From faf5a84c5e9e9dd18d4ba6b914b37e356c6022ab Mon Sep 17 00:00:00 2001 From: Shahbaz Nazir Date: Thu, 21 Nov 2019 20:07:41 +0100 Subject: [PATCH] Add possibility to run sidecars with vault (#87) * Add extra containers * fix template * add unit tests * resolve conflicts * remove duplicate docs * fix unit tests --- templates/server-statefulset.yaml | 3 ++ test/unit/server-statefulset.bats | 81 +++++++++++++++++++++++++++++++ values.yaml | 4 ++ 3 files changed, 88 insertions(+) diff --git a/templates/server-statefulset.yaml b/templates/server-statefulset.yaml index 6c672999e..f391ea147 100644 --- a/templates/server-statefulset.yaml +++ b/templates/server-statefulset.yaml @@ -99,6 +99,9 @@ spec: periodSeconds: 3 successThreshold: 1 timeoutSeconds: 5 + {{- if .Values.server.extraContainers }} + {{ toYaml .Values.server.extraContainers | nindent 8}} + {{- end }} lifecycle: # Vault container doesn't receive SIGTERM from Kubernetes # and after the grace period ends, Kube sends SIGKILL. This diff --git a/test/unit/server-statefulset.bats b/test/unit/server-statefulset.bats index e16fc8ec1..f9eff95ef 100755 --- a/test/unit/server-statefulset.bats +++ b/test/unit/server-statefulset.bats @@ -568,6 +568,87 @@ load _helpers } #-------------------------------------------------------------------- +# extraContainers + +@test "server/standalone-StatefulSet: adds extra containers" { + cd `chart_dir` + + # Test that it defines it + local object=$(helm template \ + -x templates/server-statefulset.yaml \ + --set 'server.extraContainers[0].image=test-image' \ + --set 'server.extraContainers[0].name=test-container' \ + --set 'server.extraContainers[0].ports[0].name=test-port' \ + --set 'server.extraContainers[0].ports[0].containerPort=9410' \ + --set 'server.extraContainers[0].ports[0].protocol=TCP' \ + --set 'server.extraContainers[0].env[0].name=TEST_ENV' \ + --set 'server.extraContainers[0].env[0].value=test_env_value' \ + . | tee /dev/stderr | + yq -r '.spec.template.spec.containers[] | select(.name == "test-container")' | tee /dev/stderr) + + local actual=$(echo $object | + yq -r '.name' | tee /dev/stderr) + [ "${actual}" = "test-container" ] + + local actual=$(echo $object | + yq -r '.image' | tee /dev/stderr) + [ "${actual}" = "test-image" ] + + local actual=$(echo $object | + yq -r '.ports[0].name' | tee /dev/stderr) + [ "${actual}" = "test-port" ] + + local actual=$(echo $object | + yq -r '.ports[0].containerPort' | tee /dev/stderr) + [ "${actual}" = "9410" ] + + local actual=$(echo $object | + yq -r '.ports[0].protocol' | tee /dev/stderr) + [ "${actual}" = "TCP" ] + + local actual=$(echo $object | + yq -r '.env[0].name' | tee /dev/stderr) + [ "${actual}" = "TEST_ENV" ] + + local actual=$(echo $object | + yq -r '.env[0].value' | tee /dev/stderr) + [ "${actual}" = "test_env_value" ] + +} + +@test "server/standalone-StatefulSet: add two extra containers" { + cd `chart_dir` + + # Test that it defines it + local object=$(helm template \ + -x templates/server-statefulset.yaml \ + --set 'server.extraContainers[0].image=test-image' \ + --set 'server.extraContainers[0].name=test-container' \ + --set 'server.extraContainers[1].image=test-image' \ + --set 'server.extraContainers[1].name=test-container-2' \ + . | tee /dev/stderr | + yq -r '.spec.template.spec.containers' | tee /dev/stderr) + + local containers_count=$(echo $object | + yq -r 'length' | tee /dev/stderr) + [ "${containers_count}" = 3 ] + +} + +@test "server/standalone-StatefulSet: no extra containers added" { + cd `chart_dir` + + # Test that it defines it + local object=$(helm template \ + -x templates/server-statefulset.yaml \ + . | tee /dev/stderr | + yq -r '.spec.template.spec.containers' | tee /dev/stderr) + + local containers_count=$(echo $object | + yq -r 'length' | tee /dev/stderr) + [ "${containers_count}" = 1 ] +} + # extra labels @test "server/standalone-StatefulSet: specify extraLabels" { diff --git a/values.yaml b/values.yaml index 06b196bdc..fc404d3ef 100644 --- a/values.yaml +++ b/values.yaml @@ -54,6 +54,10 @@ server: # method. https://www.vaultproject.io/docs/auth/kubernetes.html authDelegator: enabled: false + + # extraContainers is a list of sidecar containers. Specified as a raw YAML string. + extraContainers: null + # extraEnvironmentVars is a list of extra enviroment variables to set with the stateful set. These could be # used to include variables required for auto-unseal.