fix: set cluster domain for credentials URIs (#111)

* fix: set cluster domain for credentials URIs Signed-off-by: Thulio Ferraz Assis <[email protected]> * fix: missing license headers Signed-off-by: Thulio Ferraz Assis <[email protected]> * ci: trigger Signed-off-by: Thulio Ferraz Assis <[email protected]> * fix: typo * doc: ClusterDomain option Signed-off-by: Thulio Ferraz Assis <[email protected]> * fix: comment Co-authored-by: Mark Yen <[email protected]> * fix: ease test readability with BeEmpty Co-authored-by: Mark Yen <[email protected]> * refactor: use libpod/pkg/resolvconf for parsing Signed-off-by: Thulio Ferraz Assis <[email protected]> * fix: go mod tidy Signed-off-by: Thulio Ferraz Assis <[email protected]> * fix: old make target Signed-off-by: Thulio Ferraz Assis <[email protected]> * fix: pipe test helm commands to std{err,out} Signed-off-by: Thulio Ferraz Assis <[email protected]> * fix: for loop over search path domains Signed-off-by: Thulio Ferraz Assis <[email protected]> * fix: remove the Greek letter Ω from tests Signed-off-by: Thulio Ferraz Assis <[email protected]> * fix: increase timeout for integ test helm install Signed-off-by: Thulio Ferraz Assis <[email protected]> * fix: a defer assurance for the future Signed-off-by: Thulio Ferraz Assis <[email protected]> * bump: CI testing script timeout Signed-off-by: Thulio Ferraz Assis <[email protected]> * feat: print waiting message to output Signed-off-by: Thulio Ferraz Assis <[email protected]> * feat: stream integration-tests output This also helps with CI failing when there's no output for a while. Signed-off-by: Thulio Ferraz Assis <[email protected]> * fix: use GinkgoWriter for std{out,err} Signed-off-by: Thulio Ferraz Assis <[email protected]> * fix: disable wordpress persistence on pvc Signed-off-by: Thulio Ferraz Assis <[email protected]> * feat: bump wordpress image to 5.5.1 Signed-off-by: Thulio Ferraz Assis <[email protected]> * feat: change wordpress db from mysql to mariadb Signed-off-by: Thulio Ferraz Assis <[email protected]> * fix: comment Co-authored-by: Mark Yen <[email protected]> Co-authored-by: Mark Yen <[email protected]>
kubernetes-retired · Sep 22, 2020 · ef11c30 · ef11c30
1 parent 59a70ab
commit ef11c30
Show file tree

Hide file tree

Showing 25 changed files with 503 additions and 138 deletions.
diff --git a/Makefile b/Makefile
@@ -94,9 +94,9 @@ test-unit:
 	ginkgo -cover cmd/... pkg/...
 
 test-integration:
-	(cd ./tests/integration; NAMESPACE=minibroker-tests WORDPRESS_CHART="$(WORDPRESS_CHART)" ginkgo --nodes 4 --slowSpecThreshold 180 .)
+	(cd ./tests/integration; NAMESPACE=minibroker-tests WORDPRESS_CHART="$(WORDPRESS_CHART)" ginkgo --nodes 4 -v --stream --slowSpecThreshold 180 .)
 
-test: test-unit test-integration test-wordpress
+test: test-unit test-integration
 
