From ddef6a938b6ec76a05e777ef4cf47fe8a7220f92 Mon Sep 17 00:00:00 2001
From: Ian Graham <ian.graham@sky.uk>
Date: Fri, 10 Jan 2025 11:07:47 +0000
Subject: [PATCH] Allowing ability to mount volumes in the provider deployment

---
 config/manager/controller_manager_config.yaml |  2 ++
 controllers/pipelines/provider_controller.go  |  4 ++--
 helm/kfp-operator/templates/configmap.yaml    |  3 +++
 local/values.yaml                             | 13 +++++++++++++
 4 files changed, 20 insertions(+), 2 deletions(-)

diff --git a/config/manager/controller_manager_config.yaml b/config/manager/controller_manager_config.yaml
index ab8db6f69..a90d72581 100644
--- a/config/manager/controller_manager_config.yaml
+++ b/config/manager/controller_manager_config.yaml
@@ -21,10 +21,12 @@ spec:
     replicas: 1
     podTemplateSpec:
       spec:
+        volumes: []
         securityContext:
           runAsNonRoot: true
         containers:
         - name: provider-service
+          volumeMounts: []
           securityContext:
             allowPrivilegeEscalation: false
           resources:
diff --git a/controllers/pipelines/provider_controller.go b/controllers/pipelines/provider_controller.go
index c8ab036a2..33e8e54f8 100644
--- a/controllers/pipelines/provider_controller.go
+++ b/controllers/pipelines/provider_controller.go
@@ -53,7 +53,7 @@ func NewProviderReconciler(ec K8sExecutionContext, config config.KfpControllerCo
 func (r *ProviderReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error) {
 	logger := log.FromContext(ctx)
 	startTime := time.Now()
-	logger.V(2).Info("reconciliation started")
+	logger.Info("reconciliation started", "request", req)
 
 	var provider = &pipelinesv1.Provider{}
 	if err := r.EC.Client.NonCached.Get(ctx, req.NamespacedName, provider); err != nil {
@@ -99,7 +99,7 @@ func (r *ProviderReconciler) Reconcile(ctx context.Context, req ctrl.Request) (c
 	}
 
 	duration := time.Since(startTime)
-	logger.V(2).Info("reconciliation ended", logkeys.Duration, duration)
+	logger.Info("reconciliation ended", logkeys.Duration, duration)
 
 	return ctrl.Result{}, nil
 }
diff --git a/helm/kfp-operator/templates/configmap.yaml b/helm/kfp-operator/templates/configmap.yaml
index 4f23822af..9ca069f1f 100644
--- a/helm/kfp-operator/templates/configmap.yaml
+++ b/helm/kfp-operator/templates/configmap.yaml
@@ -28,10 +28,12 @@ data:
         replicas: {{ .Values.provider.replicas }}
         podTemplateSpec:
           spec:
+            volumes: {{- if .Values.provider.volumes }}{{- toYaml .Values.provider.volumes | nindent 12 }}{{ else }} []{{ end }}
             securityContext:
               runAsNonRoot: true
             containers:
             - name: provider-service
+              volumeMounts: {{- if .Values.provider.volumeMounts }}{{- toYaml .Values.provider.volumeMounts | nindent 14 }}{{ else }} []{{ end }}
               securityContext:
                 allowPrivilegeEscalation: false
               resources:
@@ -43,3 +45,4 @@ data:
                     fieldPath: metadata.namespace
               - name: OPERATORWEBHOOK
                 value: {{ include "kfp-operator.fullname" . }}-controller-manager.{{ .Values.namespace.name }}:{{.Values.manager.runcompletionWebhook.servicePort}}/events
+              {{- if .Values.provider.env }}{{- $.Values.provider.env | toYaml | nindent 14 }}{{ end }}
diff --git a/local/values.yaml b/local/values.yaml
index 8a998ccf8..e4054083d 100644
--- a/local/values.yaml
+++ b/local/values.yaml
@@ -41,3 +41,16 @@ statusFeedback:
 providers:
   - kfp
   - vai
+
+provider:
+  env:
+    - name: GOOGLE_APPLICATION_CREDENTIALS
+      value: /etc/gcloud/key-file.json
+  volumes:
+    - name: gcp-credentials
+      secret:
+        secretName: gcp-credentials
+  volumeMounts:
+    - name: gcp-credentials
+      mountPath: /etc/gcloud
+      readOnly: true