Skip to content
This repository has been archived by the owner on Sep 27, 2024. It is now read-only.

Commit

Permalink
- Fixes SA logic. Sets explicit SA creation (Required if customer has…
Browse files Browse the repository at this point in the history
… existing SA)

- Adds Vault Params (Implements full capabilities) (resolves #68)
- Fixes Redis Values, Didn't pass lint (Fixed)
  • Loading branch information
a-ryoo committed Oct 10, 2023
1 parent 326b5d5 commit 8a0d8ba
Show file tree
Hide file tree
Showing 8 changed files with 23 additions and 9 deletions.
2 changes: 1 addition & 1 deletion .github/workflows/release.yml
Original file line number Diff line number Diff line change
Expand Up @@ -26,4 +26,4 @@ jobs:
password: ${{ secrets.ARTIFACTORY_PASS }}
repoName: allure-testops
chart: charts/allure-testops
version: 4.14.2
version: 4.14.3
2 changes: 1 addition & 1 deletion charts/allure-testops/Chart.yaml
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
apiVersion: v2
name: allure-testops
version: 4.14.2
version: 4.14.3
appVersion: 4.21.0

description: Allure TestOps
Expand Down
2 changes: 1 addition & 1 deletion charts/allure-testops/templates/allure/gateway-dep.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -169,7 +169,7 @@ spec:
{{- if .Values.vault.enabled }}
volumeMounts:
- name: vault-creds
mountPath: "/mnt/secrets-store"
mountPath: "{{ .Values.vault.mountPath }}"
readOnly: true
volumes:
- name: vault-creds
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -209,7 +209,7 @@ spec:
{{- end }}
{{- if .Values.vault.enabled }}
- name: vault-creds
mountPath: "/mnt/secrets-store"
mountPath: "{{ .Values.vault.mountPath }}"
readOnly: true
{{- end }}
{{- if .Values.postgresql.external.pgbouncer.enabled }}
Expand Down
5 changes: 3 additions & 2 deletions charts/allure-testops/templates/allure/uaa-dep.yaml
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
---
apiVersion: apps/v1
kind: Deployment
metadata:
Expand Down Expand Up @@ -278,15 +279,15 @@ spec:
{{- if .Values.vault.enabled }}
volumeMounts:
- name: vault-creds
mountPath: "/mnt/secrets-store"
mountPath: "{{ .Values.vault.mountPath }}"
readOnly: true
{{- if .Values.postgresql.external.pgbouncer.enabled }}
- name: pgbouncer
image: {{ .Values.postgresql.external.pgbouncer.image | quote }}
imagePullPolicy: {{ .Values.registry.pullPolicy }}
volumeMounts:
- name: vault-creds
mountPath: "/mnt/secrets-store"
mountPath: "{{ .Values.vault.mountPath }}"
readOnly: true
lifecycle:
preStop:
Expand Down
3 changes: 2 additions & 1 deletion charts/allure-testops/templates/infra/serviceaccount.yaml
Original file line number Diff line number Diff line change
@@ -1,4 +1,5 @@
{{- if .Values.rbac.enabled -}}
{{- if and .Values.rbac.enabled .Values.rbac.serviceAccountCreate }}
---
apiVersion: v1
kind: ServiceAccount
metadata:
Expand Down
7 changes: 7 additions & 0 deletions charts/allure-testops/templates/infra/vault.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -47,6 +47,13 @@ spec:
- objectName: "smtpPassword"
key: "smtpPassword"
parameters:
{{- if .Values.vault.url }}
vaultAddress: {{ .Values.vault.url }}
vaultSkipTLSVerify: {{ .Values.vault.skipTLSVerify }}
{{- end }}
{{- if .Values.vault.kubernetesMountPath }}
vaultKubernetesMountPath: {{ .Values.vault.kubernetesMountPath }}
{{- end }}
roleName: "{{ .Values.vault.roleName }}"
objects: |
- objectName: "cryptoPass"
Expand Down
9 changes: 7 additions & 2 deletions charts/allure-testops/values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -151,7 +151,7 @@ redis:
password: allure
master:
service:

annotations: {}
persistence:
enabled: false
size: 32Gi
Expand Down Expand Up @@ -310,10 +310,14 @@ smtp:
vault:
enabled: false
secretName: vault-secret
vaultAddress: "http://vault.vault.svc.cluster.local:8200"
url: "http://vault.vault.svc.cluster.local:8200"
skipTLSVerify: false
# Path where the k8s authentication backend is mounted in Vault
kubernetesMountPath: my-cluster
roleName: testops
secretPath: secret/data/testops-credentials
smtpPath: secret/data/smtp-credentials
mountPath: /mnt/secrets-store

allure:
# No Settings from this helm chart will be applied except ENV. (For internal use)
Expand Down Expand Up @@ -561,6 +565,7 @@ monitoring:
rbac:
enabled: true
serviceAccountName: allure-testops-sa
serviceAccountCreate: true
rules:
- apiGroups:
- ''
Expand Down

0 comments on commit 8a0d8ba

Please sign in to comment.