 log:
 	kubectl log -n minibroker deploy/minibroker-minibroker -c minibroker

diff --git a/charts/wordpress/README.md b/charts/wordpress/README.md
@@ -39,17 +39,6 @@ To install the chart with the release name `my-release`:
 $ helm install --name my-release charts/wordpress
 ```
 
-Note: when installing the wordpress chart on some versions of Minikube, you
-may encounter issues due to [kubernetes/minikube#2256](https://github.com/kubernetes/minikube/issues/2256). 
-If you're using
-[v0.24.1](https://github.com/kubernetes/minikube/releases/tag/v0.24.1), we recommend setting
-the `persistence.enabled` parameter to `false` using the following command.
-
-```console
-$ helm install --name my-release --namespace wp charts/wordpress \
-  --set persistence.enabled=false
-```
-
 The command deploys WordPress on the Kubernetes cluster in the default configuration. The [configuration](#configuration) section lists the parameters that can be configured during installation.
 
 > **Tip**: List all releases using `helm list`
@@ -96,10 +85,6 @@ The following tables lists the configurable parameters of the WordPress chart an
 | `ingress.secrets[0].name`            | TLS Secret Name                            | `nil`                                                      |
 | `ingress.secrets[0].certificate`     | TLS Secret Certificate                     | `nil`                                                      |
 | `ingress.secrets[0].key`             | TLS Secret Key                             | `nil`                                                      |
-| `persistence.enabled`                | Enable persistence using PVC               | `true`                                                     |
-| `persistence.storageClass`           | PVC Storage Class                          | `nil` (uses alpha storage class annotation)                |
-| `persistence.accessMode`             | PVC Access Mode                            | `ReadWriteOnce`                                            |
-| `persistence.size`                   | PVC Storage Request                        | `10Gi`                                                     |
 | `nodeSelector`                       | Node labels for pod assignment             | `{}`                                                       |
 
 The above parameters map to the env variables defined in [bitnami/wordpress](http://github.com/bitnami/bitnami-docker-wordpress). For more information please refer to the [bitnami/wordpress](http://github.com/bitnami/bitnami-docker-wordpress) image documentation.
@@ -123,13 +108,6 @@ $ helm install --name my-release -f values.yaml stable/wordpress
 
 > **Tip**: You can use the default [values.yaml](values.yaml)
 
-## Persistence
-
-The [Bitnami WordPress](https://github.com/bitnami/bitnami-docker-wordpress) image stores the WordPress data and configurations at the `/bitnami` path of the container.
-
-Persistent Volume Claims are used to keep the data across deployments. This is known to work in GCE, AWS, and minikube.
-See the [Configuration](#configuration) section to configure the PVC or to disable persistence.
-
 ## Ingress
 
 This chart provides support for ingress resources. If you have an

diff --git a/charts/wordpress/templates/deployment.yaml b/charts/wordpress/templates/deployment.yaml
@@ -17,11 +17,32 @@ spec:
       labels:
         app: {{ template "fullname" . }}
     spec:
+      hostAliases:
+      - ip: "127.0.0.1"
+        hostnames:
+        - status.localhost
+      securityContext:
+        runAsUser: 1001
+        fsGroup: 1001
       containers:
       - name: {{ template "fullname" . }}
         image: "{{ .Values.image }}"
         imagePullPolicy: {{ default "" .Values.imagePullPolicy | quote }}
         env:
+        - name: ALLOW_EMPTY_PASSWORD
+          value: "yes"
+        - name: WORDPRESS_HTACCESS_OVERRIDE_NONE
+          value: "no"
+        - name: WORDPRESS_HTACCESS_PERSISTENCE_ENABLED
+          value: "no"
+        - name: WORDPRESS_SKIP_INSTALL
+          value: "no"
+        - name: WORDPRESS_TABLE_PREFIX
+          value: "wp_"
+        - name: WORDPRESS_SCHEME
+          value: "http"
+        - name: WORDPRESS_EXTRA_WP_CONFIG_CONTENT
+          value: ""
         - name: MARIADB_HOST
           valueFrom:
             secretKeyRef:
@@ -79,9 +100,9 @@ spec:
           value: {{ default "" .Values.smtpProtocol | quote }}
         ports:
         - name: http
-          containerPort: 80
+          containerPort: 8080
         - name: https
-          containerPort: 443
+          containerPort: 8443
         livenessProbe:
           httpGet:
             path: /wp-login.php
@@ -103,25 +124,14 @@ spec:
           {{- end }}
 {{ toYaml .Values.readinessProbe | indent 10 }}
         volumeMounts:
-        - mountPath: /bitnami/apache
-          name: wordpress-data
-          subPath: apache
         - mountPath: /bitnami/wordpress
           name: wordpress-data
           subPath: wordpress
-        - mountPath: /bitnami/php
-          name: wordpress-data
-          subPath: php
         resources:
 {{ toYaml .Values.resources | indent 10 }}
       volumes:
       - name: wordpress-data
-      {{- if .Values.persistence.enabled }}
-        persistentVolumeClaim:
-          claimName: {{ template "fullname" . }}
-      {{- else }}
         emptyDir: {}
-      {{ end }}
     {{- if .Values.nodeSelector }}
       nodeSelector:
 {{ toYaml .Values.nodeSelector | indent 8 }}

diff --git a/charts/wordpress/templates/mysql-instance.yaml b/charts/wordpress/templates/mysql-instance.yaml
