diff --git a/CHANGELOG.md b/CHANGELOG.md index 87ffb20..df193c2 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,9 @@ ## Unreleased +Improvements: + +* Support exec in the server liveness probe [GH-971](https://github.com/hashicorp/vault-helm/pull/971) + ## 0.26.1 (October 30, 2023) Bugs: diff --git a/templates/server-statefulset.yaml b/templates/server-statefulset.yaml index f330927..5d9afac 100644 --- a/templates/server-statefulset.yaml +++ b/templates/server-statefulset.yaml @@ -179,10 +179,18 @@ spec: {{- end }} {{- if .Values.server.livenessProbe.enabled }} livenessProbe: + {{- if .Values.server.livenessProbe.execCommand }} + exec: + command: + {{- range (.Values.server.livenessProbe.execCommand) }} + - {{ . | quote }} + {{- end }} + {{- else }} httpGet: path: {{ .Values.server.livenessProbe.path | quote }} port: {{ .Values.server.livenessProbe.port }} scheme: {{ include "vault.scheme" . | upper }} + {{- end }} failureThreshold: {{ .Values.server.livenessProbe.failureThreshold }} initialDelaySeconds: {{ .Values.server.livenessProbe.initialDelaySeconds }} periodSeconds: {{ .Values.server.livenessProbe.periodSeconds }} diff --git a/test/unit/server-statefulset.bats b/test/unit/server-statefulset.bats index de3ee2b..0f3da96 100755 --- a/test/unit/server-statefulset.bats +++ b/test/unit/server-statefulset.bats @@ -1415,6 +1415,41 @@ load _helpers [ "${actual}" = "100" ] } +@test "server/standalone-StatefulSet: liveness exec disabled by default" { + cd `chart_dir` + local object=$(helm template \ + --show-only templates/server-statefulset.yaml \ + --set 'server.livenessProbe.enabled=true' \ + . | tee /dev/stderr | + yq -r '.spec.template.spec.containers[0].livenessProbe' | tee /dev/stderr) + + local actual=$(echo $object | + yq -r '.exec' | tee /dev/stderr) + [ "${actual}" = "null" ] + + local actual=$(echo $object | + yq -r '.httpGet' | tee /dev/stderr) + [ ! "${actual}" = "null" ] +} + +@test "server/standalone-StatefulSet: liveness exec can be set" { + cd `chart_dir` + local object=$(helm template \ + --show-only templates/server-statefulset.yaml \ + --set 'server.livenessProbe.enabled=true' \ + --set='server.livenessProbe.execCommand={/bin/sh,-c,sleep}' \ + . | tee /dev/stderr | + yq -r '.spec.template.spec.containers[0].livenessProbe' | tee /dev/stderr) + + local actual=$(echo $object | + yq -r '.exec.command[0]' | tee /dev/stderr) + [ "${actual}" = "/bin/sh" ] + + local actual=$(echo $object | + yq -r '.httpGet' | tee /dev/stderr) + [ "${actual}" = "null" ] +} + #-------------------------------------------------------------------- # args @test "server/standalone-StatefulSet: add extraArgs" { diff --git a/values.schema.json b/values.schema.json index 6a8b350..3152f3d 100644 --- a/values.schema.json +++ b/values.schema.json @@ -818,6 +818,12 @@ "path": { "type": "string" }, + "port": { + "type": "integer" + }, + "execCommand": { + "type": "array" + }, "periodSeconds": { "type": "integer" }, diff --git a/values.yaml b/values.yaml index 781b930..1edd647 100644 --- a/values.yaml +++ b/values.yaml @@ -531,8 +531,14 @@ server: # Used to enable a livenessProbe for the pods livenessProbe: enabled: false + # Used to define a liveness exec command. If provided, exec is preferred to httpGet (path) as the livenessProbe handler. + execCommand: [] + # - /bin/sh + # - -c + # - /vault/userconfig/mylivenessscript/run.sh + # Path for the livenessProbe to use httpGet as the livenessProbe handler path: "/v1/sys/health?standbyok=true" - # Port number on which livenessProbe will be checked. + # Port number on which livenessProbe will be checked if httpGet is used as the livenessProbe handler port: 8200 # When a probe fails, Kubernetes will try failureThreshold times before giving up failureThreshold: 2