Michal.Wrobel/openbao-helm
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Allow both yaml and multi-line string annotations (#272)

Browse source 
Changed/added helper functions to detect if the annotations value
is a string or yaml, and apply `tpl` or `toYaml`
accordingly. Defaults are left as `{}` since yaml is more likely
to be used with helm on the command line. This means a warning
will be shown when setting an annotation to a multi-line
string (which has been the existing behavior).
This commit is contained in:
Theron Voran 2020-04-27 08:28:50 -07:00 committed by GitHub
parent 7880c3b973
commit e09de0dc63
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
13 changed files with 175 additions and 27 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

34
templates/_helpers.tpl
View file

@ -264,7 +264,12 @@ Sets extra pod annotations
{{- define "vault.annotations" -}}
{{- if and (ne .mode "dev") .Values.server.annotations }}
annotations:
{{- $tp := typeOf .Values.server.annotations }}
{{- if eq $tp "string" }}
{{- tpl .Values.server.annotations . | nindent 8 }}
{{- else }}
{{- toYaml .Values.server.annotations | nindent 8 }}
{{- end }}
{{- end }}
{{- end -}}
@ -274,7 +279,12 @@ Sets extra ui service annotations
{{- define "vault.ui.annotations" -}}
{{- if .Values.ui.annotations }}
annotations:
{{- $tp := typeOf .Values.ui.annotations }}
{{- if eq $tp "string" }}
{{- tpl .Values.ui.annotations . | nindent 4 }}
{{- else }}
{{- toYaml .Values.ui.annotations | nindent 4 }}
{{- end }}
{{- end }}
{{- end -}}
@ -284,7 +294,12 @@ Sets extra service account annotations
{{- define "vault.serviceAccount.annotations" -}}
{{- if and (ne .mode "dev") .Values.server.serviceAccount.annotations }}
annotations:
{{- $tp := typeOf .Values.server.serviceAccount.annotations }}
{{- if eq $tp "string" }}
{{- tpl .Values.server.serviceAccount.annotations . | nindent 4 }}
{{- else }}
{{- toYaml .Values.server.serviceAccount.annotations | nindent 4 }}
{{- end }}
{{- end }}
{{- end -}}
@ -294,7 +309,26 @@ Sets extra ingress annotations
{{- define "vault.ingress.annotations" -}}
{{- if .Values.server.ingress.annotations }}
annotations:
{{- $tp := typeOf .Values.server.ingress.annotations }}
{{- if eq $tp "string" }}
{{- tpl .Values.server.ingress.annotations . | nindent 4 }}
{{- else }}
{{- toYaml .Values.server.ingress.annotations | nindent 4 }}
{{- end }}
{{- end }}
{{- end -}}
{{/*
Sets extra vault server Service annotations
*/}}
{{- define "vault.service.annotations" -}}
{{- if .Values.server.service.annotations }}
{{- $tp := typeOf .Values.server.service.annotations }}
{{- if eq $tp "string" }}
{{- tpl .Values.server.service.annotations . | nindent 4 }}
{{- else }}
{{- toYaml .Values.server.service.annotations | nindent 4 }}
{{- end }}
{{- end }}
{{- end -}}

4
templates/server-ha-active-service.yaml
View file

@ -13,9 +13,7 @@ metadata:
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
annotations:
{{- if .Values.server.service.annotations }}
{{ tpl .Values.server.service.annotations . | indent 4 }}
{{- end }}
{{ template "vault.service.annotations" .}}
spec:
type: ClusterIP
publishNotReadyAddresses: true

4
templates/server-ha-standby-service.yaml
View file

@ -13,9 +13,7 @@ metadata:
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
annotations:
{{- if .Values.server.service.annotations }}
{{ tpl .Values.server.service.annotations . | indent 4 }}
{{- end }}
{{ template "vault.service.annotations" .}}
spec:
type: ClusterIP
publishNotReadyAddresses: true

4
templates/server-headless-service.yaml
View file

@ -14,9 +14,7 @@ metadata:
app.kubernetes.io/managed-by: {{ .Release.Service }}
annotations:
service.alpha.kubernetes.io/tolerate-unready-endpoints: "true"
{{- if .Values.server.service.annotations }}
{{ tpl .Values.server.service.annotations . | indent 4 }}
{{- end }}
{{ template "vault.service.annotations" .}}
spec:
clusterIP: None
publishNotReadyAddresses: true

