-
Notifications
You must be signed in to change notification settings - Fork 321
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
set up individual secrets for what used to be HCPConfig secret #1608
Merged
Merged
Changes from 5 commits
Commits
Show all changes
11 commits
Select commit
Hold shift + click to select a range
aa09ab8
set up individual secrets for what used to be HCPConfig secret
jmurret 9a1a9f5
add initial validation for clour config in the helm chart.
jmurret b66e384
adding bats tests
jmurret 8806ae6
add changelog
jmurret dd54718
changing validateCloudSecretNames to validaterequiredCloudSecretsExist
jmurret 6ca601f
PR feedback
jmurret 0f9e5a2
organize consts by name/key
jmurret 69ed34e
add conditional checks around hcp config secret saving
jmurret 15d7841
make the self reference in CloudPreset c instead of i
jmurret faa2f6e
remove extra line
jmurret 7ff500a
noting required vs optional values in helm values file.
jmurret File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -371,13 +371,50 @@ Consul server environment variables for consul-k8s commands. | |
{{- end -}} | ||
|
||
{{/* | ||
Fails global.cloud.enabled is true and global.cloud.secretName is nil or tempty. | ||
Fails global.cloud.enabled is true and one of the following secrets is nil or empty. | ||
- global.cloud.resourceId.secretName | ||
- global.cloud.clientId.secretName | ||
- global.cloud.clientSecret.secretName | ||
|
||
Usage: {{ template "consul.validateCloudConfiguration" . }} | ||
Usage: {{ template "consul.validaterequiredCloudSecretsExist" . }} | ||
jmurret marked this conversation as resolved.
Show resolved
Hide resolved
|
||
|
||
*/}} | ||
{{- define "consul.validateCloudConfiguration" -}} | ||
{{- if and .Values.global.cloud.enabled (not .Values.global.cloud.secretName) }} | ||
{{fail "When global.cloud.enabled is true, global.cloud.secretName must also be set."}} | ||
{{ end }} | ||
{{- define "consul.validaterequiredCloudSecretsExist" -}} | ||
{{- if (and .Values.global.cloud.enabled (or (not .Values.global.cloud.resourceId.secretName) (not .Values.global.cloud.clientId.secretName) (not .Values.global.cloud.clientSecret.secretName))) }} | ||
{{fail "When global.cloud.enabled is true, global.cloud.resourceId.secretName, global.cloud.clientId.secretName, and global.cloud.clientSecret.secretName must also be set."}} | ||
{{- end }} | ||
{{- end -}} | ||
|
||
{{/* | ||
Fails global.cloud.enabled is true and one of the following secrets has either an empty secretName or secretKey. | ||
- global.cloud.resourceId.secretName / secretKey | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. This simply checks all 6 secrets so that if either |
||
- global.cloud.clientId.secretName / secretKey | ||
- global.cloud.clientSecret.secretName / secretKey | ||
- global.cloud.authUrl.secretName / secretKey | ||
- global.cloud.apiHost.secretName / secretKey | ||
- global.cloud.scadaAddress.secretName / secretKey | ||
Usage: {{ template "consul.validateCloudSecretKeys" . }} | ||
|
||
*/}} | ||
{{- define "consul.validateCloudSecretKeys" -}} | ||
{{- if and .Values.global.cloud.enabled }} | ||
{{- if or (and .Values.global.cloud.resourceId.secretName (not .Values.global.cloud.resourceId.secretKey)) (and .Values.global.cloud.resourceId.secretKey (not .Values.global.cloud.resourceId.secretName)) }} | ||
{{fail "When either global.cloud.resourceId.secretName or global.cloud.resourceId.secretKey is defined, both must be set."}} | ||
{{- end }} | ||
{{- if or (and .Values.global.cloud.clientId.secretName (not .Values.global.cloud.clientId.secretKey)) (and .Values.global.cloud.clientId.secretKey (not .Values.global.cloud.clientId.secretName)) }} | ||
{{fail "When either global.cloud.clientId.secretName or global.cloud.clientId.secretKey is defined, both must be set."}} | ||
{{- end }} | ||
{{- if or (and .Values.global.cloud.clientSecret.secretName (not .Values.global.cloud.clientSecret.secretKey)) (and .Values.global.cloud.clientSecret.secretKey (not .Values.global.cloud.clientSecret.secretName)) }} | ||
{{fail "When either global.cloud.clientSecret.secretName or global.cloud.clientSecret.secretKey is defined, both must be set."}} | ||
{{- end }} | ||
{{- if or (and .Values.global.cloud.authUrl.secretName (not .Values.global.cloud.authUrl.secretKey)) (and .Values.global.cloud.authUrl.secretKey (not .Values.global.cloud.authUrl.secretName)) }} | ||
{{fail "When either global.cloud.authUrl.secretName or global.cloud.authUrl.secretKey is defined, both must be set."}} | ||
{{- end }} | ||
{{- if or (and .Values.global.cloud.apiHost.secretName (not .Values.global.cloud.apiHost.secretKey)) (and .Values.global.cloud.apiHost.secretKey (not .Values.global.cloud.apiHost.secretName)) }} | ||
{{fail "When either global.cloud.apiHost.secretName or global.cloud.apiHost.secretKey is defined, both must be set."}} | ||
{{- end }} | ||
{{- if or (and .Values.global.cloud.scadaAddress.secretName (not .Values.global.cloud.scadaAddress.secretKey)) (and .Values.global.cloud.scadaAddress.secretKey (not .Values.global.cloud.scadaAddress.secretName)) }} | ||
{{fail "When either global.cloud.scadaAddress.secretName or global.cloud.scadaAddress.secretKey is defined, both must be set."}} | ||
{{- end }} | ||
{{- end }} | ||
{{- end -}} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
changed name. this used to be one secret with 6 six keys (3 required and 3 optional). Now there are 6 secrets for more flexibility and the ability to allow optional values.