feature: Support configuring various properties as YAML directly. (#565)
* feature: Support configuring various properties as YAML directly. Supported properties include: pod tolerations, pod affinity, and node selectors.
This commit is contained in:
parent
14d1f97edd
commit
1e4709cc46
9 changed files with 172 additions and 33 deletions
1
.gitignore
vendored
1
.gitignore
vendored
|
@ -10,3 +10,4 @@ vaul-helm-dev-creds.json
|
|||
./test/unit/vaul-helm-dev-creds.json
|
||||
./test/acceptance/values.yaml
|
||||
./test/acceptance/values.yml
|
||||
.idea
|
||||
|
|
5
Makefile
5
Makefile
|
@ -4,6 +4,9 @@ CLOUDSDK_CORE_PROJECT?=vault-helm-dev-246514
|
|||
# set to run a single test - e.g acceptance/server-ha-enterprise-dr.bats
|
||||
ACCEPTANCE_TESTS?=acceptance
|
||||
|
||||
# filter bats unit tests to run.
|
||||
UNIT_TESTS_FILTER?='.*'
|
||||
|
||||
# Generate json schema for chart values. See test/README.md for more details.
|
||||
values-schema:
|
||||
helm schema-gen values.yaml > values.schema.json
|
||||
|
@ -12,7 +15,7 @@ test-image:
|
|||
@docker build --rm -t $(TEST_IMAGE) -f $(CURDIR)/test/docker/Test.dockerfile $(CURDIR)
|
||||
|
||||
test-unit:
|
||||
@docker run -it -v ${PWD}:/helm-test $(TEST_IMAGE) bats /helm-test/test/unit
|
||||
@docker run --rm -it -v ${PWD}:/helm-test $(TEST_IMAGE) bats -f $(UNIT_TESTS_FILTER) /helm-test/test/unit
|
||||
|
||||
test-bats: test-unit test-acceptance
|
||||
|
||||
|
|
|
@ -224,7 +224,12 @@ Set's the affinity for pod placement when running in standalone and HA modes.
|
|||
{{- define "vault.affinity" -}}
|
||||
{{- if and (ne .mode "dev") .Values.server.affinity }}
|
||||
affinity:
|
||||
{{ tpl .Values.server.affinity . | nindent 8 | trim }}
|
||||
{{ $tp := typeOf .Values.server.affinity }}
|
||||
{{- if eq $tp "string" }}
|
||||
{{- tpl .Values.server.affinity . | nindent 8 | trim }}
|
||||
{{- else }}
|
||||
{{- toYaml .Values.server.affinity | nindent 8 }}
|
||||
{{- end }}
|
||||
{{ end }}
|
||||
{{- end -}}
|
||||
|
||||
|
@ -234,17 +239,27 @@ Sets the injector affinity for pod placement
|
|||
{{- define "injector.affinity" -}}
|
||||
{{- if .Values.injector.affinity }}
|
||||
affinity:
|
||||
{{ tpl .Values.injector.affinity . | nindent 8 | trim }}
|
||||
{{ $tp := typeOf .Values.injector.affinity }}
|
||||
{{- if eq $tp "string" }}
|
||||
{{- tpl .Values.injector.affinity . | nindent 8 | trim }}
|
||||
{{- else }}
|
||||
{{- toYaml .Values.injector.affinity | nindent 8 }}
|
||||
{{- end }}
|
||||
{{ end }}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Set's the toleration for pod placement when running in standalone and HA modes.
|
||||
Sets the toleration for pod placement when running in standalone and HA modes.
|
||||
*/}}
|
||||
{{- define "vault.tolerations" -}}
|
||||
{{- if and (ne .mode "dev") .Values.server.tolerations }}
|
||||
tolerations:
|
||||
{{- $tp := typeOf .Values.server.tolerations }}
|
||||
{{- if eq $tp "string" }}
|
||||
{{ tpl .Values.server.tolerations . | nindent 8 | trim }}
|
||||
{{- else }}
|
||||
{{- toYaml .Values.server.tolerations | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end -}}
|
||||
|
||||
|
@ -254,7 +269,12 @@ Sets the injector toleration for pod placement
|
|||
{{- define "injector.tolerations" -}}
|
||||
{{- if .Values.injector.tolerations }}
|
||||
tolerations:
|
||||
{{- $tp := typeOf .Values.injector.tolerations }}
|
||||
{{- if eq $tp "string" }}
|
||||
{{ tpl .Values.injector.tolerations . | nindent 8 | trim }}
|
||||
{{- else }}
|
||||
{{- toYaml .Values.injector.tolerations | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end -}}
|
||||
|
||||
|
@ -264,7 +284,12 @@ Set's the node selector for pod placement when running in standalone and HA mode
|
|||
{{- define "vault.nodeselector" -}}
|
||||
{{- if and (ne .mode "dev") .Values.server.nodeSelector }}
|
||||
nodeSelector:
|
||||
{{ tpl .Values.server.nodeSelector . | indent 8 | trim }}
|
||||
{{- $tp := typeOf .Values.server.nodeSelector }}
|
||||
{{- if eq $tp "string" }}
|
||||
{{ tpl .Values.server.nodeSelector . | nindent 8 | trim }}
|
||||
{{- else }}
|
||||
{{- toYaml .Values.server.nodeSelector | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end -}}
|
||||
|
||||
|
@ -274,7 +299,12 @@ Sets the injector node selector for pod placement
|
|||
{{- define "injector.nodeselector" -}}
|
||||
{{- if .Values.injector.nodeSelector }}
|
||||
nodeSelector:
|
||||
{{ tpl .Values.injector.nodeSelector . | indent 8 | trim }}
|
||||
{{- $tp := typeOf .Values.injector.nodeSelector }}
|
||||
{{- if eq $tp "string" }}
|
||||
{{ tpl .Values.injector.nodeSelector . | nindent 8 | trim }}
|
||||
{{- else }}
|
||||
{{- toYaml .Values.injector.nodeSelector | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end -}}
|
||||
|
||||
|
@ -519,7 +549,12 @@ Sets the injector toleration for pod placement
|
|||
{{- define "csi.pod.tolerations" -}}
|
||||
{{- if .Values.csi.pod.tolerations }}
|
||||
tolerations:
|
||||
{{- $tp := typeOf .Values.csi.pod.tolerations }}
|
||||
{{- if eq $tp "string" }}
|
||||
{{ tpl .Values.csi.pod.tolerations . | nindent 8 | trim }}
|
||||
{{- else }}
|
||||
{{- toYaml .Values.csi.pod.tolerations | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end -}}
|
||||
|
||||
|
|
|
@ -246,7 +246,7 @@ load _helpers
|
|||
[ "${actual}" = "true" ]
|
||||
}
|
||||
|
||||
@test "csi/daemonset: tolerations can be set" {
|
||||
@test "csi/daemonset: tolerations can be set as string" {
|
||||
cd `chart_dir`
|
||||
local actual=$(helm template \
|
||||
--show-only templates/csi-daemonset.yaml \
|
||||
|
@ -257,6 +257,17 @@ load _helpers
|
|||
[ "${actual}" = "true" ]
|
||||
}
|
||||
|
||||
@test "csi/daemonset: tolerations can be set as YAML" {
|
||||
cd `chart_dir`
|
||||
local actual=$(helm template \
|
||||
--show-only templates/csi-daemonset.yaml \
|
||||
--set 'csi.enabled=true' \
|
||||
--set "csi.pod.tolerations[0].foo=bar,csi.pod.tolerations[1].baz=qux" \
|
||||
. | tee /dev/stderr |
|
||||
yq '.spec.template.spec.tolerations == [{"foo": "bar"}, {"baz": "qux"}]' | tee /dev/stderr)
|
||||
[ "${actual}" = "true" ]
|
||||
}
|
||||
|
||||
#--------------------------------------------------------------------
|
||||
# volumes
|
||||
|
||||
|
|
|
@ -432,7 +432,7 @@ load _helpers
|
|||
[ "${actual}" = "false" ]
|
||||
}
|
||||
|
||||
@test "injector/deployment: affinity can be set" {
|
||||
@test "injector/deployment: affinity can be set as string" {
|
||||
cd `chart_dir`
|
||||
local actual=$(helm template \
|
||||
--show-only templates/injector-deployment.yaml \
|
||||
|
@ -442,6 +442,16 @@ load _helpers
|
|||
[ "${actual}" = "true" ]
|
||||
}
|
||||
|
||||
@test "injector/deployment: affinity can be set as YAML" {