4
templates/server-service.yaml
View file

@ -17,9 +17,7 @@ metadata:
# to an open issue where it may not work:
# https://github.com/kubernetes/kubernetes/issues/58662
service.alpha.kubernetes.io/tolerate-unready-endpoints: "true"
{{- if .Values.server.service.annotations }}
{{ tpl .Values.server.service.annotations . | indent 4 }}
{{- end }}
{{ template "vault.service.annotations" .}}
spec:
{{- if .Values.server.service.type}}
type: {{ .Values.server.service.type }}

46
test/acceptance/server-annotations.bats Normal file
View file

@ -0,0 +1,46 @@
#!/usr/bin/env bats
load _helpers
@test "server/annotations: testing yaml and yaml-formatted string formats" {
cd `chart_dir`
kubectl delete namespace acceptance --ignore-not-found=true
kubectl create namespace acceptance
kubectl config set-context --current --namespace=acceptance
helm install "$(name_prefix)" -f ./test/acceptance/server-test/annotations-overrides.yaml .
wait_for_running $(name_prefix)-0
# service annotations
local awesome=$(kubectl get service "$(name_prefix)" --output json |
jq -r '.metadata.annotations.active')
[ "${awesome}" == "sometimes" ]
local pickMe=$(kubectl get service "$(name_prefix)" --output json |
jq -r '.metadata.annotations.pickMe')
[ "${pickMe}" == "please" ]
local environment=$(kubectl get statefulset "$(name_prefix)" --output json |
jq -r '.spec.template.metadata.annotations.environment')
[ "${environment}" == "production" ]
local milk=$(kubectl get statefulset "$(name_prefix)" --output json |
jq -r '.spec.template.metadata.annotations.milk')
[ "${milk}" == "oat" ]
local myName=$(kubectl get statefulset "$(name_prefix)" --output json |
jq -r '.spec.template.metadata.annotations.myName')
[ "${myName}" == "$(name_prefix)" ]
}
# Clean up
teardown() {
if [[ ${CLEANUP:-true} == "true" ]]
then
echo "helm/pvc teardown"
helm delete $(name_prefix)
kubectl delete --all pvc
kubectl delete namespace acceptance --ignore-not-found=true
fi
}

9
test/acceptance/server-test/annotations-overrides.yaml Normal file
View file

@ -0,0 +1,9 @@
server:
annotations: |
environment: production
milk: oat
myName: "{{ .Release.Name }}"
service:
annotations:
active: sometimes
pickMe: please

13
test/unit/server-ha-standby-service.bats
View file

@ -2,7 +2,7 @@
load _helpers
@test "server/ha-standby-Service: generic annotations" {
@test "server/ha-standby-Service: generic annotations string" {
cd `chart_dir`
local actual=$(helm template \
--show-only templates/server-ha-standby-service.yaml \
@ -12,3 +12,14 @@ load _helpers
yq -r '.metadata.annotations["vaultIsAwesome"]' | tee /dev/stderr)
[ "${actual}" = "true" ]
}
@test "server/ha-standby-Service: generic annotations yaml" {
cd `chart_dir`
local actual=$(helm template \
--show-only templates/server-ha-standby-service.yaml \
--set 'server.ha.enabled=true' \
--set 'server.service.annotations.vaultIsAwesome=true' \
. | tee /dev/stderr |
yq -r '.metadata.annotations["vaultIsAwesome"]' | tee /dev/stderr)
[ "${actual}" = "true" ]
}

14
test/unit/server-ingress.bats
View file

@ -70,7 +70,7 @@ load _helpers
[ "${actual}" = "external" ]
}
@test "server/ingress: annotations added to object" {
@test "server/ingress: annotations added to object - string" {
cd `chart_dir`
local actual=$(helm template \
@ -81,3 +81,15 @@ load _helpers
yq -r '.metadata.annotations["kubernetes.io/ingress.class"]' | tee /dev/stderr)
[ "${actual}" = "nginx" ]
}
@test "server/ingress: annotations added to object - yaml" {
cd `chart_dir`
local actual=$(helm template \
--show-only templates/server-ingress.yaml \
--set 'server.ingress.enabled=true' \
--set server.ingress.annotations."kubernetes\.io/ingress\.class"=nginx \
. | tee /dev/stderr |
yq -r '.metadata.annotations["kubernetes.io/ingress.class"]' | tee /dev/stderr)
[ "${actual}" = "nginx" ]
}

