Merge branch 'main' into add-pod-disruption-budget

opentdf · Oct 17, 2024 · a26e3d1 · a26e3d1
2 parents 2485b44 + 9bdd63f
commit a26e3d1
Show file tree

Hide file tree

Showing 7 changed files with 54 additions and 16 deletions.
diff --git a/.release-please-manifest.json b/.release-please-manifest.json
@@ -1,3 +1,3 @@
 {
-    "charts/platform": "0.7.0"
+    "charts/platform": "0.7.1"
 }
diff --git a/charts/platform/CHANGELOG.md b/charts/platform/CHANGELOG.md
@@ -1,5 +1,14 @@
 # Changelog
 
+## [0.7.1](https://github.com/opentdf/charts/compare/platform-0.7.0...platform-v0.7.1) (2024-10-16)
+
+
+### Bug Fixes
+
+* **ci:** Add public_client_id to server.auth config ([#89](https://github.com/opentdf/charts/issues/89)) ([6829c87](https://github.com/opentdf/charts/commit/6829c8783566a955bb76287bdd640a7b2507ebc8))
+* **core:** deprecate keycloak-from-config ([#81](https://github.com/opentdf/charts/issues/81)) ([da5a685](https://github.com/opentdf/charts/commit/da5a6856a0b14fcc6eab5810d4cf5a9518d68abe)), closes [#80](https://github.com/opentdf/charts/issues/80)
+* port naming/app protocol tls.enabled ([#90](https://github.com/opentdf/charts/issues/90)) ([613f67e](https://github.com/opentdf/charts/commit/613f67e860972dc8d27bf0fc6fb55daa89bf8b7a))
+
 ## [0.7.0](https://github.com/opentdf/charts/compare/platform-0.6.2...platform-v0.7.0) (2024-08-20)
 
 

diff --git a/charts/platform/Chart.yaml b/charts/platform/Chart.yaml
@@ -15,7 +15,7 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.7.0
+version: 0.7.1
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to

diff --git a/charts/platform/templates/_helpers.tpl b/charts/platform/templates/_helpers.tpl
@@ -132,9 +132,17 @@ This takes an array of three values:
 {{- end -}}
 {{- end -}}
 
-{{- define "determine.appProtocol" -}}
+{{- define "platform.portName" -}}
 {{- if .Values.server.tls.enabled -}}
+https
+{{- else -}}
 http2
+{{- end -}}
+{{- end -}}
+
+{{- define "determine.appProtocol" -}}
+{{- if .Values.server.tls.enabled -}}
+https
 {{- else -}}
 {{- if (include "isOpenshift" .) -}}
 h2c

diff --git a/charts/platform/templates/deployment.yaml b/charts/platform/templates/deployment.yaml
@@ -47,20 +47,20 @@ spec:
           image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
           imagePullPolicy: {{ .Values.image.pullPolicy }}
           ports:
-            - name: http2
+            - name: {{ include "platform.portName" . }}
               containerPort: {{ .Values.server.port }}
               protocol: TCP
           {{ if not .Values.server.disableHealthChecks }}
           livenessProbe:
             httpGet:
               scheme: {{ if .Values.server.tls.enabled }}HTTPS{{ else }}HTTP{{ end }}              
               path: /healthz
-              port: http2
+              port: {{ include "platform.portName" . }}
           readinessProbe:
             httpGet:
               scheme: {{ if .Values.server.tls.enabled }}HTTPS{{ else }}HTTP{{ end }}
               path: /healthz?service=all
-              port: http2
+              port: {{ include "platform.portName" . }}
           {{ end }}
           resources:
             {{- toYaml .Values.resources | nindent 12 }}

diff --git a/charts/platform/templates/service.yaml b/charts/platform/templates/service.yaml
@@ -10,9 +10,9 @@ spec:
   type: {{ .Values.service.type }}
   ports:
     - port: {{ .Values.service.port }}
-      targetPort: http2
+      targetPort: {{ include "platform.portName" . }}
       appProtocol:  {{ include "determine.appProtocol" . }}
       protocol: TCP
-      name: http2
+      name: {{ include "platform.portName" . }}
   selector:
     {{- include "chart.selectorLabels" . | nindent 4 }}
diff --git a/tests/chart_platform_template_test.go b/tests/chart_platform_template_test.go
@@ -1,19 +1,18 @@
 package test
 