|
||||
cd `chart_dir`
|
||||
local actual=$(helm template \
|
||||
--show-only templates/injector-deployment.yaml \
|
||||
--set 'injector.affinity.podAntiAffinity=foobar' \
|
||||
. | tee /dev/stderr |
|
||||
yq '.spec.template.spec.affinity.podAntiAffinity == "foobar"' | tee /dev/stderr)
|
||||
[ "${actual}" = "true" ]
|
||||
}
|
||||
|
||||
#--------------------------------------------------------------------
|
||||
# tolerations
|
||||
|
||||
|
@ -454,7 +464,7 @@ load _helpers
|
|||
[ "${actual}" = "true" ]
|
||||
}
|
||||
|
||||
@test "injector/deployment: tolerations can be set" {
|
||||
@test "injector/deployment: tolerations can be set as string" {
|
||||
cd `chart_dir`
|
||||
local actual=$(helm template \
|
||||
--show-only templates/injector-deployment.yaml \
|
||||
|
@ -464,6 +474,16 @@ load _helpers
|
|||
[ "${actual}" = "true" ]
|
||||
}
|
||||
|
||||
@test "injector/deployment: tolerations can be set as YAML" {
|
||||
cd `chart_dir`
|
||||
local actual=$(helm template \
|
||||
--show-only templates/injector-deployment.yaml \
|
||||
--set "injector.tolerations[0].foo=bar,injector.tolerations[1].baz=qux" \
|
||||
. | tee /dev/stderr |
|
||||
yq '.spec.template.spec.tolerations == [{"foo": "bar"}, {"baz": "qux"}]' | tee /dev/stderr)
|
||||
[ "${actual}" = "true" ]
|
||||
}
|
||||
|
||||
#--------------------------------------------------------------------
|
||||
# nodeSelector
|
||||
|
||||
|
@ -476,7 +496,7 @@ load _helpers
|
|||
[ "${actual}" = "null" ]
|
||||
}
|
||||
|
||||
@test "injector/deployment: nodeSelector can be set" {
|
||||
@test "injector/deployment: nodeSelector can be set as string" {
|
||||
cd `chart_dir`
|
||||
local actual=$(helm template \
|
||||
--show-only templates/injector-deployment.yaml \
|
||||
|
@ -486,6 +506,17 @@ load _helpers
|
|||
[ "${actual}" = "testing" ]
|
||||
}
|
||||
|
||||
@test "injector/deployment: nodeSelector can be set as YAML" {
|
||||
cd `chart_dir`
|
||||
local actual=$(helm template \
|
||||
--show-only templates/injector-deployment.yaml \
|
||||
--set "injector.nodeSelector.beta\.kubernetes\.io/arch=amd64" \
|
||||
. | tee /dev/stderr |
|
||||
yq '.spec.template.spec.nodeSelector == {"beta.kubernetes.io/arch": "amd64"}' | tee /dev/stderr)
|
||||
[ "${actual}" = "true" ]
|
||||
}
|
||||
|
||||
|
||||
#--------------------------------------------------------------------
|
||||
# priorityClassName
|
||||
|
||||
|
|
|
@ -571,7 +571,7 @@ load _helpers
|
|||
[ "${actual}" = "null" ]
|
||||
}
|
||||
|
||||
@test "server/ha-StatefulSet: specified nodeSelector" {
|
||||
@test "server/ha-StatefulSet: specified nodeSelector as string" {
|
||||
cd `chart_dir`
|
||||
local actual=$(helm template \
|
||||
--show-only templates/server-statefulset.yaml \
|
||||
|
@ -582,6 +582,17 @@ load _helpers
|
|||
[ "${actual}" = "testing" ]
|
||||
}
|
||||
|
||||
@test "server/ha-StatefulSet: nodeSelector can be set as YAML" {
|
||||
cd `chart_dir`
|
||||
local actual=$(helm template \
|
||||
--show-only templates/server-statefulset.yaml \
|
||||
--set 'server.ha.enabled=true' \
|
||||
--set "server.nodeSelector.beta\.kubernetes\.io/arch=amd64" \
|
||||
. | tee /dev/stderr |
|
||||
yq '.spec.template.spec.nodeSelector == {"beta.kubernetes.io/arch": "amd64"}' | tee /dev/stderr)
|
||||
[ "${actual}" = "true" ]
|
||||
}
|
||||
|
||||
#--------------------------------------------------------------------
|
||||
# Security Contexts
|
||||
@test "server/ha-StatefulSet: uid default" {
|
||||
|
|
|
@ -738,7 +738,7 @@ load _helpers
|
|||
[ "${actual}" = "true" ]
|
||||
}
|
||||
|
||||
@test "server/standalone-StatefulSet: affinity can be set" {
|
||||
@test "server/standalone-StatefulSet: affinity can be set as string" {
|
||||
cd `chart_dir`
|
||||
local actual=$(helm template \
|
||||
--show-only templates/server-statefulset.yaml \
|
||||
|
@ -748,6 +748,17 @@ load _helpers
|
|||
[ "${actual}" = "true" ]
|
||||
}
|
||||
|
||||
