Issue 629: updated to allow customization of the CLUSTER_ADDR the same… (#709)

* Issue #629 Updates to allow customization of the CLUSTER_ADDR and unit tests to go with it

* Issue-#629 removing extra whitespace I added accidently.

* Issue-#629 fixing extra whitespace added.

* Update values.yaml

Co-authored-by: Joaco Muleiro Beltran <joaquinmuleirobeltran@gmail.com>

* Issue #629 adding changelog

Co-authored-by: Joaco Muleiro Beltran <joaquinmuleirobeltran@gmail.com>
This commit is contained in:
Stephen Herd 2022-04-14 15:16:39 -07:00 committed by GitHub
parent 4ae52c8bd3
commit 87e456754b
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
4 changed files with 56 additions and 1 deletions

View file

@ -11,6 +11,7 @@ Improvements:
* CSI: Set `extraLabels` for daemonset, pods, and service account [GH-690](https://github.com/hashicorp/vault-helm/pull/690)
* Add namespace to injector-leader-elector role, rolebinding and secret [GH-683](https://github.com/hashicorp/vault-helm/pull/683)
* Support policy/v1 PodDisruptionBudget in Kubernetes 1.21+ for server and injector [GH-710](https://github.com/hashicorp/vault-helm/pull/710)
* Make the Cluster Address (CLUSTER_ADDR) configurable [GH-629](https://github.com/hashicorp/vault-helm/pull/709)
## 0.19.0 (January 20th, 2022)

View file

@ -109,7 +109,11 @@ spec:
fieldRef:
fieldPath: metadata.name
- name: VAULT_CLUSTER_ADDR
{{- if .Values.server.ha.clusterAddr }}
value: {{ .Values.server.ha.clusterAddr }}
{{- else }}
value: "https://$(HOSTNAME).{{ template "vault.fullname" . }}-internal:8201"
{{- end }}
{{- if and (eq (.Values.server.ha.raft.enabled | toString) "true") (eq (.Values.server.ha.raft.setNodeId | toString) "true") }}
- name: VAULT_RAFT_NODE_ID
valueFrom:

View file

@ -417,7 +417,7 @@ load _helpers
#--------------------------------------------------------------------
# VAULT_CLUSTER_ADDR renders
@test "server/ha-StatefulSet: cluster addr renders" {
@test "server/ha-StatefulSet: clusterAddr not set" {
cd `chart_dir`
local object=$(helm template \
--show-only templates/server-statefulset.yaml \
@ -431,6 +431,51 @@ load _helpers
[ "${value}" = 'https://$(HOSTNAME).release-name-vault-internal:8201' ]
}
@test "server/ha-StatefulSet: clusterAddr set to null" {
cd `chart_dir`
local object=$(helm template \
--show-only templates/server-statefulset.yaml \
--set 'server.ha.enabled=true' \
--set 'server.ha.raft.enabled=true' \
--set 'server.ha.clusterAddr=null' \
. | tee /dev/stderr |
yq -r '.spec.template.spec.containers[0].env' | tee /dev/stderr)
local value=$(echo $object |
yq -r 'map(select(.name=="VAULT_CLUSTER_ADDR")) | .[] .value' | tee /dev/stderr)
[ "${value}" = 'https://$(HOSTNAME).release-name-vault-internal:8201' ]
}
@test "server/ha-StatefulSet: clusterAddr set to custom url" {
cd `chart_dir`
local object=$(helm template \
--show-only templates/server-statefulset.yaml \
--set 'server.ha.enabled=true' \
--set 'server.ha.raft.enabled=true' \
--set 'server.ha.clusterAddr=https://test.example.com:8201' \
. | tee /dev/stderr |
yq -r '.spec.template.spec.containers[0].env' | tee /dev/stderr)
local value=$(echo $object |
yq -r 'map(select(.name=="VAULT_CLUSTER_ADDR")) | .[] .value' | tee /dev/stderr)
[ "${value}" = 'https://test.example.com:8201' ]
}
@test "server/ha-StatefulSet: clusterAddr set to custom url with environment variable" {
cd `chart_dir`
local object=$(helm template \
--show-only templates/server-statefulset.yaml \
--set 'server.ha.enabled=true' \
--set 'server.ha.raft.enabled=true' \
--set 'server.ha.clusterAddr=http://$(HOSTNAME).release-name-vault-internal:8201' \
. | tee /dev/stderr |
yq -r '.spec.template.spec.containers[0].env' | tee /dev/stderr)
local value=$(echo $object |
yq -r 'map(select(.name=="VAULT_CLUSTER_ADDR")) | .[] .value' | tee /dev/stderr)
[ "${value}" = 'http://$(HOSTNAME).release-name-vault-internal:8201' ]
}
#--------------------------------------------------------------------
# VAULT_RAFT_NODE_ID renders

View file

@ -680,6 +680,11 @@ server:
# If set to null, this will be set to the Pod IP Address
apiAddr: null
# Set the cluster_addr confuguration for Vault HA
# See https://www.vaultproject.io/docs/configuration#cluster_addr
# If set to null, this will be set to https://$(HOSTNAME).{{ template "vault.fullname" . }}-internal:8201
clusterAddr: null
# Enables Vault's integrated Raft storage. Unlike the typical HA modes where
# Vault's persistence is external (such as Consul), enabling Raft mode will create
# persistent volumes for Vault to store data according to the configuration under server.dataStorage.