From fda019604a2f92982308eeb666e5bb9211e6480b Mon Sep 17 00:00:00 2001
From: Jean Morais <jean.carlos@creditas.com>
Date: Mon, 11 Oct 2021 00:04:52 -0300
Subject: [PATCH 1/2] Add custom annotations support for catalog sync and
 connectInject pods via Helm

---
 .../templates/connect-inject-deployment.yaml  |  3 +++
 .../templates/sync-catalog-deployment.yaml    |  3 +++
 .../test/unit/connect-inject-deployment.bats  | 24 +++++++++++++++++++
 .../test/unit/sync-catalog-deployment.bats    | 24 +++++++++++++++++++
 charts/consul/values.yaml                     | 24 +++++++++++++++++++
 5 files changed, 78 insertions(+)

diff --git a/charts/consul/templates/connect-inject-deployment.yaml b/charts/consul/templates/connect-inject-deployment.yaml
index f3f9f9a754..55b1f9f3f8 100644
--- a/charts/consul/templates/connect-inject-deployment.yaml
+++ b/charts/consul/templates/connect-inject-deployment.yaml
@@ -36,6 +36,9 @@ spec:
         component: connect-injector
       annotations:
         "consul.hashicorp.com/connect-inject": "false"
+        {{- if .Values.connectInject.annotations }}
+          {{- tpl .Values.connectInject.annotations . | nindent 8 }}
+        {{- end }}
     spec:
       serviceAccountName: {{ template "consul.fullname" . }}-connect-injector-webhook-svc-account
       containers:
diff --git a/charts/consul/templates/sync-catalog-deployment.yaml b/charts/consul/templates/sync-catalog-deployment.yaml
index 50a847b354..17d482a7c8 100644
--- a/charts/consul/templates/sync-catalog-deployment.yaml
+++ b/charts/consul/templates/sync-catalog-deployment.yaml
@@ -31,6 +31,9 @@ spec:
         {{- end }}
       annotations:
         "consul.hashicorp.com/connect-inject": "false"
+        {{- if .Values.syncCatalog.annotations }}
+          {{- tpl .Values.syncCatalog.annotations . | nindent 8 }}
+        {{- end }}
     spec:
       serviceAccountName: {{ template "consul.fullname" . }}-sync-catalog
       {{- if .Values.global.tls.enabled }}
diff --git a/charts/consul/test/unit/connect-inject-deployment.bats b/charts/consul/test/unit/connect-inject-deployment.bats
index 75df185d3f..757c21d327 100755
--- a/charts/consul/test/unit/connect-inject-deployment.bats
+++ b/charts/consul/test/unit/connect-inject-deployment.bats
@@ -1382,6 +1382,30 @@ EOF
   [ "${actual}" = "name" ]
 }
 
+#--------------------------------------------------------------------
+# annotations
+
+@test "connectInject/Deployment: no annotations defined by default" {
+  cd `chart_dir`
+  local actual=$(helm template \
+      -s templates/connect-inject-deployment.yaml  \
+      --set 'connectInject.enabled=true' \
+      . | tee /dev/stderr |
+      yq -r '.spec.template.metadata.annotations | del(."consul.hashicorp.com/connect-inject")' | tee /dev/stderr)
+  [ "${actual}" = "{}" ]
+}
+
+@test "connectInject/Deployment: annotations can be set" {
+  cd `chart_dir`
+  local actual=$(helm template \
+      -s templates/connect-inject-deployment.yaml  \
+      --set 'connectInject.enabled=true' \
+      --set 'connectInject.annotations=foo: bar' \
+      . | tee /dev/stderr |
+      yq -r '.spec.template.metadata.annotations.foo' | tee /dev/stderr)
+  [ "${actual}" = "bar" ]
+}
+
 #--------------------------------------------------------------------
 # logLevel
 
diff --git a/charts/consul/test/unit/sync-catalog-deployment.bats b/charts/consul/test/unit/sync-catalog-deployment.bats
index 904ac699ce..a877f310ce 100755
--- a/charts/consul/test/unit/sync-catalog-deployment.bats
+++ b/charts/consul/test/unit/sync-catalog-deployment.bats
@@ -948,6 +948,30 @@ load _helpers
   [ "${actual}" = "bar" ]
 }
 
