Skip to content

Commit

Permalink
remove 'service' property layer
Browse files Browse the repository at this point in the history
  • Loading branch information
andrewazores committed Nov 22, 2024
1 parent f9ca038 commit 6743730
Show file tree
Hide file tree
Showing 14 changed files with 43 additions and 53 deletions.
18 changes: 9 additions & 9 deletions charts/cryostat/README.md

Large diffs are not rendered by default.

4 changes: 2 additions & 2 deletions charts/cryostat/templates/NOTES.txt
Original file line number Diff line number Diff line change
Expand Up @@ -39,7 +39,7 @@
kubectl -n {{ .Release.Namespace }} wait --for=condition=available --timeout=60s deploy/{{ include "cryostat.deploymentName" . }}

export SVC_NAME=$(kubectl get services -n {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "cryostat.name" . }},app.kubernetes.io/instance={{ .Release.Name }},app.kubernetes.io/component=cryostat" --sort-by=.metadata.creationTimestamp -o jsonpath="{.items[-1:].metadata.name}")
{{- if or .Values.authentication.openshift.enabled .Values.oauth2Proxy.service.tls.selfSigned.enabled }}
{{- if or .Values.authentication.openshift.enabled .Values.oauth2Proxy.tls.selfSigned.enabled }}
kubectl -n {{ .Release.Namespace }} port-forward svc/$SVC_NAME 8443:https
{{- else }}
kubectl -n {{ .Release.Namespace }} port-forward svc/$SVC_NAME 8080:http
Expand All @@ -63,6 +63,6 @@
{{- else if contains "LoadBalancer" .Values.core.service.type }}
echo http://$SERVICE_IP:{{ .Values.core.service.httpPort }}
{{- else if contains "ClusterIP" .Values.core.service.type }}
{{ ternary "https" "http" (or .Values.authentication.openshift.enabled .Values.oauth2Proxy.service.tls.selfSigned.enabled) }}://localhost:{{ ternary "8443" "8080" (or .Values.authentication.openshift.enabled .Values.oauth2Proxy.service.tls.selfSigned.enabled) }}
{{ ternary "https" "http" (or .Values.authentication.openshift.enabled .Values.oauth2Proxy.tls.selfSigned.enabled) }}://localhost:{{ ternary "8443" "8080" (or .Values.authentication.openshift.enabled .Values.oauth2Proxy.tls.selfSigned.enabled) }}
{{- end }}
```
2 changes: 1 addition & 1 deletion charts/cryostat/templates/_oauth2Proxy.tpl
Original file line number Diff line number Diff line change
Expand Up @@ -47,7 +47,7 @@ Create OAuth2 Proxy container. Configurations defined in alpha_config.yaml
mountPath: /etc/oauth2_proxy/basicauth
readOnly: true
{{- end }}
{{- if .Values.oauth2Proxy.service.tls.selfSigned.enabled }}
{{- if .Values.oauth2Proxy.tls.selfSigned.enabled }}
- name: {{ .Release.Name }}-oauth2proxy-tls
mountPath: /etc/tls/private
{{- end }}
Expand Down
2 changes: 1 addition & 1 deletion charts/cryostat/templates/alpha_config.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ data:
alpha_config.yaml: |-
server:
BindAddress: http://0.0.0.0:4180
{{- if .Values.oauth2Proxy.service.tls.selfSigned.enabled }}
{{- if .Values.oauth2Proxy.tls.selfSigned.enabled }}
SecureBindAddress: https://0.0.0.0:8443
TLS:
Key:
Expand Down
2 changes: 1 addition & 1 deletion charts/cryostat/templates/cryostat_deployment.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -204,7 +204,7 @@ spec:
- name: {{ .Release.Name }}-proxy-tls
secret:
secretName: {{ .Release.Name }}-proxy-tls
{{- else if .Values.oauth2Proxy.service.tls.selfSigned.enabled }}
{{- else if .Values.oauth2Proxy.tls.selfSigned.enabled }}
- name: {{ .Release.Name }}-oauth2proxy-tls
secret:
secretName: {{ .Release.Name }}-oauth2proxy-tls
Expand Down
2 changes: 1 addition & 1 deletion charts/cryostat/templates/cryostat_service.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ spec:
protocol: TCP
name: http
appProtocol: http
{{- if or (.Values.authentication.openshift).enabled .Values.oauth2Proxy.service.tls.selfSigned.enabled }}
{{- if or (.Values.authentication.openshift).enabled .Values.oauth2Proxy.tls.selfSigned.enabled }}
- port: 443
targetPort: 8443
protocol: TCP
Expand Down
2 changes: 1 addition & 1 deletion charts/cryostat/templates/cryostat_tls_secret.yaml
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
{{- if (and (not (.Values.authentication.openshift).enabled) (.Values.oauth2Proxy.service.tls.selfSigned.enabled)) }}
{{- if (and (not (.Values.authentication.openshift).enabled) (.Values.oauth2Proxy.tls.selfSigned.enabled)) }}
