Skip to content

Commit

Permalink
remove redundant charts features (#647)
Browse files Browse the repository at this point in the history 
* remove unused charts features
* update changelog
* update chart version
  • Loading branch information
@ekneg54
ekneg54 authored Aug 15, 2024
1 parent 7afd24e commit 86f8e75
Show file tree
Hide file tree
Showing 5 changed files with 6 additions and 182 deletions.
4 changes: 3 additions & 1 deletion CHANGELOG.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,9 +3,11 @@
## next release
### Breaking
### Features
### Improvenets
### Improvements
### Bugfix

* remove redundant chart features for mounting secrets

## 13.0.1

### Improvements
Expand Down
2 changes: 1 addition & 1 deletion charts/logprep/Chart.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ type: application
# This is the chart version. This version number should be incremented each time you make changes
# to the chart and its templates, including the app version.
# Versions are expected to follow Semantic Versioning (https://semver.org/)
version: "13.2.2"
version: "13.2.3"

# This is the version number of the application being deployed. This version number should be
# incremented each time you make changes to the application. Versions are not expected to
Expand Down
14 changes: 0 additions & 14 deletions charts/logprep/templates/deployment.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -103,13 +103,6 @@ spec:
- name: output-config
mountPath: /home/logprep/output-config.yaml
subPath: output-config.yaml
{{- range $key, $value := .Values.secrets }}
{{ if ne $key "imagePullSecret" }}
- name: {{ lower $key }}
mountPath: /home/logprep/{{ lower $key }}/{{ lower $value.name }}
subPath: {{ $value.name }}
{{ end }}
{{- end }}
{{- if .Values.extraMounts }}
{{- toYaml .Values.extraMounts | nindent 12 }}
{{- end }}
Expand Down Expand Up @@ -179,13 +172,6 @@ spec:
configMap:
name: {{ include "logprep.fullname" . }}-artifacts
{{- end }}
{{- range $key, $value := .Values.secrets }}
{{- if ne $key "imagePullSecret" }}
- name: {{ lower $key }}
secret:
secretName: {{ $value.name }}
{{- end }}
{{- end }}
{{- if .Values.extraVolumes }}
{{- toYaml .Values.extraVolumes | nindent 8 }}
{{- end }}
Expand Down
11 changes: 2 additions & 9 deletions charts/logprep/values.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -26,16 +26,9 @@ securityContext:
runAsUser: 1000
readOnlyRootFilesystem: true

# Optional secrets that will be mounted into the pod
# Listed secrets are handled specially by the logprep deployment.
# Additional secrets will be mounted as usual.
# The key is the folder under /home/logprep and the value.name
# (which is the name of the external secret) will be the name of the mounted file.
# the image pull secret to use for the deployment
# to mount extra secrets into the pod, use the extraVolumes and extraMounts fields
# secrets:
# certificates:
# name: ca-cert # Name of the secret containing the ca certificate (or chain) in one data block
# credentials:
# name: logprep-credentials # Name of the secret containing the logprep credentials file
# imagePullSecret:
# name: logprep-image-pull-secret # Name of the secret containing the image pull secret
secrets: {}
Expand Down
157 changes: 0 additions & 157 deletions tests/unit/charts/test_deployment.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -50,40 +50,6 @@ def test_temp_directory(self):
assert mount["mountPath"] == "/tmp"
assert mount["name"] == "logprep-temp"

@pytest.mark.parametrize(
"logprep_values, expected",
[
({}, False),
({"secrets": {"certificates": {"name": "custom-certs"}}}, True),
],
)
def test_deployment_certificates(self, logprep_values, expected):
self.manifests = self.render_chart("logprep", logprep_values)
volumes = self.deployment["spec.template.spec.volumes"]
mounts = self.deployment["spec.template.spec.containers.0.volumeMounts"]
env = self.deployment["spec.template.spec.containers.0.env"]

for volume in volumes:
if volume["name"] == "certificates":
assert expected
break
else:
assert not expected, "certificates volume not found"

for mount in mounts:
if mount["name"] == "certificates":
assert expected
break
else:
assert not expected, "certificates mount not found"

for variable in env:
if variable["name"] == "REQUESTS_CA_BUNDLE":
assert expected
break
else:
assert not expected, "REQUESTS_CA_BUNDLE env not found"

def test_certificates_env(self):
self.manifests = self.render_chart(
"logprep", {"secrets": {"certificates": {"name": "custom-certs"}}}
Expand All @@ -96,91 +62,6 @@ def test_certificates_env(self):
else:
assert False, "REQUESTS_CA_BUNDLE not found"

def test_certificates_volume(self):
self.manifests = self.render_chart(
"logprep", {"secrets": {"certificates": {"name": "custom-certs"}}}
)
volumes = self.deployment["spec.template.spec.volumes"]
for volume in volumes:
if volume["name"] == "certificates":
assert volume["secret"]["secretName"] == "custom-certs"
break
else:
assert False, "certificates volume not found"

def test_certificates_volume_mount(self):
self.manifests = self.render_chart(
"logprep", {"secrets": {"certificates": {"name": "custom-certs"}}}
)
mounts = self.deployment["spec.template.spec.containers.0.volumeMounts"]
for mount in mounts:
if mount["name"] == "certificates":
assert mount["mountPath"].endswith("custom-certs")
break
else:
assert False, "certificates mount not found"

