diff --git a/charts/consul/templates/terminating-gateways-deployment.yaml b/charts/consul/templates/terminating-gateways-deployment.yaml index 4924614711..421914230e 100644 --- a/charts/consul/templates/terminating-gateways-deployment.yaml +++ b/charts/consul/templates/terminating-gateways-deployment.yaml @@ -24,7 +24,7 @@ apiVersion: apps/v1 kind: Deployment metadata: - name: {{ template "consul.fullname" $root }}-{{ .name }} + name: {{ template "consul.fullname" $root }}-{{ .name }}-terminating-gateway namespace: {{ $root.Release.Namespace }} labels: app: {{ template "consul.name" $root }} @@ -32,7 +32,7 @@ metadata: heritage: {{ $root.Release.Service }} release: {{ $root.Release.Name }} component: terminating-gateway - terminating-gateway-name: {{ template "consul.fullname" $root }}-{{ .name }} + terminating-gateway-name: {{ template "consul.fullname" $root }}-{{ .name }}-terminating-gateway spec: replicas: {{ default $defaults.replicas .replicas }} selector: @@ -42,7 +42,7 @@ spec: heritage: {{ $root.Release.Service }} release: {{ $root.Release.Name }} component: terminating-gateway - terminating-gateway-name: {{ template "consul.fullname" $root }}-{{ .name }} + terminating-gateway-name: {{ template "consul.fullname" $root }}-{{ .name }}-terminating-gateway template: metadata: labels: @@ -51,7 +51,7 @@ spec: heritage: {{ $root.Release.Service }} release: {{ $root.Release.Name }} component: terminating-gateway - terminating-gateway-name: {{ template "consul.fullname" $root }}-{{ .name }} + terminating-gateway-name: {{ template "consul.fullname" $root }}-{{ .name }}-terminating-gateway annotations: {{- if (and $root.Values.global.secretsBackend.vault.enabled $root.Values.global.tls.enabled) }} "vault.hashicorp.com/agent-init-first": "true" diff --git a/charts/consul/templates/terminating-gateways-podsecuritypolicy.yaml b/charts/consul/templates/terminating-gateways-podsecuritypolicy.yaml index 97ad2af961..611cd65abd 100644 --- a/charts/consul/templates/terminating-gateways-podsecuritypolicy.yaml +++ b/charts/consul/templates/terminating-gateways-podsecuritypolicy.yaml @@ -4,7 +4,7 @@ apiVersion: policy/v1beta1 kind: PodSecurityPolicy metadata: - name: {{ template "consul.fullname" $root }}-{{ .name }} + name: {{ template "consul.fullname" $root }}-{{ .name }}-terminating-gateway namespace: {{ $root.Release.Namespace }} labels: app: {{ template "consul.name" $root }} @@ -12,7 +12,7 @@ metadata: heritage: {{ $root.Release.Service }} release: {{ $root.Release.Name }} component: terminating-gateway - terminating-gateway-name: {{ template "consul.fullname" $root }}-{{ .name }} + terminating-gateway-name: {{ template "consul.fullname" $root }}-{{ .name }}-terminating-gateway spec: privileged: false # Required to prevent escalations to root. diff --git a/charts/consul/templates/terminating-gateways-role.yaml b/charts/consul/templates/terminating-gateways-role.yaml index 8852ffb90e..9108bd121b 100644 --- a/charts/consul/templates/terminating-gateways-role.yaml +++ b/charts/consul/templates/terminating-gateways-role.yaml @@ -7,7 +7,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: - name: {{ template "consul.fullname" $root }}-{{ .name }} + name: {{ template "consul.fullname" $root }}-{{ .name }}-terminating-gateway namespace: {{ $root.Release.Namespace }} labels: app: {{ template "consul.name" $root }} @@ -15,14 +15,14 @@ metadata: heritage: {{ $root.Release.Service }} release: {{ $root.Release.Name }} component: terminating-gateway - terminating-gateway-name: {{ template "consul.fullname" $root }}-{{ .name }} + terminating-gateway-name: {{ template "consul.fullname" $root }}-{{ .name }}-terminating-gateway {{- if (or $root.Values.global.acls.manageSystemACLs $root.Values.global.enablePodSecurityPolicies) }} rules: {{- if $root.Values.global.enablePodSecurityPolicies }} - apiGroups: ["policy"] resources: ["podsecuritypolicies"] resourceNames: - - {{ template "consul.fullname" $root }}-{{ .name }} + - {{ template "consul.fullname" $root }}-{{ .name }}-terminating-gateway verbs: - use {{- end }} diff --git a/charts/consul/templates/terminating-gateways-rolebinding.yaml b/charts/consul/templates/terminating-gateways-rolebinding.yaml index 4271f8f59c..397a753b01 100644 --- a/charts/consul/templates/terminating-gateways-rolebinding.yaml +++ b/charts/consul/templates/terminating-gateways-rolebinding.yaml @@ -4,7 +4,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: - name: {{ template "consul.fullname" $root }}-{{ .name }} + name: {{ template "consul.fullname" $root }}-{{ .name }}-terminating-gateway namespace: {{ $root.Release.Namespace }} labels: app: {{ template "consul.name" $root }} @@ -12,14 +12,14 @@ metadata: heritage: {{ $root.Release.Service }} release: {{ $root.Release.Name }} component: terminating-gateway - terminating-gateway-name: {{ template "consul.fullname" $root }}-{{ .name }} + terminating-gateway-name: {{ template "consul.fullname" $root }}-{{ .name }}-terminating-gateway roleRef: apiGroup: rbac.authorization.k8s.io kind: Role - name: {{ template "consul.fullname" $root }}-{{ .name }} + name: {{ template "consul.fullname" $root }}-{{ .name }}-terminating-gateway subjects: - kind: ServiceAccount - name: {{ template "consul.fullname" $root }}-{{ .name }} + name: {{ template "consul.fullname" $root }}-{{ .name }}-terminating-gateway namespace: {{ $root.Release.Namespace }} --- {{- end }} diff --git a/charts/consul/templates/terminating-gateways-serviceaccount.yaml b/charts/consul/templates/terminating-gateways-serviceaccount.yaml index 421740744d..38a79f361c 100644 --- a/charts/consul/templates/terminating-gateways-serviceaccount.yaml +++ b/charts/consul/templates/terminating-gateways-serviceaccount.yaml @@ -14,7 +14,7 @@ metadata: heritage: {{ $root.Release.Service }} release: {{ $root.Release.Name }} component: terminating-gateway - terminating-gateway-name: {{ template "consul.fullname" $root }}-{{ .name }} + terminating-gateway-name: {{ template "consul.fullname" $root }}-{{ .name }}-terminating-gateway {{- if (or $defaults.serviceAccount.annotations $serviceAccount.annotations) }} annotations: {{- if $defaults.serviceAccount.annotations }} diff --git a/charts/consul/test/unit/terminating-gateways-deployment.bats b/charts/consul/test/unit/terminating-gateways-deployment.bats index b2c96aa526..d59452c954 100644 --- a/charts/consul/test/unit/terminating-gateways-deployment.bats +++ b/charts/consul/test/unit/terminating-gateways-deployment.bats @@ -22,7 +22,7 @@ load _helpers [ "${actual}" = "true" ] local actual=$(echo $object | yq -r '.metadata.name' | tee /dev/stderr) - [ "${actual}" = "RELEASE-NAME-consul-terminating-gateway" ] + [ "${actual}" = "RELEASE-NAME-consul-terminating-gateway-terminating-gateway" ] } @test "terminatingGateways/Deployment: Adds consul service volumeMount to gateway container" { @@ -1406,10 +1406,10 @@ EOF yq -s -r '.' | tee /dev/stderr) local actual=$(echo $object | yq -r '.