@@ -8,7 +8,7 @@ metadata:
     release: "{{ .Release.Name }}"
     heritage: "{{ .Release.Service }}"
 spec:
-  clusterServiceClassExternalName: mysql
+  clusterServiceClassExternalName: {{ .Values.externalDatabase.minibroker.class }}
   clusterServicePlanExternalName: {{ .Values.externalDatabase.minibroker.servicePlan }}
   {{- if .Values.externalDatabase.minibroker.parameters }}
   parameters: {{ toJson .Values.externalDatabase.minibroker.parameters }}

diff --git a/charts/wordpress/templates/pvc.yaml b/charts/wordpress/templates/pvc.yaml
diff --git a/charts/wordpress/values.yaml b/charts/wordpress/values.yaml
@@ -1,7 +1,7 @@
 ## Bitnami WordPress image version
 ## ref: https://hub.docker.com/r/bitnami/wordpress/tags/
 ##
-image: bitnami/wordpress:4.9.4-r0
+image: bitnami/wordpress:5.5.1
 
 ## Specify a imagePullPolicy
 ## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images
@@ -51,32 +51,15 @@ wordpressBlogName: User's Blog!
 
 externalDatabase:
   minibroker:
-    ## The plan to request from Minibroker, use svcat get plans --class mysql to see your options
-    servicePlan: 5-7-30
+    class: mariadb
+    ## The plan to request from Minibroker, use svcat get plans --class mariadb to see your options.
+    servicePlan: 10-3-22
     parameters:
-      mysqlDatabase: bitnami_wordpress
-      mysqlUser: bn_wordpress
-      placeholder: yarrr
-
-##
-## MariaDB chart configuration
-##
-mariadb:
-  ## Enable persistence using Persistent Volume Claims
-  ## ref: http://kubernetes.io/docs/user-guide/persistent-volumes/
-  ##
-  persistence:
-    enabled: true
-    ## mariadb data Persistent Volume Storage Class
-    ## If defined, storageClassName: <storageClass>
-    ## If set to "-", storageClassName: "", which disables dynamic provisioning
-    ## If undefined (the default) or set to null, no storageClassName spec is
-    ##   set, choosing the default provisioner.  (gp2 on AWS, standard on
-    ##   GKE, AWS & OpenStack)
-    ##
-    # storageClass: "-"
-    accessMode: ReadWriteOnce
-    size: 8Gi
+      db:
+        name: bitnami_wordpress
+        user: bn_wordpress
+      replication:
+        enabled: false
 
 ## Kubernetes configuration
 ## For minikube, set this to NodePort, elsewhere use LoadBalancer
@@ -147,22 +130,6 @@ ingress:
   #   key:
   #   certificate:
 
-## Enable persistence using Persistent Volume Claims
-## ref: http://kubernetes.io/docs/user-guide/persistent-volumes/
-##
-persistence:
-  enabled: true
-  ## wordpress data Persistent Volume Storage Class
-  ## If defined, storageClassName: <storageClass>
-  ## If set to "-", storageClassName: "", which disables dynamic provisioning
-  ## If undefined (the default) or set to null, no storageClassName spec is
-  ##   set, choosing the default provisioner.  (gp2 on AWS, standard on
-  ##   GKE, AWS & OpenStack)
-  ##
-  # storageClass: "-"
-  accessMode: ReadWriteOnce
-  size: 10Gi
-
 ## Configure resource requests and limits
 ## ref: http://kubernetes.io/docs/user-guide/compute-resources/
 ##

diff --git a/ci/test_integration.sh b/ci/test_integration.sh
@@ -21,4 +21,4 @@ timeout 1m kubectl create namespace minibroker-tests
 timeout 10m make image
 timeout 1m make charts
 timeout 3m make deploy
-timeout 8m make test-integration
+timeout 15m make test-integration
diff --git a/cmd/minibroker/main.go b/cmd/minibroker/main.go
@@ -27,6 +27,7 @@ import (
 	"syscall"
 
 	"github.com/kubernetes-sigs/minibroker/pkg/broker"
+	"github.com/kubernetes-sigs/minibroker/pkg/kubernetes"
 	"github.com/pmorie/osb-broker-lib/pkg/metrics"
 	prom "github.com/prometheus/client_golang/prometheus"
 	klog "k8s.io/klog/v2"
@@ -65,6 +66,8 @@ func main() {
 		"The default namespace for brokers when the request doesn't specify")
 	flag.StringVar(&options.ProvisioningSettingsPath, "provisioningSettings", "",
 		"The path to the YAML file where the optional provisioning settings are stored")
+	flag.StringVar(&options.ClusterDomain, "clusterDomain", "",
+		"The k8s cluster domain - if not set, Minibroker infers from /etc/resolv.conf")
 	flag.Parse()
 
 	klogFlags := flag.NewFlagSet("klog", flag.ExitOnError)
@@ -79,6 +82,22 @@ func main() {
 	})
 	defer klog.Flush()
 
+	if options.ClusterDomain == "" {
+		resolvConf, err := os.Open("/etc/resolv.conf")
+		if err != nil {
+			klog.Fatalln(err)
+		}
+		// An assurance for the future-proof copy-paste of this block! Yes, this
+		// is not necessary here but shall be if other events happen in the
+		// future.
+		defer resolvConf.Close()
+
+		if options.ClusterDomain, err = kubernetes.ClusterDomain(resolvConf); err != nil {
+			klog.Fatalln(err)
+		}
+		resolvConf.Close()
+	}
+
 	if err := run(); err != nil && err != context.Canceled && err != context.DeadlineExceeded {
 		klog.Fatalln(err)
 	}

diff --git a/go.mod b/go.mod
@@ -4,17 +4,16 @@ go 1.13
 
 require (
 	github.com/Masterminds/semver v1.4.0
+	github.com/containers/libpod v1.9.3
 	github.com/ghodss/yaml v1.0.1-0.20190212211648-25d852aebe32
 	github.com/golang/mock v1.2.0
 	github.com/golang/protobuf v1.4.1 // indirect
-	github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e // indirect
 	github.com/onsi/ginkgo v1.12.0
 	github.com/onsi/gomega v1.10.0
 	github.com/pkg/errors v0.9.1
 	github.com/pmorie/go-open-service-broker-client v0.0.0-20180304212357-e8aa16c90363
 	github.com/pmorie/osb-broker-lib v0.0.0-20180516212803-87d71cfbf342
 	github.com/prometheus/client_golang v1.6.0
-	gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f // indirect
 	gopkg.in/yaml.v2 v2.3.0 // indirect
 	helm.sh/helm/v3 v3.2.3
 	k8s.io/api v0.18.0