8
test/unit/server-serviceaccount.bats
View file

@ -20,6 +20,14 @@ load _helpers
yq -r '.metadata.annotations["foo"]' | tee /dev/stderr)
[ "${actual}" = "bar" ]
local actual=$(helm template \
--show-only templates/server-serviceaccount.yaml \
--set 'server.ha.enabled=true' \
--set 'server.serviceAccount.annotations.foo=bar' \
. | tee /dev/stderr |
yq -r '.metadata.annotations["foo"]' | tee /dev/stderr)
[ "${actual}" = "bar" ]
local actual=$(helm template \
--show-only templates/server-serviceaccount.yaml \
--set 'server.ha.enabled=true' \

22
test/unit/server-statefulset.bats
View file

@ -936,3 +936,25 @@ load _helpers
yq -r '.spec.template.spec.containers[0].ports | map(select(.containerPort==8202)) | .[] .name' | tee /dev/stderr)
[ "${actual}" = "https-rep" ]
}
#--------------------------------------------------------------------
# annotations
@test "server/standalone-StatefulSet: generic annotations string" {
cd `chart_dir`
local actual=$(helm template \
--show-only templates/server-statefulset.yaml \
--set 'server.annotations=vaultIsAwesome: true' \
. | tee /dev/stderr |
yq -r '.spec.template.metadata.annotations["vaultIsAwesome"]' | tee /dev/stderr)
[ "${actual}" = "true" ]
}
@test "server/ha-standby-Service: generic annotations yaml" {
cd `chart_dir`
local actual=$(helm template \
--show-only templates/server-statefulset.yaml \
--set 'server.annotations.vaultIsAwesome=true' \
. | tee /dev/stderr |
yq -r '.spec.template.metadata.annotations["vaultIsAwesome"]' | tee /dev/stderr)
[ "${actual}" = "true" ]
}

10
test/unit/ui-service.bats
View file

@ -205,6 +205,16 @@ load _helpers
yq -r '.metadata.annotations["foo"]' | tee /dev/stderr)
[ "${actual}" = "bar" ]
local actual=$(helm template \
--show-only templates/ui-service.yaml \
--set 'server.ha.enabled=true' \
--set 'ui.serviceType=LoadBalancer' \
--set 'ui.enabled=true' \
--set 'ui.annotations.foo=bar' \
. | tee /dev/stderr |
yq -r '.metadata.annotations["foo"]' | tee /dev/stderr)
[ "${actual}" = "bar" ]
local actual=$(helm template \
--show-only templates/ui-service.yaml \
--set 'server.ha.enabled=true' \

22
values.yaml
View file

@ -137,6 +137,9 @@ server:
# |
# kubernetes.io/ingress.class: nginx
# kubernetes.io/tls-acme: "true"
# or
# kubernetes.io/ingress.class: nginx
# kubernetes.io/tls-acme: "true"
hosts:
- host: chart-example.local
paths: []
@ -230,8 +233,8 @@ server:
extraLabels: {}
# Extra annotations to attach to the server pods
# This should be a multi-line string mapping directly to the a map of
# the annotations to apply to the server pods
# This can either be YAML or a YAML-formatted multi-line templated string map
# of the annotations to apply to the server pods
annotations: {}
# Enables a headless service to be used by the Vault Statefulset
@ -257,8 +260,9 @@ server:
port: 8200
# Target port to which the service should be mapped to
targetPort: 8200
# Extra annotations for the service definition. This should be a multi-line
# string formatted as a map of the annotations to apply to the service.
# Extra annotations for the service definition. This can either be YAML or a
# YAML-formatted multi-line templated string map of the annotations to apply
# to the service.
annotations: {}
# This configures the Vault Statefulset to create a PVC for data
@ -400,9 +404,9 @@ server:
# Definition of the serviceAccount used to run Vault.
serviceAccount:
# Extra annotations for the serviceAccount definition. This should be a
# multi-line string formatted as a map of the annotations to apply to the
# serviceAccount.
# Extra annotations for the serviceAccount definition. This can either be
# YAML or a YAML-formatted multi-line templated string map of the
# annotations to apply to the serviceAccount.
annotations: {}
# Vault UI
@ -424,6 +428,6 @@ ui:
# loadBalancerIP:
# Extra annotations to attach to the ui service
# This should be a multi-line string mapping directly to the a map of
# the annotations to apply to the ui service
# This can either be YAML or a YAML-formatted multi-line templated string map
# of the annotations to apply to the ui service
annotations: {}