From 9673288224a048242cbd932fde6561f5d61400cf Mon Sep 17 00:00:00 2001 From: Alex <1353716+alexstojda@users.noreply.github.com> Date: Wed, 16 Aug 2023 17:20:18 -0400 Subject: [PATCH] fix(DEVOPS-1803): Improve config variable loading in chart --- chart/templates/_configData.yaml | 16 +++++ chart/templates/secret.yaml | 22 +------ .../expected.yaml | 10 ++-- .../values.yaml | 58 +------------------ chart/tests/with-github-app/expected.yaml | 10 ++-- chart/tests/with-github-app/values.yaml | 55 ------------------ chart/tests/with-github-token/expected.yaml | 11 ++-- chart/tests/with-github-token/values.yaml | 55 +----------------- chart/values.yaml | 16 +++-- 9 files changed, 49 insertions(+), 204 deletions(-) create mode 100644 chart/templates/_configData.yaml diff --git a/chart/templates/_configData.yaml b/chart/templates/_configData.yaml new file mode 100644 index 0000000..526aea1 --- /dev/null +++ b/chart/templates/_configData.yaml @@ -0,0 +1,16 @@ +{{/* +Config ENV Vars for the application +*/}} +{{- define "joy-generator.config" }} +JOY_PLUGIN_TOKEN: "{{ required "pluginToken is required" .Values.applicationConfig.pluginToken }}" +JOY_REPO_URL: "{{ required "repoUrl is required" .Values.applicationConfig.repoUrl }}" +{{- if .Values.applicationConfig.githubApp }} +JOY_GITHUB_APP_ID: "{{ .Values.applicationConfig.githubApp.appId }}" +JOY_GITHUB_APP_INSTALLATION_ID: "{{ .Values.applicationConfig.githubApp.installationId }}" +{{- else if .Values.applicationConfig.githubUser }} +JOY_GITHUB_USER: "{{ .Values.applicationConfig.githubUser.username }}" +JOY_GITHUB_TOKEN: "{{ .Values.applicationConfig.githubUser.token }}" +{{- else }} +{{- fail "one of githubUser or githubAuth is required" }} +{{- end }} +{{- end }} diff --git a/chart/templates/secret.yaml b/chart/templates/secret.yaml index da938d9..5188098 100644 --- a/chart/templates/secret.yaml +++ b/chart/templates/secret.yaml @@ -9,29 +9,11 @@ metadata: name: {{ include "joy-generator.fullname" . }}-config {{- if eq .Values.secretType "secret" }} stringData: - JOY_PLUGIN_TOKEN: "{{ required "pluginToken is required" .Values.applicationConfig.pluginToken }}" - JOY_REPO_URL: "{{ required "repoUrl is required" .Values.applicationConfig.repoUrl }}" - {{- if .Values.applicationConfig.githubApp }} - JOY_GITHUB_APP_ID: "{{ .Values.applicationConfig.githubApp.appId }}" - JOY_GITHUB_APP_INSTALLATION_ID: "{{ .Values.applicationConfig.githubApp.installationId }}" - {{- else if .Values.applicationConfig.githubToken }} - JOY_GITHUB_TOKEN: "{{ .Values.applicationConfig.githubToken }}" - {{- else }} - {{- fail "either a github token or github app is required" }} - {{- end }} +{{- include "joy-generator.config" . | indent 2 }} {{- else if eq .Values.secretType "sealedSecret" }} spec: encryptedData: - JOY_PLUGIN_TOKEN: "{{ required "pluginToken is required" .Values.applicationConfig.pluginToken }}" - JOY_REPO_URL: "{{ required "repoUrl is required" .Values.applicationConfig.repoUrl }}" - {{- if .Values.applicationConfig.githubApp }} - JOY_GITHUB_APP_ID: "{{ .Values.applicationConfig.githubApp.appId }}" - JOY_GITHUB_APP_INSTALLATION_ID: "{{ .Values.applicationConfig.githubApp.installationId }}" - {{- else if .Values.applicationConfig.githubToken }} - JOY_GITHUB_TOKEN: "{{ .Values.applicationConfig.githubToken }}" - {{- else }} - {{- fail "either a github token or github app is required" }} - {{- end }} +{{- include "joy-generator.config" . | indent 4 }} {{- end }} --- diff --git a/chart/tests/with-github-app-and-sealed-secrets/expected.yaml b/chart/tests/with-github-app-and-sealed-secrets/expected.yaml index 8921571..c1bc5fa 100644 --- a/chart/tests/with-github-app-and-sealed-secrets/expected.yaml +++ b/chart/tests/with-github-app-and-sealed-secrets/expected.yaml @@ -14,10 +14,10 @@ kind: Service metadata: name: my-release-joy-generator labels: - helm.sh/chart: joy-generator-0.0.2 + helm.sh/chart: joy-generator-0.0.3 app.kubernetes.io/name: joy-generator app.kubernetes.io/instance: my-release - app.kubernetes.io/version: "0.0.2" + app.kubernetes.io/version: "0.0.3" app.kubernetes.io/managed-by: Helm spec: type: ClusterIP @@ -36,10 +36,10 @@ kind: Deployment metadata: name: my-release-joy-generator labels: - helm.sh/chart: joy-generator-0.0.2 + helm.sh/chart: joy-generator-0.0.3 app.kubernetes.io/name: joy-generator app.kubernetes.io/instance: my-release - app.kubernetes.io/version: "0.0.2" + app.kubernetes.io/version: "0.0.3" app.kubernetes.io/managed-by: Helm spec: replicas: 1 @@ -101,7 +101,7 @@ kind: SealedSecret metadata: name: my-release-joy-generator-config spec: - encryptedData: + encryptedData: JOY_PLUGIN_TOKEN: "@very!l0ngands3curet0ken" JOY_REPO_URL: "https://github.com/example/foobar.git" JOY_GITHUB_APP_ID: "123456" diff --git a/chart/tests/with-github-app-and-sealed-secrets/values.yaml b/chart/tests/with-github-app-and-sealed-secrets/values.yaml index ea29015..9fe745b 100644 --- a/chart/tests/with-github-app-and-sealed-secrets/values.yaml +++ b/chart/tests/with-github-app-and-sealed-secrets/values.yaml @@ -1,10 +1,3 @@ -# Default values for joy-generator. -# This is a YAML-formatted file. -# Declare variables to be passed into your templates. - -secretType: 'sealedSecret' - -# Configuration settings for the joy-generator instance applicationConfig: pluginToken: "@very!l0ngands3curet0ken" # The HTTPS Git URL of your joy catalog @@ -20,56 +13,7 @@ applicationConfig: privateKey: | FOOBARLOREMISPUM -replicaCount: 1 +secretType: 'sealedSecret' image: - repository: ghcr.io/nestoca/joy-generator - pullPolicy: IfNotPresent - # Overrides the image tag whose default is the chart appVersion. tag: 0.1.2 - -imagePullSecrets: [] -nameOverride: "" -fullnameOverride: "" - -podAnnotations: {} - -podSecurityContext: {} - # fsGroup: 2000 - -securityContext: {} - # capabilities: - # drop: - # - ALL - # readOnlyRootFilesystem: true - # runAsNonRoot: true - # runAsUser: 1000 - -service: - type: ClusterIP - port: 80 - -resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # limits: - # cpu: 100m - # memory: 128Mi - # requests: - # cpu: 100m - # memory: 128Mi - -autoscaling: - enabled: false - minReplicas: 1 - maxReplicas: 100 - targetCPUUtilizationPercentage: 80 - # targetMemoryUtilizationPercentage: 80 - -nodeSelector: {} - -tolerations: [] - -affinity: {} diff --git a/chart/tests/with-github-app/expected.yaml b/chart/tests/with-github-app/expected.yaml index 5d0f979..a48a34b 100644 --- a/chart/tests/with-github-app/expected.yaml +++ b/chart/tests/with-github-app/expected.yaml @@ -4,7 +4,7 @@ apiVersion: v1 kind: Secret metadata: name: my-release-joy-generator-config -stringData: +stringData: JOY_PLUGIN_TOKEN: "@very!l0ngands3curet0ken" JOY_REPO_URL: "https://github.com/example/foobar.git" JOY_GITHUB_APP_ID: "123456" @@ -34,10 +34,10 @@ kind: Service metadata: name: my-release-joy-generator labels: - helm.sh/chart: joy-generator-0.0.2 + helm.sh/chart: joy-generator-0.0.3 app.kubernetes.io/name: joy-generator app.kubernetes.io/instance: my-release - app.kubernetes.io/version: "0.0.2" + app.kubernetes.io/version: "0.0.3" app.kubernetes.io/managed-by: Helm spec: type: ClusterIP @@ -56,10 +56,10 @@ kind: Deployment metadata: name: my-release-joy-generator labels: - helm.sh/chart: joy-generator-0.0.2 + helm.sh/chart: joy-generator-0.0.3 app.kubernetes.io/name: joy-generator app.kubernetes.io/instance: my-release - app.kubernetes.io/version: "0.0.2" + app.kubernetes.io/version: "0.0.3" app.kubernetes.io/managed-by: Helm spec: replicas: 1 diff --git a/chart/tests/with-github-app/values.yaml b/chart/tests/with-github-app/values.yaml index 3718c6f..5f5dd8b 100644 --- a/chart/tests/with-github-app/values.yaml +++ b/chart/tests/with-github-app/values.yaml @@ -1,7 +1,3 @@ -# Default values for joy-generator. -# This is a YAML-formatted file. -# Declare variables to be passed into your templates. - # Configuration settings for the joy-generator instance applicationConfig: pluginToken: "@very!l0ngands3curet0ken" @@ -18,56 +14,5 @@ applicationConfig: privateKey: | FOOBARLOREMISPUM -replicaCount: 1 - image: - repository: ghcr.io/nestoca/joy-generator - pullPolicy: IfNotPresent - # Overrides the image tag whose default is the chart appVersion. tag: 0.1.2 - -imagePullSecrets: [] -nameOverride: "" -fullnameOverride: "" - -podAnnotations: {} - -podSecurityContext: {} - # fsGroup: 2000 - -securityContext: {} - # capabilities: - # drop: - # - ALL - # readOnlyRootFilesystem: true - # runAsNonRoot: true - # runAsUser: 1000 - -service: - type: ClusterIP - port: 80 - -resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # limits: - # cpu: 100m - # memory: 128Mi - # requests: - # cpu: 100m - # memory: 128Mi - -autoscaling: - enabled: false - minReplicas: 1 - maxReplicas: 100 - targetCPUUtilizationPercentage: 80 - # targetMemoryUtilizationPercentage: 80 - -nodeSelector: {} - -tolerations: [] - -affinity: {} diff --git a/chart/tests/with-github-token/expected.yaml b/chart/tests/with-github-token/expected.yaml index 62a191a..0c8f7b4 100644 --- a/chart/tests/with-github-token/expected.yaml +++ b/chart/tests/with-github-token/expected.yaml @@ -4,9 +4,10 @@ apiVersion: v1 kind: Secret metadata: name: my-release-joy-generator-config -stringData: +stringData: JOY_PLUGIN_TOKEN: "@very!l0ngands3curet0ken" JOY_REPO_URL: "https://github.com/example/foobar.git" + JOY_GITHUB_USER: "username" JOY_GITHUB_TOKEN: "12312312312312" --- # Source: joy-generator/templates/argocd-config.yaml @@ -24,10 +25,10 @@ kind: Service metadata: name: my-release-joy-generator labels: - helm.sh/chart: joy-generator-0.0.2 + helm.sh/chart: joy-generator-0.0.3 app.kubernetes.io/name: joy-generator app.kubernetes.io/instance: my-release - app.kubernetes.io/version: "0.0.2" + app.kubernetes.io/version: "0.0.3" app.kubernetes.io/managed-by: Helm spec: type: ClusterIP @@ -46,10 +47,10 @@ kind: Deployment metadata: name: my-release-joy-generator labels: - helm.sh/chart: joy-generator-0.0.2 + helm.sh/chart: joy-generator-0.0.3 app.kubernetes.io/name: joy-generator app.kubernetes.io/instance: my-release - app.kubernetes.io/version: "0.0.2" + app.kubernetes.io/version: "0.0.3" app.kubernetes.io/managed-by: Helm spec: replicas: 1 diff --git a/chart/tests/with-github-token/values.yaml b/chart/tests/with-github-token/values.yaml index 30087ec..934f512 100644 --- a/chart/tests/with-github-token/values.yaml +++ b/chart/tests/with-github-token/values.yaml @@ -7,58 +7,9 @@ applicationConfig: pluginToken: "@very!l0ngands3curet0ken" # The HTTPS Git URL of your joy catalog repoUrl: "https://github.com/example/foobar.git" - githubToken: "12312312312312" - -replicaCount: 1 + githubUser: + token: "12312312312312" + username: "username" image: - repository: ghcr.io/nestoca/joy-generator - pullPolicy: IfNotPresent - # Overrides the image tag whose default is the chart appVersion. tag: 0.1.2 - -imagePullSecrets: [] -nameOverride: "" -fullnameOverride: "" - -podAnnotations: {} - -podSecurityContext: {} - # fsGroup: 2000 - -securityContext: {} - # capabilities: - # drop: - # - ALL - # readOnlyRootFilesystem: true - # runAsNonRoot: true - # runAsUser: 1000 - -service: - type: ClusterIP - port: 80 - -resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # limits: - # cpu: 100m - # memory: 128Mi - # requests: - # cpu: 100m - # memory: 128Mi - -autoscaling: - enabled: false - minReplicas: 1 - maxReplicas: 100 - targetCPUUtilizationPercentage: 80 - # targetMemoryUtilizationPercentage: 80 - -nodeSelector: {} - -tolerations: [] - -affinity: {} diff --git a/chart/values.yaml b/chart/values.yaml index c242c61..6d83668 100644 --- a/chart/values.yaml +++ b/chart/values.yaml @@ -5,14 +5,20 @@ # Configuration settings for the joy-generator instance applicationConfig: # The shared token that ArgoCD will use to call the joy-generator plugin API - # This should be some long random string + # This should be some long and secure random string pluginToken: "" # The HTTPS Git URL of your joy catalog repoUrl: "" - # The GitHub token to use to access the repo - githubToken: "" - # The GitHub app configuration. - # Required if githubToken is not set. + + # joy-generator supports authenticating with GitHub using either a personal access token or a GitHub App + # Provide either the githubUser or githubApp section, but not both + +# githubUser: +# # The GitHub username to use for the joy-generator instance +# username: "" +# # The GitHub personal access token to use for the joy-generator instance +# token: "" + # githubApp: # # The GitHub application ID # appId: ""