From 615fae3a0f00582bb00f2ff390213a282d1a253d Mon Sep 17 00:00:00 2001 From: Chinmaya <1096515+chinmaya-n@users.noreply.github.com> Date: Wed, 24 Apr 2024 16:00:57 -0400 Subject: [PATCH] Fix secrets usage and files cleanup --- .gitignore | 1 + 1.0.0/index.yaml | 38 ------------------- 1.0.1/index.yaml | 38 ------------------- 1.0.2/index.yaml | 38 ------------------- charts/maildev/Chart.yaml | 2 +- charts/maildev/templates/_helpers.tpl | 11 ++++++ charts/maildev/templates/deployment.yaml | 38 ++++++++----------- .../templates/oauth2_proxy/secret.yaml | 13 +++++++ .../templates/smtp/incoming-secret.yaml | 4 +- .../templates/smtp/outgoing-secret.yaml | 4 +- charts/maildev/templates/smtp/service.yaml | 8 ++-- charts/maildev/templates/web/secret.yaml | 4 +- charts/maildev/values.schema.json | 32 ++++++++++++++++ charts/maildev/values.yaml | 19 ++++++++++ 14 files changed, 106 insertions(+), 144 deletions(-) delete mode 100644 1.0.0/index.yaml delete mode 100644 1.0.1/index.yaml delete mode 100644 1.0.2/index.yaml create mode 100644 charts/maildev/templates/oauth2_proxy/secret.yaml diff --git a/.gitignore b/.gitignore index 44c9271..de3064d 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,3 @@ /.idea/ /.cr-release-packages/ +temp \ No newline at end of file diff --git a/1.0.0/index.yaml b/1.0.0/index.yaml deleted file mode 100644 index e970b13..0000000 --- a/1.0.0/index.yaml +++ /dev/null @@ -1,38 +0,0 @@ -apiVersion: v1 -entries: - maildev: - - annotations: - artifacthub.io/changes: | - - kind: changed - description: image version to 2.1.0 - artifacthub.io/screenshots: | - - title: SMTP server & web interface for viewing and testing emails during development. - url: https://maildev.github.io/maildev/assets/img/original/maildev-light.png - - title: Resizable viewport to test your emails at different sizes. - url: https://maildev.github.io/maildev/assets/img/original/responsive.png - - title: View email HTML, plain text, headers or raw source. - url: https://maildev.github.io/maildev/assets/img/original/formats.png - - title: Convenient search feature to quickly find any email. - url: https://maildev.github.io/maildev/assets/img/original/search.png - - title: View your emails in an eye-friendly dark interface. - url: https://maildev.github.io/maildev/assets/img/original/maildev-dark.png - apiVersion: v2 - appVersion: 2.1.0 - - description: MailDev is a simple way to test your emails during development with - an easy to use web interface. - home: https://github.com/OIT-SET/maildev-helm - - maintainers: - - email: chent1@ohio.edu - name: chent1 - name: maildev - sources: - - https://maildev.github.io/maildev - - https://github.com/maildev/maildev - - https://hub.docker.com/r/maildev/maildev - type: application - version: 1.0.0 - urls: - - https://github.com/OIT-SET/maildev-helm/releases/download/maildev-1.0.0/maildev-1.0.0.tgz -generated: "2023-08-02T15:10:08.192276-04:00" \ No newline at end of file diff --git a/1.0.1/index.yaml b/1.0.1/index.yaml deleted file mode 100644 index ed9c514..0000000 --- a/1.0.1/index.yaml +++ /dev/null @@ -1,38 +0,0 @@ -apiVersion: v1 -entries: - maildev: - - annotations: - artifacthub.io/changes: | - - kind: changed - description: image version to 2.1.0 - artifacthub.io/screenshots: | - - title: SMTP server & web interface for viewing and testing emails during development. - url: https://maildev.github.io/maildev/assets/img/original/maildev-light.png - - title: Resizable viewport to test your emails at different sizes. - url: https://maildev.github.io/maildev/assets/img/original/responsive.png - - title: View email HTML, plain text, headers or raw source. - url: https://maildev.github.io/maildev/assets/img/original/formats.png - - title: Convenient search feature to quickly find any email. - url: https://maildev.github.io/maildev/assets/img/original/search.png - - title: View your emails in an eye-friendly dark interface. - url: https://maildev.github.io/maildev/assets/img/original/maildev-dark.png - apiVersion: v2 - appVersion: 2.1.0 - - description: MailDev is a simple way to test your emails during development with - an easy to use web interface. - home: https://github.com/OIT-SET/maildev-helm - - maintainers: - - email: chent1@ohio.edu - name: chent1 - name: maildev - sources: - - https://maildev.github.io/maildev - - https://github.com/maildev/maildev - - https://hub.docker.com/r/maildev/maildev - type: application - version: 1.0.1 - urls: - - https://github.com/OIT-SET/maildev-helm/releases/download/maildev-1.0.1/maildev-1.0.1.tgz -generated: "2023-08-15T15:10:08.192276-04:00" \ No newline at end of file diff --git a/1.0.2/index.yaml b/1.0.2/index.yaml deleted file mode 100644 index bbff338..0000000 --- a/1.0.2/index.yaml +++ /dev/null @@ -1,38 +0,0 @@ -apiVersion: v1 -entries: - maildev: - - annotations: - artifacthub.io/changes: | - - kind: changed - description: image version to 2.1.0 - artifacthub.io/screenshots: | - - title: SMTP server & web interface for viewing and testing emails during development. - url: https://maildev.github.io/maildev/assets/img/original/maildev-light.png - - title: Resizable viewport to test your emails at different sizes. - url: https://maildev.github.io/maildev/assets/img/original/responsive.png - - title: View email HTML, plain text, headers or raw source. - url: https://maildev.github.io/maildev/assets/img/original/formats.png - - title: Convenient search feature to quickly find any email. - url: https://maildev.github.io/maildev/assets/img/original/search.png - - title: View your emails in an eye-friendly dark interface. - url: https://maildev.github.io/maildev/assets/img/original/maildev-dark.png - apiVersion: v2 - appVersion: 2.1.0 - created: "2023-10-06T14:38:18.525587-04:00" - description: MailDev is a simple way to test your emails during development with - an easy to use web interface. - digest: bce00069a398ce5862a44b0348b652d9bd45f16bc951f419a276abb8ee7093bf - home: https://github.com/alluen/maildev-helm - maintainers: - - email: chent1@ohio.edu - name: chent1 - name: maildev - sources: - - https://maildev.github.io/maildev - - https://github.com/maildev/maildev - - https://hub.docker.com/r/maildev/maildev - type: application - version: 1.0.2 - urls: - - https://github.com/OIT-SET/maildev-helm/releases/download/maildev-1.0.2/maildev-1.0.2.tgz -generated: "2023-10-06T14:38:18.525618-04:00" \ No newline at end of file diff --git a/charts/maildev/Chart.yaml b/charts/maildev/Chart.yaml index f15e2aa..3565627 100644 --- a/charts/maildev/Chart.yaml +++ b/charts/maildev/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: maildev description: MailDev is a simple way to test your emails during development with an easy to use web interface. type: application -version: 1.0.5 +version: 1.1.0 appVersion: "2.1.0" home: https://github.com/alluen/maildev-helm maintainers: diff --git a/charts/maildev/templates/_helpers.tpl b/charts/maildev/templates/_helpers.tpl index eb217ce..4cb15fc 100644 --- a/charts/maildev/templates/_helpers.tpl +++ b/charts/maildev/templates/_helpers.tpl @@ -83,6 +83,17 @@ Get the name of the secret containing the web user password {{- end -}} {{- end -}} +{{/* +Get the name of the secret containing the oauth2_proxy config & credentials +*/}} +{{- define "maildev.oauth2_proxy.secretName" -}} + {{- if .Values.maildev.config.oauth2_proxy.existingSecret -}} + {{- printf "%s" .Values.maildev.config.oauth2_proxy.existingSecret -}} + {{- else -}} + {{- printf "%s" (include "maildev.fullname" .) -}}-oauth2-proxy + {{- end -}} +{{- end -}} + {{/* Get the name of the secret containing the password for the incoming SMTP traffic */}} diff --git a/charts/maildev/templates/deployment.yaml b/charts/maildev/templates/deployment.yaml index 0642e25..128c23e 100644 --- a/charts/maildev/templates/deployment.yaml +++ b/charts/maildev/templates/deployment.yaml @@ -61,8 +61,8 @@ spec: - "--verbose" {{- end }} env: - {{- if .Values.maildev.config.https.enabled }} # HTTPS Settings + {{- if .Values.maildev.config.https.enabled }} {{- if .Values.maildev.config.https.cert }} - name: MAILDEV_HTTPS_CERT value: {{ .Values.maildev.config.https.cert | quote }} @@ -82,9 +82,11 @@ spec: - name: MAILDEV_HIDE_EXTENSIONS value: {{ .Values.maildev.config.smtp.hideExtensions | quote }} {{- end }} + {{- if .Values.maildev.config.smtp.incoming.authRequired }} {{- if .Values.maildev.config.smtp.incoming.username }} - name: MAILDEV_INCOMING_USER value: {{ .Values.maildev.config.smtp.incoming.username | quote }} + {{- end }} - name: MAILDEV_INCOMING_PASS valueFrom: secretKeyRef: @@ -99,23 +101,23 @@ spec: - name: MAILDEV_OUTGOING_PORT value: {{ .Values.maildev.config.smtp.outgoing.port | quote }} {{- end }} - {{- if .Values.maildev.config.smtp.outgoing.host }} + {{- if .Values.maildev.config.smtp.outgoing.authRequired }} + {{- if .Values.maildev.config.smtp.outgoing.username }} + - name: MAILDEV_OUTGOING_USER + value: {{ .Values.maildev.config.smtp.outgoing.username | quote }} + {{- end }} - name: MAILDEV_OUTGOING_PASS valueFrom: secretKeyRef: name: {{ include "maildev.smtp.outgoing.secretName" . }} key: smtp-outgoing-password {{- end }} - {{- if .Values.maildev.config.smtp.outgoing.username }} - - name: MAILDEV_OUTGOING_USER - value: {{ .Values.maildev.config.smtp.outgoing.username | quote }} - {{- end }} - # Web Settingss + # Web Settings + {{- if .Values.maildev.config.web.authRequired }} {{- if .Values.maildev.config.web.username }} - name: MAILDEV_WEB_USER value: {{ .Values.maildev.config.web.username | quote }} {{- end }} - {{- if or .Values.maildev.config.web.password .Values.maildev.config.web.existingSecret }} - name: MAILDEV_WEB_PASS valueFrom: secretKeyRef: @@ -125,7 +127,7 @@ spec: - name: MAILDEV_WEB_PORT value: {{ .Values.services.web.port | quote }} {{- if .Values.extraEnv }} - ## Additional Setings + ## Additional Settings {{- range .Values.extraEnv }} {{- if and (.name) (.value) }} - name: {{ .name | quote }} @@ -188,17 +190,17 @@ spec: - name: OAUTH2_PROXY_CLIENT_SECRET valueFrom: secretKeyRef: - name: maildev-app-resource + name: {{ include "maildev.oauth2_proxy.secretName" . }} key: oauth2_proxy_client_secret - name: OAUTH2_PROXY_CLIENT_ID valueFrom: secretKeyRef: - name: maildev-app-resource + name: {{ include "maildev.oauth2_proxy.secretName" . }} key: oauth2_proxy_client_id - name: OAUTH2_PROXY_COOKIE_SECRET valueFrom: secretKeyRef: - name: maildev-app-resource + name: {{ include "maildev.oauth2_proxy.secretName" . }} key: oauth2_proxy_cookie_secret - name: OAUTH2_PROXY_EMAIL_DOMAINS value: ohio.edu @@ -207,15 +209,10 @@ spec: - name: OAUTH2_PROXY_OIDC_ISSUER_URL valueFrom: secretKeyRef: - name: oauth2-proxy-oidc-issuer-url + name: {{ include "maildev.oauth2_proxy.secretName" . }} key: oauth2_proxy_oidc_issuer_url - name: OAUTH2_PROXY_SESSION_COOKIE_MINIMAL value: "true" - volumeMounts: - - mountPath: /var/run/secrets/maildev-app-resource - name: secrets-maildev-app-resource - readOnly: true - resources: requests: cpu: 5m @@ -245,11 +242,6 @@ spec: timeoutSeconds: 2 {{- end }} volumes: - {{- if .Values.maildev.config.oauth2_proxy.enabled }} - - name: secrets-maildev-app-resource - secret: - secretName: maildev-app-resource - {{- end }} - name: data {{- if .Values.maildev.persistence.enabled }} persistentVolumeClaim: diff --git a/charts/maildev/templates/oauth2_proxy/secret.yaml b/charts/maildev/templates/oauth2_proxy/secret.yaml new file mode 100644 index 0000000..a0470a8 --- /dev/null +++ b/charts/maildev/templates/oauth2_proxy/secret.yaml @@ -0,0 +1,13 @@ +{{- if .Values.maildev.config.oauth2_proxy.enabled }} +{{- if (not .Values.maildev.config.oauth2_proxy.existingSecret) }} +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "maildev.oauth2_proxy.secretName" . }} +data: + oauth2_proxy_client_id: {{ .Values.maildev.config.oauth2_proxy.clientId | b64enc }} + oauth2_proxy_client_secret: {{ .Values.maildev.config.oauth2_proxy.clientSecret | b64enc }} + oauth2_proxy_cookie_secret: {{ .Values.maildev.config.oauth2_proxy.cookieSecret | b64enc }} + oauth2_proxy_oidc_issuer_url: {{ .Values.maildev.config.oauth2_proxy.oidcIssuerURL | b64enc }} +{{- end }} +{{- end }} diff --git a/charts/maildev/templates/smtp/incoming-secret.yaml b/charts/maildev/templates/smtp/incoming-secret.yaml index 25d8bd6..91bd7f5 100644 --- a/charts/maildev/templates/smtp/incoming-secret.yaml +++ b/charts/maildev/templates/smtp/incoming-secret.yaml @@ -1,4 +1,5 @@ -{{- if (not .Values.maildev.config.smtp.incoming.existingSecret) -}} +{{- if .Values.maildev.config.smtp.incoming.authRequired }} +{{- if (not .Values.maildev.config.smtp.incoming.existingSecret) }} apiVersion: v1 kind: Secret metadata: @@ -6,3 +7,4 @@ metadata: data: smtp-incoming-password: {{ .Values.maildev.config.smtp.incoming.password | b64enc }} {{- end }} +{{- end }} diff --git a/charts/maildev/templates/smtp/outgoing-secret.yaml b/charts/maildev/templates/smtp/outgoing-secret.yaml index f7a5405..c07365c 100644 --- a/charts/maildev/templates/smtp/outgoing-secret.yaml +++ b/charts/maildev/templates/smtp/outgoing-secret.yaml @@ -1,4 +1,5 @@ -{{- if (not .Values.maildev.config.smtp.outgoing.existingSecret) -}} +{{- if .Values.maildev.config.smtp.outgoing.authRequired }} +{{- if (not .Values.maildev.config.smtp.outgoing.existingSecret) }} apiVersion: v1 kind: Secret metadata: @@ -6,3 +7,4 @@ metadata: data: smtp-outgoing-password: {{ .Values.maildev.config.smtp.outgoing.password | b64enc }} {{- end }} +{{- end }} diff --git a/charts/maildev/templates/smtp/service.yaml b/charts/maildev/templates/smtp/service.yaml index daf527c..5779b08 100644 --- a/charts/maildev/templates/smtp/service.yaml +++ b/charts/maildev/templates/smtp/service.yaml @@ -11,8 +11,10 @@ spec: targetPort: smtp protocol: TCP name: smtp - {{ if and (eq .Values.services.smtp.type "NodePort") .Values.services.smtp.nodePort }} - nodePort: {{ .Values.services.smtp.nodePort }} - {{ end }} + {{- if (eq .Values.services.smtp.type "NodePort") }} + {{- if .Values.services.smtp.nodePort }} + nodePort: {{ .Values.services.smtp.nodePort }} + {{- end }} + {{- end }} selector: {{- include "maildev.selectorLabels" . | nindent 4 }} diff --git a/charts/maildev/templates/web/secret.yaml b/charts/maildev/templates/web/secret.yaml index 2c41f82..4bf43ba 100644 --- a/charts/maildev/templates/web/secret.yaml +++ b/charts/maildev/templates/web/secret.yaml @@ -1,4 +1,5 @@ -{{- if (not .Values.maildev.config.web.existingSecret) -}} +{{- if .Values.maildev.config.web.authRequired }} +{{- if (not .Values.maildev.config.web.existingSecret) }} apiVersion: v1 kind: Secret metadata: @@ -6,3 +7,4 @@ metadata: data: web-password: {{ .Values.maildev.config.web.password | b64enc }} {{- end }} +{{- end }} diff --git a/charts/maildev/values.schema.json b/charts/maildev/values.schema.json index 6a4266f..6406dae 100644 --- a/charts/maildev/values.schema.json +++ b/charts/maildev/values.schema.json @@ -139,6 +139,9 @@ "incoming": { "type": "object", "properties": { + "authRequired": { + "type": "boolean" + }, "existingSecret": { "type": "string" }, @@ -173,6 +176,9 @@ "host": { "type": "string" }, + "authRequired": { + "type": "boolean" + }, "password": { "type": "string" }, @@ -195,6 +201,9 @@ "disabled": { "type": "boolean" }, + "authRequired": { + "type": "boolean" + }, "existingSecret": { "type": "string" }, @@ -205,6 +214,29 @@ "type": "string" } } + }, + "oauth2_proxy": { + "type": "object", + "properties": { + "clientId": { + "type": "string" + }, + "clientSecret": { + "type": "string" + }, + "cookieSecret": { + "type": "string" + }, + "enabled": { + "type": "boolean" + }, + "existingSecret": { + "type": "string" + }, + "oidcIssuerURL": { + "type": "string" + } + } } } }, diff --git a/charts/maildev/values.yaml b/charts/maildev/values.yaml index c502853..de02059 100644 --- a/charts/maildev/values.yaml +++ b/charts/maildev/values.yaml @@ -144,6 +144,8 @@ maildev: # -- Comma separated list of SMTP extensions to NOT advertise (SMTPUTF8, PIPELINING, 8BITMIME) hideExtensions: "" incoming: + # -- If authentication is required for SMTP incoming mail + authRequired: false # -- Name of an existing secret containing the password for the incoming SMTP mail. If set `maildev.config.smtp.incoming.password` will be ignored. Key needs to be `smtp-incoming-password`. existingSecret: "" # -- SMTP password for incoming mail @@ -169,6 +171,8 @@ maildev: existingSecret: "" # -- SMTP host for outgoing mail host: "" + # -- If authentication is required for SMTP outgoing mail + authRequired: false # -- SMTP password for outgoing mail password: "" # -- SMTP port for outgoing mail @@ -180,6 +184,8 @@ maildev: web: # -- Disable the use of the web interface. Useful for unit testing disabled: false + # -- If Authentication is required for the GUI + authRequired: false # -- Name of an existing secret containing the password for the GUI. If set `maildev.config.web.password` will be ignored. Key needs to be `web-password`. existingSecret: "" # -- Password for the GUI @@ -187,7 +193,20 @@ maildev: # -- Username for the GUI username: "" oauth2_proxy: + # -- Enable OAuth2 Proxy for the web interface enabled: false + # -- Name of the existing secret containing the OAuth2 Proxy configuration. If set `maildev.config.oauth2_proxy.clientId`, + # `maildev.config.oauth2_proxy.clientSecret`, `maildev.config.oauth2_proxy.cookieSecret`, `maildev.config.oauth2_proxy.oidcIssuerURL` will be ignored. + # Keys in the secret need to be `oauth2_proxy_client_id`, `oauth2_proxy_client_secret`, `oauth2_proxy_cookie_secret`, `oauth2_proxy_oidc_issuer_url`. + existingSecret: "" + # -- clientId for OAuth2 Proxy + clientId: "" + # -- clientSecret for OAuth2 Proxy + clientSecret: "" + # -- cookieSecret for OAuth2 Proxy + cookieSecret: "" + # -- OIDC Issuer URL for OAuth2 Proxy + oidcIssuerURL: "" persistence: # -- Use a PVC to persist data enabled: false