56 lines
1.8 KiB
YAML
56 lines
1.8 KiB
YAML
{{/*
|
|
Copyright (c) HashiCorp, Inc.
|
|
SPDX-License-Identifier: MPL-2.0
|
|
*/}}
|
|
|
|
{{ template "openbao.mode" . }}
|
|
{{- if ne .mode "external" }}
|
|
{{- if .serverEnabled -}}
|
|
apiVersion: v1
|
|
kind: Pod
|
|
metadata:
|
|
name: {{ template "openbao.fullname" . }}-server-test
|
|
namespace: {{ include "openbao.namespace" . }}
|
|
annotations:
|
|
"helm.sh/hook": test
|
|
spec:
|
|
{{- include "imagePullSecrets" . | nindent 2 }}
|
|
containers:
|
|
- name: {{ .Release.Name }}-server-test
|
|
image: {{ .Values.server.image.registry | default "docker.io" }}/{{ .Values.server.image.repository }}:{{ .Values.server.image.tag | default "latest" }}
|
|
imagePullPolicy: {{ .Values.server.image.pullPolicy }}
|
|
env:
|
|
- name: VAULT_ADDR
|
|
value: {{ include "openbao.scheme" . }}://{{ template "openbao.fullname" . }}.{{ include "openbao.namespace" . }}.svc:{{ .Values.server.service.port }}
|
|
{{- include "openbao.extraEnvironmentVars" .Values.server | nindent 8 }}
|
|
command:
|
|
- /bin/sh
|
|
- -c
|
|
- |
|
|
echo "Checking for sealed info in 'bao status' output"
|
|
ATTEMPTS=10
|
|
n=0
|
|
until [ "$n" -ge $ATTEMPTS ]
|
|
do
|
|
echo "Attempt" $n...
|
|
bao status -format yaml | grep -E '^sealed: (true|false)' && break
|
|
n=$((n+1))
|
|
sleep 5
|
|
done
|
|
if [ $n -ge $ATTEMPTS ]; then
|
|
echo "timed out looking for sealed info in 'bao status' output"
|
|
exit 1
|
|
fi
|
|
|
|
exit 0
|
|
volumeMounts:
|
|
{{- if .Values.server.volumeMounts }}
|
|
{{- toYaml .Values.server.volumeMounts | nindent 8}}
|
|
{{- end }}
|
|
volumes:
|
|
{{- if .Values.server.volumes }}
|
|
{{- toYaml .Values.server.volumes | nindent 4}}
|
|
{{- end }}
|
|
restartPolicy: Never
|
|
{{- end }}
|
|
{{- end }}
|