@test "server/standalone-StatefulSet: affinity can be set as YAML" {
|
||||
cd `chart_dir`
|
||||
local actual=$(helm template \
|
||||
--show-only templates/server-statefulset.yaml \
|
||||
--set 'server.affinity.podAntiAffinity=foobar' \
|
||||
. | tee /dev/stderr |
|
||||
yq '.spec.template.spec.affinity.podAntiAffinity == "foobar"' | tee /dev/stderr)
|
||||
[ "${actual}" = "true" ]
|
||||
}
|
||||
|
||||
|
||||
@test "server/standalone-StatefulSet: tolerations not set by default" {
|
||||
cd `chart_dir`
|
||||
local actual=$(helm template \
|
||||
|
@ -757,7 +768,7 @@ load _helpers
|
|||
[ "${actual}" = "true" ]
|
||||
}
|
||||
|
||||
@test "server/standalone-StatefulSet: tolerations can be set" {
|
||||
@test "server/standalone-StatefulSet: tolerations can be set as string" {
|
||||
cd `chart_dir`
|
||||
local actual=$(helm template \
|
||||
--show-only templates/server-statefulset.yaml \
|
||||
|
@ -767,6 +778,16 @@ load _helpers
|
|||
[ "${actual}" = "true" ]
|
||||
}
|
||||
|
||||
@test "server/standalone-StatefulSet: tolerations can be set as YAML" {
|
||||
cd `chart_dir`
|
||||
local actual=$(helm template \
|
||||
--show-only templates/server-statefulset.yaml \
|
||||
--set "server.tolerations[0].foo=bar,server.tolerations[1].baz=qux" \
|
||||
. | tee /dev/stderr |
|
||||
yq '.spec.template.spec.tolerations == [{"foo": "bar"}, {"baz": "qux"}]' | tee /dev/stderr)
|
||||
[ "${actual}" = "true" ]
|
||||
}
|
||||
|
||||
@test "server/standalone-StatefulSet: nodeSelector is not set by default" {
|
||||
cd `chart_dir`
|
||||
local actual=$(helm template \
|
||||
|
@ -776,7 +797,7 @@ load _helpers
|
|||
[ "${actual}" = "null" ]
|
||||
}
|
||||
|
||||
@test "server/standalone-StatefulSet: specified nodeSelector" {
|
||||
@test "server/standalone-StatefulSet: specified nodeSelector as string" {
|
||||
cd `chart_dir`
|
||||
local actual=$(helm template \
|
||||
--show-only templates/server-statefulset.yaml \
|
||||
|
@ -786,6 +807,16 @@ load _helpers
|
|||
[ "${actual}" = "testing" ]
|
||||
}
|
||||
|
||||
@test "server/standalone-StatefulSet: nodeSelector can be set as YAML" {
|
||||
cd `chart_dir`
|
||||
local actual=$(helm template \
|
||||
--show-only templates/server-statefulset.yaml \
|
||||
--set "server.nodeSelector.beta\.kubernetes\.io/arch=amd64" \
|
||||
. | tee /dev/stderr |
|
||||
yq '.spec.template.spec.nodeSelector == {"beta.kubernetes.io/arch": "amd64"}' | tee /dev/stderr)
|
||||
[ "${actual}" = "true" ]
|
||||
}
|
||||
|
||||
#--------------------------------------------------------------------
|
||||
# extraInitContainers
|
||||
|
||||
|
|
|
@ -80,7 +80,11 @@
|
|||
]
|
||||
},
|
||||
"tolerations": {
|
||||
"type": ["null", "string"]
|
||||
"type": [
|
||||
"null",
|
||||
"array",
|
||||
"string"
|
||||
]
|
||||
}
|
||||
}
|
||||
},
|
||||
|
@ -167,7 +171,10 @@
|
|||
"type": "object",
|
||||
"properties": {
|
||||
"affinity": {
|
||||
"type": "string"
|
||||
"type": [
|
||||
"object",
|
||||
"string"
|
||||
]
|
||||
},
|
||||
"agentDefaults": {
|
||||
"type": "object",
|
||||
|
@ -309,7 +316,11 @@
|
|||
"type": "object"
|
||||
},
|
||||
"nodeSelector": {
|
||||
"type": ["null", "string"]
|
||||
"type": [
|
||||
"null",
|
||||
"object",
|
||||
"string"
|
||||
]
|
||||
},
|
||||
"objectSelector": {
|
||||
"type": "object"
|
||||
|
@ -343,6 +354,7 @@
|
|||
"tolerations": {
|
||||
"type": [
|
||||
"null",
|
||||
"array",
|
||||
"string"
|
||||
]
|
||||
}
|
||||
|
@ -352,7 +364,10 @@
|
|||
"type": "object",
|
||||
"properties": {
|
||||
"affinity": {
|
||||
"type": "string"
|
||||
"type": [
|
||||
"object",
|
||||
"string"
|
||||
]
|
||||
},
|
||||
"annotations": {
|
||||
"type": [
|
||||
|
@ -629,6 +644,7 @@
|
|||
"nodeSelector": {
|
||||
"type": [
|
||||
"null",
|
||||
"object",
|
||||
"string"
|
||||
]
|
||||
},
|
||||
|
@ -755,6 +771,7 @@
|
|||
"tolerations": {
|
||||
"type": [
|
||||
"null",
|
||||
"array",
|
||||
"string"
|
||||
]
|
||||
},
|
||||
|
|
29
values.yaml
29
values.yaml
|
@ -151,8 +151,7 @@ injector:
|
|||
# KUBERNETES_SERVICE_HOST: kubernetes.default.svc
|
||||
|
||||
# Affinity Settings for injector pods
|
||||
# This should be a multi-line string matching the affinity section of a
|
||||
# PodSpec.
|
||||
# This can either be multi-line string or YAML matching the PodSpec's affinity field.
|
||||
# Commenting out or setting as empty the affinity variable, will allow
|
||||
# deployment of multiple replicas to single node services such as Minikube.
|
||||
affinity: |
|
||||
|
@ -166,16 +165,16 @@ injector:
|
|||
topologyKey: kubernetes.io/hostname
|
||||
|
||||
# Toleration Settings for injector pods
|
||||
# This should be a multi-line string matching the Toleration array
|
||||
# This should be either a multi-line string or YAML matching the Toleration array
|
||||
# in a PodSpec.
|
||||
tolerations: null
|
||||
tolerations: []
|
||||
|
||||
# nodeSelector labels for injector pod assignment, formatted as a muli-line string.
|
||||
# nodeSelector labels for server pod assignment, formatted as a multi-line string or YAML map.
|
||||
# ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector
|
||||
# Example:
|
||||
# nodeSelector: |
|
||||
# nodeSelector:
|
||||
# beta.kubernetes.io/arch: amd64
|
||||
nodeSelector: null
|
||||
nodeSelector: {}
|
||||
|
||||
# Priority class for injector pods
|
||||
priorityClassName: ""
|
||||
|
@ -397,10 +396,10 @@ server:
|
|||
# name: plugins
|
||||
# readOnly: true
|
||||
|
||||
|
||||
# Affinity Settings
|
||||
# Commenting out or setting as empty the affinity variable, will allow
|
||||
# deployment to single node services such as Minikube
|
||||
# This should be either a multi-line string or YAML matching the PodSpec's affinity field.
|
||||
affinity: |
|
||||
podAntiAffinity:
|
||||
requiredDuringSchedulingIgnoredDuringExecution:
|
||||
|
@ -412,16 +411,16 @@ server:
|
|||
topologyKey: kubernetes.io/hostname
|
||||
|
||||
# Toleration Settings for server pods
|
||||
# This should be a multi-line string matching the Toleration array
|
||||
# This should be either a multi-line string or YAML matching the Toleration array
|
||||
# in a PodSpec.
|
||||
tolerations: null
|
||||
tolerations: []
|
||||
|
||||
# nodeSelector labels for server pod assignment, formatted as a muli-line string.
|
||||
# nodeSelector labels for server pod assignment, formatted as a multi-line string or YAML map.
|
||||
# ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector
|
||||
# Example:
|
||||
# nodeSelector: |
|
||||
# nodeSelector:
|
||||
# beta.kubernetes.io/arch: amd64
|
||||
nodeSelector: null
|
||||
nodeSelector: {}
|
||||
|
||||
# Enables network policy for server pods
|
||||
networkPolicy:
|
||||
|
@ -753,9 +752,9 @@ csi:
|
|||
annotations: {}
|
||||
|
||||
# Toleration Settings for provider pods
|
||||
# This should be a multi-line string matching the Toleration array
|
||||
# This should be either a multi-line string or YAML matching the Toleration array
|
||||
# in a PodSpec.
|
||||
tolerations: null
|
||||
tolerations: []
|
||||
|
||||
serviceAccount:
|
||||
# Extra annotations for the serviceAccount definition. This can either be
|
||||
|
|
Loading…
Reference in a new issue