update values, single-server and test

templates/server-statefulset.yaml

@@ -71,9 +71,16 @@ spec:
             - name: VAULT_ADDR 
               value: "http://localhost:8200"
           command:
-            - "vault"
+            - "/bin/sh"
-            - "server"
+            - "-ec"
-            - "-config=/vault/config/"
+            - |
+              vault server -config=/vault/config/ \
+                {{- range .Values.server.extraVolumes }}
+                {{- if .load }}
+                -config-dir=/vault/userconfig/{{ .name }} \
+                {{- end }}
+                {{- end }}
+
           volumeMounts:
             - name: data
               mountPath: /vault/data

test/unit/server-statefulset.bats

@@ -65,8 +65,9 @@ load _helpers
 
 #--------------------------------------------------------------------
 # updateStrategy
+# Single-Server does not include an update strategy 
 
-@test "server/StatefulSet: no updateStrategy when not updating" {
+@test "server/StatefulSet: no updateStrategy" {
   cd `chart_dir`
   local actual=$(helm template \
       -x templates/server-statefulset.yaml  \
@@ -75,23 +76,6 @@ load _helpers
   [ "${actual}" = "null" ]
 }
 
-@test "server/StatefulSet: updateStrategy during update" {
-  cd `chart_dir`
-  local actual=$(helm template \
-      -x templates/server-statefulset.yaml  \
-      --set 'server.updatePartition=2' \
-      . | tee /dev/stderr |
-      yq -r '.spec.updateStrategy.type' | tee /dev/stderr)
-  [ "${actual}" = "RollingUpdate" ]
-
-  local actual=$(helm template \
-      -x templates/server-statefulset.yaml  \
-      --set 'server.updatePartition=2' \
-      . | tee /dev/stderr |
-      yq -r '.spec.updateStrategy.rollingUpdate.partition' | tee /dev/stderr)
-  [ "${actual}" = "2" ]
-}
-
 #--------------------------------------------------------------------
 # extraVolumes
 
@@ -128,7 +112,7 @@ load _helpers
 
   local actual=$(echo $object |
       yq -r '.mountPath' | tee /dev/stderr)
-  [ "${actual}" = "/consul/userconfig/foo" ]
+  [ "${actual}" = "/vault/userconfig/foo" ]
 
   # Doesn't load it
   local actual=$(helm template \
@@ -173,7 +157,7 @@ load _helpers
 
   local actual=$(echo $object |
       yq -r '.mountPath' | tee /dev/stderr)
-  [ "${actual}" = "/consul/userconfig/foo" ]
+  [ "${actual}" = "/vault/userconfig/foo" ]
 
   # Doesn't load it
   local actual=$(helm template \
@@ -193,7 +177,7 @@ load _helpers
       --set 'server.extraVolumes[0].name=foo' \
       --set 'server.extraVolumes[0].load=true' \
       . | tee /dev/stderr |
-      yq -r '.spec.template.spec.containers[0].command | map(select(test("/consul/userconfig/foo"))) | length' | tee /dev/stderr)
+      yq -r '.spec.template.spec.containers[0].command | map(select(test("/vault/userconfig/foo"))) | length' | tee /dev/stderr)
   [ "${actual}" = "1" ]
 }
 
@@ -219,4 +203,3 @@ load _helpers
       yq -r '.spec.volumeClaimTemplates[0].spec.storageClassName' | tee /dev/stderr)
   [ "${actual}" = "foo" ]
 }
-

values.yaml

@@ -70,7 +70,7 @@ server:
   extraVolumes: []
     # - type: secret (or "configMap")
     #   name: my-secret
-    #   load: false # if true, will add to `-config-dir` to load by Vault
+    #   load: false # if true, will add to `-config` to load by Vault
 
 serverHA:
   enabled: false
@@ -121,6 +121,14 @@ serverHA:
       crypto_key  = "vault-init"
     }
 
+  # extraVolumes is a list of extra volumes to mount. These will be exposed
+  # to Vault in the path `/vault/userconfig/<name>/`. The value below is
+  # an array of objects, examples are shown below.
+  extraVolumes: []
+    # - type: secret (or "configMap")
+    #   name: my-secret
+    #   load: false # if true, will add to `-config` to load by Vault
+
 # Configuration for DNS configuration within the Kubernetes cluster.
 # This creates a service that routes to all agents (client or server)
 # for serving DNS requests. This DOES NOT automatically configure kube-dns