[0].metadata.name' | tee /dev/stderr) - [ "${actual}" = "RELEASE-NAME-consul-gateway1" ] + [ "${actual}" = "RELEASE-NAME-consul-gateway1-terminating-gateway" ] local actual=$(echo $object | yq -r '.[1].metadata.name' | tee /dev/stderr) - [ "${actual}" = "RELEASE-NAME-consul-gateway2" ] + [ "${actual}" = "RELEASE-NAME-consul-gateway2-terminating-gateway" ] local actual=$(echo $object | yq '.[0] | length > 0' | tee /dev/stderr) [ "${actual}" = "true" ] diff --git a/charts/consul/test/unit/terminating-gateways-podsecuritypolicy.bats b/charts/consul/test/unit/terminating-gateways-podsecuritypolicy.bats index b8595f8e60..e5f684039a 100644 --- a/charts/consul/test/unit/terminating-gateways-podsecuritypolicy.bats +++ b/charts/consul/test/unit/terminating-gateways-podsecuritypolicy.bats @@ -43,8 +43,8 @@ load _helpers [ "${actual}" = "false" ] local actual=$(echo $object | yq -r '.[0].metadata.name' | tee /dev/stderr) - [ "${actual}" = "RELEASE-NAME-consul-gateway1" ] + [ "${actual}" = "RELEASE-NAME-consul-gateway1-terminating-gateway" ] local actual=$(echo $object | yq -r '.[1].metadata.name' | tee /dev/stderr) - [ "${actual}" = "RELEASE-NAME-consul-gateway2" ] + [ "${actual}" = "RELEASE-NAME-consul-gateway2-terminating-gateway" ] } diff --git a/charts/consul/test/unit/terminating-gateways-role.bats b/charts/consul/test/unit/terminating-gateways-role.bats index a5c535e53a..c91babe71d 100644 --- a/charts/consul/test/unit/terminating-gateways-role.bats +++ b/charts/consul/test/unit/terminating-gateways-role.bats @@ -87,10 +87,10 @@ load _helpers yq -s -r '.' | tee /dev/stderr) local actual=$(echo $object | yq -r '.[0].metadata.name' | tee /dev/stderr) - [ "${actual}" = "RELEASE-NAME-consul-gateway1" ] + [ "${actual}" = "RELEASE-NAME-consul-gateway1-terminating-gateway" ] local actual=$(echo $object | yq -r '.[1].metadata.name' | tee /dev/stderr) - [ "${actual}" = "RELEASE-NAME-consul-gateway2" ] + [ "${actual}" = "RELEASE-NAME-consul-gateway2-terminating-gateway" ] local actual=$(echo $object | yq '.[0].rules | length' | tee /dev/stderr) [ "${actual}" = "2" ] diff --git a/charts/consul/test/unit/terminating-gateways-rolebinding.bats b/charts/consul/test/unit/terminating-gateways-rolebinding.bats index d6e74be896..711ed7ed47 100644 --- a/charts/consul/test/unit/terminating-gateways-rolebinding.bats +++ b/charts/consul/test/unit/terminating-gateways-rolebinding.bats @@ -32,10 +32,10 @@ load _helpers yq -s -r '.' | tee /dev/stderr) local actual=$(echo $object | yq -r '.[0].metadata.name' | tee /dev/stderr) - [ "${actual}" = "RELEASE-NAME-consul-gateway1" ] + [ "${actual}" = "RELEASE-NAME-consul-gateway1-terminating-gateway" ] local actual=$(echo $object | yq -r '.[1].metadata.name' | tee /dev/stderr) - [ "${actual}" = "RELEASE-NAME-consul-gateway2" ] + [ "${actual}" = "RELEASE-NAME-consul-gateway2-terminating-gateway" ] local actual=$(echo $object | yq '.[2] | length > 0' | tee /dev/stderr) [ "${actual}" = "false" ]