 import (
-	"path/filepath"
-	"strings"
-	"testing"
-
 	"github.com/gruntwork-io/terratest/modules/helm"
 	"github.com/gruntwork-io/terratest/modules/k8s"
 	"github.com/gruntwork-io/terratest/modules/random"
 	"github.com/stretchr/testify/suite"
-	"gopkg.in/yaml.v3"
+	yaml3 "gopkg.in/yaml.v3"
 	appv1 "k8s.io/api/apps/v1"
 	policyv1 "k8s.io/api/policy/v1"
 	corev1 "k8s.io/api/core/v1"
 	"k8s.io/apimachinery/pkg/util/intstr"
+	"path/filepath"
+	"strings"
+	"testing"
 )
 
 type PlatformChartTemplateSuite struct {
@@ -515,7 +514,7 @@ func (s *PlatformChartTemplateSuite) Test_Custom_Config_Template_Services_Merged
 	helm.UnmarshalK8SYaml(s.T(), output, &cm)
 
 	var config map[string]interface{}
-	s.Require().NoError(yaml.Unmarshal([]byte(cm.Data["opentdf.yaml"]), &config))
+	s.Require().NoError(yaml3.Unmarshal([]byte(cm.Data["opentdf.yaml"]), &config))
 
 	s.Require().Equal(releaseName+"-platform", cm.Name)
 
@@ -532,7 +531,7 @@ func (s *PlatformChartTemplateSuite) Test_Custom_Config_Template_Services_Merged
 	s.Require().True(testServiceKeyFound)
 }
 
-func (s *PlatformChartTemplateSuite) Test_TLS_Enabled_Expect_HTTP2_AppProtocol() {
+func (s *PlatformChartTemplateSuite) Test_TLS_Enabled_Expect_HTTPS_AppProtocol() {
 	releaseName := "basic"
 
 	namespaceName := "opentdf-" + strings.ToLower(random.UniqueId())
@@ -549,7 +548,18 @@ func (s *PlatformChartTemplateSuite) Test_TLS_Enabled_Expect_HTTP2_AppProtocol()
 	helm.UnmarshalK8SYaml(s.T(), output, &svc)
 
 	for _, port := range svc.Spec.Ports {
-		s.Require().Equal("http2", *port.AppProtocol)
+		s.Require().Equal("https", *port.AppProtocol)
+	}
+
+	output = helm.RenderTemplate(s.T(), options, s.chartPath, releaseName, []string{"templates/deployment.yaml"})
+	var deployment appv1.Deployment
+	helm.UnmarshalK8SYaml(s.T(), output, &deployment)
+	for _, container := range deployment.Spec.Template.Spec.Containers {
+		for _, port := range container.Ports {
+			s.Require().Equal("https", port.Name)
+		}
+		s.Require().Equal("https", container.ReadinessProbe.HTTPGet.Port.String())
+		s.Require().Equal("https", container.LivenessProbe.HTTPGet.Port.String())
 	}
 }
 
@@ -569,6 +579,17 @@ func (s *PlatformChartTemplateSuite) Test_TLS_Disabled_Generic_K8S_Expect_K8S_H2
 	for _, port := range svc.Spec.Ports {
 		s.Require().Equal("kubernetes.io/h2c", *port.AppProtocol)
 	}
+
+	output = helm.RenderTemplate(s.T(), options, s.chartPath, releaseName, []string{"templates/deployment.yaml"})
+	var deployment appv1.Deployment
+	helm.UnmarshalK8SYaml(s.T(), output, &deployment)
+	for _, container := range deployment.Spec.Template.Spec.Containers {
+		for _, port := range container.Ports {
+			s.Require().Equal("http2", port.Name)
+		}
+		s.Require().Equal("http2", container.ReadinessProbe.HTTPGet.Port.String())
+		s.Require().Equal("http2", container.LivenessProbe.HTTPGet.Port.String())
+	}
 }
 
 func (s *PlatformChartTemplateSuite) Test_TLS_Disabled_Openshift_Expect_H2C_AppProtocol() {