Issue 629: updated to allow customization of the CLUSTER_ADDR the same… (#709)

* Issue #629 Updates to allow customization of the CLUSTER_ADDR and unit tests to go with it * Issue-#629 removing extra whitespace I added accidently. * Issue-#629 fixing extra whitespace added. * Update values.yaml Co-authored-by: Joaco Muleiro Beltran <joaquinmuleirobeltran@gmail.com> * Issue #629 adding changelog Co-authored-by: Joaco Muleiro Beltran <joaquinmuleirobeltran@gmail.com>
2022-04-14 15:16:39 -07:00 · 2022-04-14 15:16:39 -07:00 · 87e456754b
commit 87e456754b
parent 4ae52c8bd3
4 changed files with 56 additions and 1 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -11,6 +11,7 @@ Improvements:
 * CSI: Set `extraLabels` for daemonset, pods, and service account [GH-690](https://github.com/hashicorp/vault-helm/pull/690)
 * Add namespace to injector-leader-elector role, rolebinding and secret [GH-683](https://github.com/hashicorp/vault-helm/pull/683)
 * Support policy/v1 PodDisruptionBudget in Kubernetes 1.21+ for server and injector [GH-710](https://github.com/hashicorp/vault-helm/pull/710)
+* Make the Cluster Address (CLUSTER_ADDR) configurable [GH-629](https://github.com/hashicorp/vault-helm/pull/709)

 ## 0.19.0 (January 20th, 2022)

--- a/templates/server-statefulset.yaml
+++ b/templates/server-statefulset.yaml
@ -109,7 +109,11 @@ spec:
                fieldRef:
                  fieldPath: metadata.name
            - name: VAULT_CLUSTER_ADDR
+              {{- if .Values.server.ha.clusterAddr }}
+              value: {{ .Values.server.ha.clusterAddr }}
+              {{- else }}
              value: "https://$(HOSTNAME).{{ template "vault.fullname" . }}-internal:8201"
+              {{- end }}
            {{- if and (eq (.Values.server.ha.raft.enabled | toString) "true") (eq (.Values.server.ha.raft.setNodeId | toString) "true") }}
            - name: VAULT_RAFT_NODE_ID
              valueFrom:
--- a/test/unit/server-ha-statefulset.bats
+++ b/test/unit/server-ha-statefulset.bats
@ -417,7 +417,7 @@ load _helpers
 #--------------------------------------------------------------------
 # VAULT_CLUSTER_ADDR renders

-@test "server/ha-StatefulSet: cluster addr renders" {
+@test "server/ha-StatefulSet: clusterAddr not set" {
  cd `chart_dir`
  local object=$(helm template \
      --show-only templates/server-statefulset.yaml  \
@ -431,6 +431,51 @@ load _helpers
  [ "${value}" = 'https://$(HOSTNAME).release-name-vault-internal:8201' ]
 }

+@test "server/ha-StatefulSet: clusterAddr set to null" {
+  cd `chart_dir`
+  local object=$(helm template \
+      --show-only templates/server-statefulset.yaml  \
+      --set 'server.ha.enabled=true' \
+      --set 'server.ha.raft.enabled=true' \
+       --set 'server.ha.clusterAddr=null' \
+      . | tee /dev/stderr |
+      yq -r '.spec.template.spec.containers[0].env' | tee /dev/stderr)
+
+  local value=$(echo $object |
+      yq -r 'map(select(.name=="VAULT_CLUSTER_ADDR")) | .[] .value' | tee /dev/stderr)
+  [ "${value}" = 'https://$(HOSTNAME).release-name-vault-internal:8201' ]
+}
+
+@test "server/ha-StatefulSet: clusterAddr set to custom url" {
+  cd `chart_dir`
+  local object=$(helm template \
+      --show-only templates/server-statefulset.yaml  \
+      --set 'server.ha.enabled=true' \
+      --set 'server.ha.raft.enabled=true' \
+       --set 'server.ha.clusterAddr=https://test.example.com:8201' \
+      . | tee /dev/stderr |
+      yq -r '.spec.template.spec.containers[0].env' | tee /dev/stderr)
+
+  local value=$(echo $object |
+      yq -r 'map(select(.name=="VAULT_CLUSTER_ADDR")) | .[] .value' | tee /dev/stderr)
+  [ "${value}" = 'https://test.example.com:8201' ]
+}
+
+@test "server/ha-StatefulSet: clusterAddr set to custom url with environment variable" {
+  cd `chart_dir`
+  local object=$(helm template \
+      --show-only templates/server-statefulset.yaml  \
+      --set 'server.ha.enabled=true' \
+      --set 'server.ha.raft.enabled=true' \
+       --set 'server.ha.clusterAddr=http://$(HOSTNAME).release-name-vault-internal:8201' \
+      . | tee /dev/stderr |
+      yq -r '.spec.template.spec.containers[0].env' | tee /dev/stderr)
+
+  local value=$(echo $object |
+      yq -r 'map(select(.name=="VAULT_CLUSTER_ADDR")) | .[] .value' | tee /dev/stderr)
+  [ "${value}" = 'http://$(HOSTNAME).release-name-vault-internal:8201' ]
+}
+
 #--------------------------------------------------------------------
 # VAULT_RAFT_NODE_ID renders

--- a/values.yaml
+++ b/values.yaml
@ -680,6 +680,11 @@ server:
    # If set to null, this will be set to the Pod IP Address
    apiAddr: null

+    # Set the cluster_addr confuguration for Vault HA
+    # See https://www.vaultproject.io/docs/configuration#cluster_addr
+    # If set to null, this will be set to https://$(HOSTNAME).{{ template "vault.fullname" . }}-internal:8201
+    clusterAddr: null
+
    # Enables Vault's integrated Raft storage.  Unlike the typical HA modes where
    # Vault's persistence is external (such as Consul), enabling Raft mode will create
    # persistent volumes for Vault to store data according to the configuration under server.dataStorage.