Michal.Wrobel/openbao-helm
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Support policy/v1 disruptionbudget beyond kube 1.21 (#710)

Browse source 
Issue #667, adding updates to the disruptionbudget to support new
non beta spec beyond kube 1.21
This commit is contained in:
Stephen Herd 2022-04-04 22:26:16 -07:00 committed by GitHub
parent 4da0638f3e
commit 12444bffb6
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
5 changed files with 51 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
CHANGELOG.md
View file

@ -10,6 +10,7 @@ CHANGES:
Improvements: Improvements:
* CSI: Set `extraLabels` for daemonset, pods, and service account [GH-690](https://github.com/hashicorp/vault-helm/pull/690) * CSI: Set `extraLabels` for daemonset, pods, and service account [GH-690](https://github.com/hashicorp/vault-helm/pull/690)
* Add namespace to injector-leader-elector role, rolebinding and secret [GH-683](https://github.com/hashicorp/vault-helm/pull/683) * Add namespace to injector-leader-elector role, rolebinding and secret [GH-683](https://github.com/hashicorp/vault-helm/pull/683)
* Support policy/v1 PodDisruptionBudget in Kubernetes 1.21+ for server and injector [GH-710](https://github.com/hashicorp/vault-helm/pull/710)
## 0.19.0 (January 20th, 2022) ## 0.19.0 (January 20th, 2022)

2
templates/injector-disruptionbudget.yaml
View file

@ -1,5 +1,5 @@
{{- if .Values.injector.podDisruptionBudget }} {{- if .Values.injector.podDisruptionBudget }}
apiVersion: policy/v1beta1 apiVersion: {{ ge .Capabilities.KubeVersion.Minor "21" | ternary "policy/v1" "policy/v1beta1" }}
kind: PodDisruptionBudget kind: PodDisruptionBudget
metadata: metadata:
name: {{ template "vault.fullname" . }}-agent-injector name: {{ template "vault.fullname" . }}-agent-injector

2
templates/server-disruptionbudget.yaml
View file

@ -5,7 +5,7 @@
{{- if and (eq .mode "ha") (eq (.Values.server.ha.disruptionBudget.enabled | toString) "true") -}} {{- if and (eq .mode "ha") (eq (.Values.server.ha.disruptionBudget.enabled | toString) "true") -}}
# PodDisruptionBudget to prevent degrading the server cluster through # PodDisruptionBudget to prevent degrading the server cluster through
# voluntary cluster changes. # voluntary cluster changes.
apiVersion: policy/v1beta1 apiVersion: {{ ge .Capabilities.KubeVersion.Minor "21" | ternary "policy/v1" "policy/v1beta1" }}
kind: PodDisruptionBudget kind: PodDisruptionBudget
metadata: metadata:
name: {{ template "vault.fullname" . }} name: {{ template "vault.fullname" . }}

26
test/unit/injector-disruptionbudget.bats
View file

@ -11,6 +11,16 @@ load _helpers
[ "${actual}" = "false" ] [ "${actual}" = "false" ]
} }
@test "injector/DisruptionBudget: configure with injector.podDisruptionBudget minAvailable" {
cd `chart_dir`
local actual=$(helm template \
--show-only templates/injector-disruptionbudget.yaml \
--set 'injector.podDisruptionBudget.minAvailable=2' \
. | tee /dev/stderr |
yq '.spec.minAvailable == 2' | tee /dev/stderr)
[ "${actual}" = "true" ]
}
@test "injector/DisruptionBudget: configure with injector.podDisruptionBudget maxUnavailable" { @test "injector/DisruptionBudget: configure with injector.podDisruptionBudget maxUnavailable" {
cd `chart_dir` cd `chart_dir`
local actual=$(helm template \ local actual=$(helm template \
@ -21,12 +31,24 @@ load _helpers
[ "${actual}" = "true" ] [ "${actual}" = "true" ]
} }
@test "injector/DisruptionBudget: configure with injector.podDisruptionBudget minAvailable" { @test "injector/DisruptionBudget: test is apiVersion is set correctly < version 1.21 of kube" {
cd `chart_dir` cd `chart_dir`
local actual=$(helm template \ local actual=$(helm template \
--show-only templates/injector-disruptionbudget.yaml \ --show-only templates/injector-disruptionbudget.yaml \
--set 'injector.podDisruptionBudget.minAvailable=2' \ --set 'injector.podDisruptionBudget.minAvailable=2' \
--kube-version 1.19.5 \
. | tee /dev/stderr | . | tee /dev/stderr |
yq '.spec.minAvailable == 2' | tee /dev/stderr) yq '.apiVersion == "policy/v1beta1"' | tee /dev/stderr)
[ "${actual}" = "true" ]
}
@test "injector/DisruptionBudget: test is apiVersion is set correctly >= version 1.21 of kube" {
cd `chart_dir`
local actual=$(helm template \
--show-only templates/injector-disruptionbudget.yaml \
--set 'injector.podDisruptionBudget.minAvailable=2' \
--kube-version 1.22.5 \
. | tee /dev/stderr |
yq '.apiVersion == "policy/v1"' | tee /dev/stderr)
[ "${actual}" = "true" ] [ "${actual}" = "true" ]
} }

24
test/unit/server-ha-disruptionbudget.bats
View file

@ -97,3 +97,27 @@ load _helpers
yq '.spec.maxUnavailable' | tee /dev/stderr) yq '.spec.maxUnavailable' | tee /dev/stderr)
[ "${actual}" = "2" ] [ "${actual}" = "2" ]
} }
@test "server/DisruptionBudget: test is apiVersion is set correctly < version 1.21 of kube" {
cd `chart_dir`
local actual=$(helm template \
--show-only templates/server-disruptionbudget.yaml \
--set 'server.ha.enabled=true' \
--set 'server.ha.replicas=1' \
--kube-version 1.19.5 \
. | tee /dev/stderr |
yq '.apiVersion == "policy/v1beta1"' | tee /dev/stderr)
[ "${actual}" = "true" ]
}
@test "server/DisruptionBudget: test is apiVersion is set correctly >= version 1.21 of kube" {
cd `chart_dir`
local actual=$(helm template \
--show-only templates/server-disruptionbudget.yaml \
--set 'server.ha.enabled=true' \
--set 'server.ha.replicas=1' \
--kube-version 1.22.5 \
. | tee /dev/stderr |
yq '.apiVersion == "policy/v1"' | tee /dev/stderr)
[ "${actual}" = "true" ]
}