diff --git a/templates/injector-deployment.yaml b/templates/injector-deployment.yaml index 594575f..ba606a9 100644 --- a/templates/injector-deployment.yaml +++ b/templates/injector-deployment.yaml @@ -53,7 +53,7 @@ spec: {{- end }} env: - name: AGENT_INJECT_LISTEN - value: ":8080" + value: {{ printf ":%v" .Values.injector.port }} - name: AGENT_INJECT_LOG_LEVEL value: {{ .Values.injector.logLevel | default "info" }} - name: AGENT_INJECT_VAULT_ADDR @@ -104,7 +104,7 @@ spec: livenessProbe: httpGet: path: /health/ready - port: 8080 + port: {{ .Values.injector.port }} scheme: HTTPS failureThreshold: 2 initialDelaySeconds: 5 @@ -114,7 +114,7 @@ spec: readinessProbe: httpGet: path: /health/ready - port: 8080 + port: {{ .Values.injector.port }} scheme: HTTPS failureThreshold: 2 initialDelaySeconds: 5 diff --git a/templates/injector-service.yaml b/templates/injector-service.yaml index 0e51727..73c5175 100644 --- a/templates/injector-service.yaml +++ b/templates/injector-service.yaml @@ -12,7 +12,7 @@ metadata: spec: ports: - port: 443 - targetPort: 8080 + targetPort: {{ .Values.injector.port }} selector: app.kubernetes.io/name: {{ include "vault.name" . }}-agent-injector app.kubernetes.io/instance: {{ .Release.Name }} diff --git a/test/unit/injector-deployment.bats b/test/unit/injector-deployment.bats index 133e279..895bec1 100755 --- a/test/unit/injector-deployment.bats +++ b/test/unit/injector-deployment.bats @@ -422,6 +422,42 @@ load _helpers [ "${actual}" = "bar" ] } +#-------------------------------------------------------------------- +# agent port + +@test "injector/deployment: default agentPort" { + cd `chart_dir` + local object=$(helm template \ + --show-only templates/injector-deployment.yaml \ + . | tee /dev/stderr | + yq -r '.spec.template.spec.containers[0].env' | tee /dev/stderr) + + local actual=$(echo $object | + yq -r '.[0].name' | tee /dev/stderr) + [ "${actual}" = "AGENT_INJECT_LISTEN" ] + + local actual=$(echo $object | + yq -r '.[0].value' | tee /dev/stderr) + [ "${actual}" = ":8080" ] +} + +@test "injector/deployment: custom agentPort" { + cd `chart_dir` + local object=$(helm template \ + --show-only templates/injector-deployment.yaml \ + --set 'injector.port=8443' \ + . | tee /dev/stderr | + yq -r '.spec.template.spec.containers[0].env' | tee /dev/stderr) + + local actual=$(echo $object | + yq -r '.[0].name' | tee /dev/stderr) + [ "${actual}" = "AGENT_INJECT_LISTEN" ] + + local actual=$(echo $object | + yq -r '.[0].value' | tee /dev/stderr) + [ "${actual}" = ":8443" ] +} + #-------------------------------------------------------------------- # affinity diff --git a/test/unit/injector-service.bats b/test/unit/injector-service.bats index f9d8722..ad48009 100755 --- a/test/unit/injector-service.bats +++ b/test/unit/injector-service.bats @@ -18,6 +18,25 @@ load _helpers [ "${actual}" = "true" ] } +@test "injector/Service: service with default port" { + cd `chart_dir` + local actual=$(helm template \ + --show-only templates/injector-service.yaml \ + . | tee /dev/stderr | + yq -r '.spec.ports[0].targetPort' | tee /dev/stderr) + [ "${actual}" = "8080" ] +} + +@test "injector/Service: service with custom port" { + cd `chart_dir` + local actual=$(helm template \ + --show-only templates/injector-service.yaml \ + --set 'injector.port=8443' \ + . | tee /dev/stderr | + yq -r '.spec.ports[0].targetPort' | tee /dev/stderr) + [ "${actual}" = "8443" ] +} + @test "injector/Service: disable with global.enabled false" { cd `chart_dir` local actual=$( (helm template \ diff --git a/values.yaml b/values.yaml index 89d713c..0d78e39 100644 --- a/values.yaml +++ b/values.yaml @@ -29,6 +29,9 @@ injector: replicas: 1 + # Configures the port the injector should listen on + port: 8080 + # If multiple replicas are specified, by default a leader-elector side-car # will be created so that only one injector attempts to create TLS certificates. leaderElector: