Michal.Wrobel/openbao-helm
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Allow overriding VAULT_API_ADDR (#290)

Browse source
This commit is contained in:
Yong Wen Chua 2020-07-14 22:09:43 +08:00 committed by GitHub
parent ef7df3da77
commit 85b52694f7
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 47 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
templates/server-statefulset.yaml
View file

@ -87,7 +87,11 @@ spec:
- name: VAULT_ADDR - name: VAULT_ADDR
value: "{{ include "vault.scheme" . }}://127.0.0.1:8200" value: "{{ include "vault.scheme" . }}://127.0.0.1:8200"
- name: VAULT_API_ADDR - name: VAULT_API_ADDR
{{- if .Values.server.ha.apiAddr }}
value: {{ .Values.server.ha.apiAddr }}
{{- else }}
value: "{{ include "vault.scheme" . }}://$(POD_IP):8200" value: "{{ include "vault.scheme" . }}://$(POD_IP):8200"
{{- end }}
- name: SKIP_CHOWN - name: SKIP_CHOWN
value: "true" value: "true"
- name: SKIP_SETCAP - name: SKIP_SETCAP

38
test/unit/server-ha-statefulset.bats
View file

@ -403,6 +403,44 @@ load _helpers
[ "${actual}" = "secret_key_1" ] [ "${actual}" = "secret_key_1" ]
} }
#--------------------------------------------------------------------
# VAULT_API_ADDR renders
@test "server/ha-StatefulSet: api addr renders to Pod IP by default" {
cd `chart_dir`
local object=$(helm template \
--show-only templates/server-statefulset.yaml \
--set 'server.ha.enabled=true' \
. | tee /dev/stderr |
yq -r '.spec.template.spec.containers[0].env' | tee /dev/stderr)
local actual=$(echo $object |
yq -r '.[5].name' | tee /dev/stderr)
[ "${actual}" = "VAULT_API_ADDR" ]
local actual=$(echo $object |
yq -r '.[5].value' | tee /dev/stderr)
[ "${actual}" = 'http://$(POD_IP):8200' ]
}
@test "server/ha-StatefulSet: api addr can be overriden" {
cd `chart_dir`
local object=$(helm template \
--show-only templates/server-statefulset.yaml \
--set 'server.ha.enabled=true' \
--set 'server.ha.apiAddr="https://example.com:8200"' \
. | tee /dev/stderr |
yq -r '.spec.template.spec.containers[0].env' | tee /dev/stderr)
local actual=$(echo $object |
yq -r '.[5].name' | tee /dev/stderr)
[ "${actual}" = "VAULT_API_ADDR" ]
local actual=$(echo $object |
yq -r '.[5].value' | tee /dev/stderr)
[ "${actual}" = 'https://example.com:8200' ]
}
#-------------------------------------------------------------------- #--------------------------------------------------------------------
# VAULT_CLUSTER_ADDR renders # VAULT_CLUSTER_ADDR renders

5
values.yaml
View file

@ -387,6 +387,11 @@ server:
enabled: false enabled: false
replicas: 3 replicas: 3
# Set the api_addr configuration for Vault HA
# See https://www.vaultproject.io/docs/configuration#api_addr
# If set to null, this will be set to the Pod IP Address
apiAddr: null
# Enables Vault's integrated Raft storage. Unlike the typical HA modes where # Enables Vault's integrated Raft storage. Unlike the typical HA modes where
# Vault's persistence is external (such as Consul), enabling Raft mode will create # Vault's persistence is external (such as Consul), enabling Raft mode will create
# persistent volumes for Vault to store data according to the configuration under server.dataStorage. # persistent volumes for Vault to store data according to the configuration under server.dataStorage.