f6af446fe51652e99e95a07fddae387006ee29f1
+        checksum/secret: 4917b98356e3533a01d33e9bd18670816d9c2ad78657530f996f3e5fcdc92eaa
       labels:
         app: docker-registry
         release: flyte-sandbox
diff --git a/docker/sandbox-bundled/manifests/complete.yaml b/docker/sandbox-bundled/manifests/complete.yaml
index b56e367ac40..8fb9ba07f8a 100644
--- a/docker/sandbox-bundled/manifests/complete.yaml
+++ b/docker/sandbox-bundled/manifests/complete.yaml
@@ -796,7 +796,7 @@ type: Opaque
 ---
 apiVersion: v1
 data:
-  haSharedSecret: T21pWVJOUEdxMXBTSVE1RQ==
+  haSharedSecret: U1JZTjNXRVlhU2kyZUtpaA==
   proxyPassword: ""
   proxyUsername: ""
 kind: Secret
@@ -1360,7 +1360,7 @@ spec:
     metadata:
       annotations:
         checksum/config: 8f50e768255a87f078ba8b9879a0c174c3e045ffb46ac8723d2eedbe293c8d81
-        checksum/secret: b0e1d465fbab24856443e463cb7846c898d03f1e00ac443b08e5474d28418ba3
+        checksum/secret: 18ac7c50f4eae95159f567d58e424b3e9e0f24686080c72713410bcd38129c4d
       labels:
         app: docker-registry
         release: flyte-sandbox
diff --git a/docker/sandbox-bundled/manifests/dev.yaml b/docker/sandbox-bundled/manifests/dev.yaml
index 2a8383a1dd2..f89d1b52ae6 100644
--- a/docker/sandbox-bundled/manifests/dev.yaml
+++ b/docker/sandbox-bundled/manifests/dev.yaml
@@ -499,7 +499,7 @@ metadata:
 ---
 apiVersion: v1
 data:
-  haSharedSecret: bGRYdlJtdmZ5Qm14ZEJnNg==
+  haSharedSecret: Z2IydXVreVY2R0hEZGxUZg==
   proxyPassword: ""
   proxyUsername: ""
 kind: Secret
@@ -934,7 +934,7 @@ spec:
     metadata:
       annotations:
         checksum/config: 8f50e768255a87f078ba8b9879a0c174c3e045ffb46ac8723d2eedbe293c8d81
-        checksum/secret: b3f9230da427e818d5a63cbbf15159f2b165c98e6f56e269983c0a8fff6b6099
+        checksum/secret: 65e74a61cdf8b08e5066a66a41bde7b241a0dc95df5a492868df4a2d2a7b82e2
       labels:
         app: docker-registry
         release: flyte-sandbox