{{- $fullName := include "cryostat.fullname" . }}
{{- $cert := genSelfSignedCert $fullName nil nil 365 }}
apiVersion: v1
Expand Down
2 changes: 1 addition & 1 deletion charts/cryostat/tests/alpha_config_test.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,7 @@ tests:

- it: should create configmap with correct alpha configurations when self-signed TLS is enabled
set:
oauth2Proxy.service.tls.selfSigned.enabled: true
oauth2Proxy.tls.selfSigned.enabled: true
asserts:
- matchRegex:
path: data['alpha_config.yaml']
Expand Down
2 changes: 1 addition & 1 deletion charts/cryostat/tests/cryostat_deployment_test.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -414,7 +414,7 @@ tests:

- it: should validate volumes and volume mounts with oauth2-proxy self-signed TLS enabled
set:
oauth2Proxy.service.tls.selfSigned.enabled: true
oauth2Proxy.tls.selfSigned.enabled: true
asserts:
- lengthEqual:
count: 2
Expand Down
2 changes: 1 addition & 1 deletion charts/cryostat/tests/cryostat_service_test.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -136,7 +136,7 @@ tests:

- it: should create a Service with the correct settings when oauth2-proxy self-signed TLS is enabled
set:
oauth2Proxy.service.tls.selfSigned.enabled: true
oauth2Proxy.tls.selfSigned.enabled: true
asserts:
- hasDocuments:
count: 1
Expand Down
18 changes: 8 additions & 10 deletions charts/cryostat/tests/cryostat_tls_secret_test.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -3,13 +3,12 @@ templates:
- cryostat_tls_secret.yaml

tests:
- it: should create a TLS cert secret if oauth2Proxy.service.tls.selfSigned.enabled is set
- it: should create a TLS cert secret if oauth2Proxy.tls.selfSigned.enabled is set
set:
oauth2Proxy:
service:
tls:
selfSigned:
enabled: true
tls:
selfSigned:
enabled: true
asserts:
- hasDocuments:
count: 1
Expand All @@ -36,13 +35,12 @@ tests:
app.kubernetes.io/version: 4.0.0-dev
helm.sh/chart: cryostat-2.0.0-dev

- it: should not create a TLS cert secret if oauth2Proxy.service.tls.selfSigned.enabled is not set
- it: should not create a TLS cert secret if oauth2Proxy.tls.selfSigned.enabled is not set
set:
oauth2Proxy:
service:
tls:
selfSigned:
enabled: false
tls:
selfSigned:
enabled: false
asserts:
- hasDocuments:
count: 0
14 changes: 6 additions & 8 deletions charts/cryostat/tests/notes_test.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -110,10 +110,9 @@ tests:
- it: should render correct notes for ClusterIP service without ingress or route and TLS enabled
set:
oauth2Proxy:
service:
tls:
selfSigned:
enabled: true
tls:
selfSigned:
enabled: true
asserts:
- equalRaw:
value: |
Expand All @@ -139,10 +138,9 @@ tests:
- it: should render correct notes for ClusterIP service without ingress or route and TLS disabled
set:
oauth2Proxy:
service:
tls:
selfSigned:
enabled: false
tls:
selfSigned:
enabled: false
asserts:
- equalRaw:
value: |
Expand Down
17 changes: 6 additions & 11 deletions charts/cryostat/values.schema.json
Original file line number Diff line number Diff line change
Expand Up @@ -739,21 +739,16 @@
}
}
},
"service": {
"tls": {
"type": "object",
"properties": {
"tls": {
"selfSigned": {
"type": "object",
"properties": {
"selfSigned": {
"type": "object",
"properties": {
"enabled": {
"type": "boolean",
"description": "Whether a self-signed TLS certificate for oauth2-proxy HTTPS is generated and used.",
"default": false
}
}
"enabled": {
"type": "boolean",
"description": "Whether a self-signed TLS certificate for oauth2-proxy HTTPS is generated and used.",
"default": false
}
}
}
Expand Down
9 changes: 4 additions & 5 deletions charts/cryostat/values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -267,11 +267,10 @@ oauth2Proxy:
pullPolicy: Always
## @param oauth2Proxy.image.tag Tag for the OAuth2 Proxy container image
tag: "latest"
service:
tls:
selfSigned:
## @param oauth2Proxy.service.tls.selfSigned.enabled Whether a self-signed TLS certificate for oauth2-proxy HTTPS is generated and used.
enabled: false
tls:
selfSigned:
## @param oauth2Proxy.tls.selfSigned.enabled Whether a self-signed TLS certificate for oauth2-proxy HTTPS is generated and used.
enabled: false
resources:
requests:
## @param oauth2Proxy.resources.requests.cpu CPU resource request for the OAuth2 Proxy container.
Expand Down

0 comments on commit 6743730

Please sign in to comment.