Michal.Wrobel/openbao-helm
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

don't set VAULT_DEV_ROOT_TOKEN_ID by default in dev mode (#415)

Browse source 
* don't set VAULT_DEV_ROOT_TOKEN_ID by default in dev mode

* don't template environment variables that no longer exist

* fix tests after removing VAULT_DEV_ROOT_TOKEN_ID env variable

* removed a typo

* allow overriding VAULT_DEV_ROOT_TOKEN_ID in dev mode

* correct ambiguous description

* don't set default values in templates for visibility, update tests and set uncomment devRootToken in values.yaml

* Update devRootToken description
This commit is contained in:
Piotr Hryszko 2020-12-07 15:09:38 +00:00 committed by GitHub
parent a8c1b4b0c5
commit e2b609817f
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 43 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
templates/_helpers.tpl
View file

@ -131,7 +131,7 @@ Set's additional environment variables based on the mode.
{{- define "vault.envs" -}} {{- define "vault.envs" -}}
{{ if eq .mode "dev" }} {{ if eq .mode "dev" }}
- name: VAULT_DEV_ROOT_TOKEN_ID - name: VAULT_DEV_ROOT_TOKEN_ID
value: "root" value: {{ .Values.server.dev.devRootToken }}
{{ end }} {{ end }}
{{- end -}} {{- end -}}

40
test/unit/server-dev-statefulset.bats
View file

@ -235,6 +235,44 @@ load _helpers
[ "${actual}" = "null" ] [ "${actual}" = "null" ]
} }
#--------------------------------------------------------------------
# devRootToken
@test "server/dev-StatefulSet: set default devRootToken" {
cd `chart_dir`
local object=$(helm template \
--show-only templates/server-statefulset.yaml \
--set 'server.dev.enabled=true' \
. | tee /dev/stderr |
yq -r '.spec.template.spec.containers[0].env' | tee /dev/stderr)
local actual=$(echo $object |
yq -r '.[11].name' | tee /dev/stderr)
[ "${actual}" = "VAULT_DEV_ROOT_TOKEN_ID" ]
local actual=$(echo $object |
yq -r '.[11].value' | tee /dev/stderr)
[ "${actual}" = "root" ]
}
@test "server/dev-StatefulSet: set custom devRootToken" {
cd `chart_dir`
local object=$(helm template \
--show-only templates/server-statefulset.yaml \
--set 'server.dev.enabled=true' \
--set 'server.dev.devRootToken=customtoken' \
. | tee /dev/stderr |
yq -r '.spec.template.spec.containers[0].env' | tee /dev/stderr)
local actual=$(echo $object |
yq -r '.[11].name' | tee /dev/stderr)
[ "${actual}" = "VAULT_DEV_ROOT_TOKEN_ID" ]
local actual=$(echo $object |
yq -r '.[11].value' | tee /dev/stderr)
[ "${actual}" = "customtoken" ]
}
#-------------------------------------------------------------------- #--------------------------------------------------------------------
# extraEnvironmentVars # extraEnvironmentVars
@ -249,7 +287,7 @@ load _helpers
yq -r '.spec.template.spec.containers[0].env' | tee /dev/stderr) yq -r '.spec.template.spec.containers[0].env' | tee /dev/stderr)
local actual=$(echo $object | local actual=$(echo $object |
yq -r '.[12].name' | tee /dev/stderr) yq -r '.[12].name' | tee /dev/stderr)
[ "${actual}" = "FOO" ] [ "${actual}" = "FOO" ]
local actual=$(echo $object | local actual=$(echo $object |

3
values.yaml
View file

@ -417,6 +417,9 @@ server:
dev: dev:
enabled: false enabled: false
# Set VAULT_DEV_ROOT_TOKEN_ID value
devRootToken: "root"
# Run Vault in "standalone" mode. This is the default mode that will deploy if # Run Vault in "standalone" mode. This is the default mode that will deploy if
# no arguments are given to helm. This requires a PVC for data storage to use # no arguments are given to helm. This requires a PVC for data storage to use
# the "file" backend. This mode is not highly available and should not be scaled # the "file" backend. This mode is not highly available and should not be scaled