Added annotations in deployments for kube2iam usage
Fixes #611 (closed).
Adds the possibility to add annotations to deployments/stateful sets. This makes it so kube2iam can be used to replace user access/secret keys with IAM roles.
What is tested
- Uploads (member profile pictures in S3)
- Registry (docker images in S3)
- Task runner (
s3cmd
)
This can be tested by removing the access/secret keys from the secrets. In the case of unicorn (that uses Fog), you have to add use_iam_profile: true
to the secret.
What is not included
- Gitlab Runner (in different repo, and requires more changes)