Liveness / Readiness / Startup probe for git-sync sidecar containers

[dano-nx]

Description

I'm using the git-sync sidecar container for syncing my DAGs. (dags.gitSync.enabled=true) This ends up in sidecar containers in the pods for the Airflow triggerer and scheduler. Unfortunately, these containers have no health check. I have Kyverno and the policy Validate Probes in place that makes the deployment of these pods now failing.

The k8s git-sync image itself provides an option to enable an HTTP endpoint as health check. See option --http-bin in https://github.com/kubernetes/git-sync/blob/v4.5.0/README.md#manual
I added the env variable GITSYNC_HTTP_BIND to the Helm values dags.gitSync.env but there is no way to provide health checks for the git-sync containers. They are missing in https://github.com/apache/airflow/blob/helm-chart/1.18.0/chart/templates/_helpers.yaml#L226-L347

Use case/motivation

I want to configure health checks (liveness and readyness probes) to the git-sync sidecar containers when using the Airflow Helm chart. This is needed when you have strict Kubernetes policies (like when using Kyverno) that requires those probes for all containers.

Related issues

No response

Are you willing to submit a PR?

• Yes I am willing to submit a PR!

Code of Conduct

• I agree to follow this project's Code of Conduct

Official Helm chart version

1.18.0

Apache Airflow version

3.0.6

k8s Git-Sync version

4.5.0

Kubernetes version

1.33.5

Kyverno version

1.16.0

[dano-nx]

Turns out, this is already implemented in main by #50218. Unfortunately, no new Helm chart release yet.