+#--------------------------------------------------------------------
+# annotations
+
+@test "syncCatalog/Deployment: no annotations defined by default" {
+  cd `chart_dir`
+  local actual=$(helm template \
+      -s templates/sync-catalog-deployment.yaml  \
+      --set 'syncCatalog.enabled=true' \
+      . | tee /dev/stderr |
+      yq -r '.spec.template.metadata.annotations | del(."consul.hashicorp.com/connect-inject")' | tee /dev/stderr)
+  [ "${actual}" = "{}" ]
+}
+
+@test "syncCatalog/Deployment: annotations can be set" {
+  cd `chart_dir`
+  local actual=$(helm template \
+      -s templates/sync-catalog-deployment.yaml  \
+      --set 'syncCatalog.enabled=true' \
+      --set 'syncCatalog.annotations=foo: bar' \
+      . | tee /dev/stderr |
+      yq -r '.spec.template.metadata.annotations.foo' | tee /dev/stderr)
+  [ "${actual}" = "bar" ]
+}
+
 #--------------------------------------------------------------------
 # logLevel
 
diff --git a/charts/consul/values.yaml b/charts/consul/values.yaml
index 49defa4f03..fd467211e9 100644
--- a/charts/consul/values.yaml
+++ b/charts/consul/values.yaml
@@ -1496,6 +1496,18 @@ syncCatalog:
   # @type: map
   extraLabels: null
 
+  # This value defines additional annotations for
+  # the catalog sync pods. This should be formatted as a multi-line string.
+  #
+  # ```yaml
+  # annotations: |
+  #   "sample/annotation1": "foo"
+  #   "sample/annotation2": "bar"
+  # ```
+  #
+  # @type: string
+  annotations: null
+  
 # Configures the automatic Connect sidecar injector.
 connectInject:
   # True if you want to enable connect injection. Set to "-" to inherit from
@@ -1579,6 +1591,18 @@ connectInject:
   # Optional priorityClassName.
   priorityClassName: ""
 
+  # This value defines additional annotations for
+  # connect inject pods. This should be formatted as a multi-line string.
+  #
+  # ```yaml
+  # annotations: |
+  #   "sample/annotation1": "foo"
+  #   "sample/annotation2": "bar"
+  # ```
+  #
+  # @type: string
+  annotations: null
+  
   # The Docker image for Consul to use when performing Connect injection.
   # Defaults to global.image.
   # @type: string

From 5a5ab794839f1028addeb66c8b464bf4d9f423fe Mon Sep 17 00:00:00 2001
From: Jean Morais <jean.carlos@creditas.com>
Date: Wed, 29 Jun 2022 00:41:47 -0300
Subject: [PATCH 2/2] Fix templates bringing back {{- end }} removed by mistake

Put back {{- end }} in some if statements in sync-catalog-deployment.yaml and connect-inject-deployment.yaml
---
 charts/consul/templates/connect-inject-deployment.yaml | 1 +
 charts/consul/templates/sync-catalog-deployment.yaml   | 1 +
 2 files changed, 2 insertions(+)

diff --git a/charts/consul/templates/connect-inject-deployment.yaml b/charts/consul/templates/connect-inject-deployment.yaml
index 6d5943f462..ffff8a4a20 100644
--- a/charts/consul/templates/connect-inject-deployment.yaml
+++ b/charts/consul/templates/connect-inject-deployment.yaml
@@ -54,6 +54,7 @@ spec:
         {{- if .Values.global.secretsBackend.vault.agentAnnotations }}
         {{ tpl .Values.global.secretsBackend.vault.agentAnnotations . | nindent 8 | trim }}
         {{- end }}
+        {{- end }}
     spec:
       serviceAccountName: {{ template "consul.fullname" . }}-connect-injector
       containers:
diff --git a/charts/consul/templates/sync-catalog-deployment.yaml b/charts/consul/templates/sync-catalog-deployment.yaml
index f9a41c9831..906054df4d 100644
--- a/charts/consul/templates/sync-catalog-deployment.yaml
+++ b/charts/consul/templates/sync-catalog-deployment.yaml
@@ -49,6 +49,7 @@ spec:
         {{- if .Values.global.secretsBackend.vault.agentAnnotations }}
         {{ tpl .Values.global.secretsBackend.vault.agentAnnotations . | nindent 8 | trim }}
         {{- end }}
+        {{- end }}
     spec:
       serviceAccountName: {{ template "consul.fullname" . }}-sync-catalog
       {{- if .Values.global.tls.enabled }}