@pytest.mark.parametrize(
"logprep_values, expected",
[
({}, False),
({"secrets": {"logprep-secret": {"name": "my-secret"}}}, True),
({"secrets": {"LoGpReP-Secret": {"name": "my-not-lowercase-secret"}}}, True),
],
)
def test_secret_deployment(self, logprep_values, expected):
self.manifests = self.render_chart("logprep", logprep_values)
volumes = self.deployment["spec.template.spec.volumes"]
mounts = self.deployment["spec.template.spec.containers.0.volumeMounts"]

for volume in volumes:
if volume["name"] == "logprep-secret":
assert expected
break
else:
assert not expected, "secret volume not found"

for mount in mounts:
if mount["name"] == "logprep-secret":
assert expected
break
else:
assert not expected, "secret mount not found"

@pytest.mark.parametrize(
"logprep_values, expected",
[
({}, False),
({"secrets": {"credentials": {"name": "my-creds"}}}, True),
],
)
def test_deployment_credentials(self, logprep_values, expected):
self.manifests = self.render_chart("logprep", logprep_values)
volumes = self.deployment["spec.template.spec.volumes"]
mounts = self.deployment["spec.template.spec.containers.0.volumeMounts"]
env = self.deployment["spec.template.spec.containers.0.env"]

for volume in volumes:
if volume["name"] == "credentials":
assert expected
break
else:
assert not expected, "credentials volume not found"

for mount in mounts:
if mount["name"] == "credentials":
assert expected
break
else:
assert not expected, "credentials mount not found"

for variable in env:
if variable["name"] == "LOGPREP_CREDENTIALS_FILE":
assert expected
break
else:
assert not expected, "LOGPREP_CREDENTIALS_FILE not found"

def test_credentials_env(self):
self.manifests = self.render_chart(
"logprep", {"secrets": {"credentials": {"name": "my-creds"}}}
Expand All @@ -193,30 +74,6 @@ def test_credentials_env(self):
else:
assert False, "LOGPREP_CREDENTIALS_FILE not found"

def test_credentials_volume(self):
self.manifests = self.render_chart(
"logprep", {"secrets": {"Credentials": {"name": "my-creds"}}}
)
volumes = self.deployment["spec.template.spec.volumes"]
for volume in volumes:
if volume["name"] == "credentials":
assert volume["secret"]["secretName"] == "my-creds"
break
else:
assert False, "credentials volume not found"

def test_credentials_volume_mount(self):
self.manifests = self.render_chart(
"logprep", {"secrets": {"credentials": {"name": "my-creds"}}}
)
mounts = self.deployment["spec.template.spec.containers.0.volumeMounts"]
for mount in mounts:
if mount["name"] == "credentials":
assert mount["mountPath"].endswith("my-creds"), mount["mountPath"]
break
else:
assert False, "credentials mount not found"

def test_security_context(self):
assert self.deployment["spec.template.spec.securityContext"]
security_context = self.deployment["spec.template.spec.securityContext"]
Expand Down Expand Up @@ -392,20 +249,6 @@ def test_artifacts_volume_not_populated_if_not_defined(self):
artifacts_volume = [volume for volume in volumes if volume["name"] == "artifacts"]
assert len(artifacts_volume) == 0

def test_extra_secrets_volumes_are_populated(self):
logprep_values = {"secrets": {"mysecret": {"name": "external-secret"}}}
self.manifests = self.render_chart("logprep", logprep_values)
volumes = self.deployment["spec.template.spec.volumes"]
volume = [volume for volume in volumes if volume["name"] == "mysecret"]
assert volume

def test_extra_secrets_are_mounted(self):
logprep_values = {"secrets": {"mysecret": {"name": "external-secret"}}}
self.manifests = self.render_chart("logprep", logprep_values)
mounts = self.deployment["spec.template.spec.containers.0.volumeMounts"]
mount = [mount for mount in mounts if mount["name"] == "mysecret"]
assert mount

def test_environment_variables_are_populated(self):
logprep_values = {
"environment": [
Expand Down

0 comments on commit 86f8e75

Please sign in to comment.