diff --git a/changelog/v0.40.2/env-template-sources.yaml b/changelog/v0.40.2/env-template-sources.yaml new file mode 100644 index 000000000..bc869f39a --- /dev/null +++ b/changelog/v0.40.2/env-template-sources.yaml @@ -0,0 +1,6 @@ +changelog: + - type: FIX + issueLink: https://github.com/solo-io/skv2/issues/565 + description: > + Add support for other sources in templated env vars field. + skipCI: "false" diff --git a/codegen/cmd_test.go b/codegen/cmd_test.go index 2a0ce0a8d..6c195825f 100644 --- a/codegen/cmd_test.go +++ b/codegen/cmd_test.go @@ -10,27 +10,26 @@ import ( "reflect" "strings" - goyaml "gopkg.in/yaml.v3" - rbacv1 "k8s.io/api/rbac/v1" - v12 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1" - "k8s.io/utils/pointer" - . "github.com/onsi/ginkgo/v2" . "github.com/onsi/gomega" - . "github.com/solo-io/skv2/codegen" - "github.com/solo-io/skv2/codegen/model" - . "github.com/solo-io/skv2/codegen/model" - "github.com/solo-io/skv2/codegen/skv2_anyvendor" - "github.com/solo-io/skv2/codegen/util" - "github.com/solo-io/skv2/contrib" + goyaml "gopkg.in/yaml.v3" appsv1 "k8s.io/api/apps/v1" v1 "k8s.io/api/core/v1" + rbacv1 "k8s.io/api/rbac/v1" + v12 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" "k8s.io/apimachinery/pkg/runtime/schema" "k8s.io/apimachinery/pkg/util/intstr" kubeyaml "k8s.io/apimachinery/pkg/util/yaml" + "k8s.io/utils/ptr" "sigs.k8s.io/yaml" + + . "github.com/solo-io/skv2/codegen" + . "github.com/solo-io/skv2/codegen/model" + "github.com/solo-io/skv2/codegen/skv2_anyvendor" + "github.com/solo-io/skv2/codegen/util" + "github.com/solo-io/skv2/contrib" ) var _ = Describe("Cmd", func() { @@ -111,6 +110,30 @@ var _ = Describe("Cmd", func() { Repository: "gloo-mesh-mgmt-server", Tag: "0.0.1", }, + TemplateEnvVars: []TemplateEnvVar{ + { + Name: "USERNAME", + ValueFrom: v1.EnvVarSource{ + SecretKeyRef: &v1.SecretKeySelector{ + LocalObjectReference: v1.LocalObjectReference{ + Name: "{{ $.Values.someSecret }}", + }, + Key: "{{ $.Values.usernameKey }}", + }, + }, + }, + { + Name: "PASSWORD", + ValueFrom: v1.EnvVarSource{ + ConfigMapKeyRef: &v1.ConfigMapKeySelector{ + LocalObjectReference: v1.LocalObjectReference{ + Name: "{{ $.Values.someConfigMap }}", + }, + Key: "{{ $.Values.passwordKey }}", + }, + }, + }, + }, ContainerPorts: []ContainerPort{{ Name: "stats", Port: "{{ $Values.glooMgmtServer.statsPort }}", @@ -155,6 +178,11 @@ var _ = Describe("Cmd", func() { Expect(deployment).To(ContainSubstring("name: agent-volume")) Expect(deployment).To(ContainSubstring(`{{ index $glooAgent "ports" "grpc" }}`)) Expect(deployment).To(ContainSubstring("{{ $Values.glooMgmtServer.statsPort }}")) + + Expect(deployment).To(ContainSubstring("{{ $.Values.usernameKey }}")) + Expect(deployment).To(ContainSubstring("{{ $.Values.passwordKey }}")) + Expect(deployment).To(ContainSubstring("{{ $.Values.someSecret }}")) + Expect(deployment).To(ContainSubstring("{{ $.Values.someConfigMap }}")) }) It("generates conditional crds", func() { cmd := &Command{ @@ -772,13 +800,11 @@ var _ = Describe("Cmd", func() { } Expect(renderedDeployment).NotTo(BeNil()) - pointerBool := func(b bool) *bool { return &b } - pointerInt64 := func(i int64) *int64 { return &i } defaultSecurityContext := v1.SecurityContext{ - RunAsNonRoot: pointerBool(true), - RunAsUser: pointerInt64(10101), - ReadOnlyRootFilesystem: pointerBool(true), - AllowPrivilegeEscalation: pointerBool(false), + RunAsNonRoot: ptr.To(true), + RunAsUser: ptr.To[int64](10101), + ReadOnlyRootFilesystem: ptr.To(true), + AllowPrivilegeEscalation: ptr.To(false), Capabilities: &v1.Capabilities{ Drop: []v1.Capability{"ALL"}, }, @@ -798,8 +824,8 @@ var _ = Describe("Cmd", func() { Entry("renders empty map for container security context when set as false via helm cli", nil, true), Entry("overrides container security context with empty map", &v1.SecurityContext{}, false), Entry("overrides container security context", &v1.SecurityContext{ - RunAsNonRoot: func(b bool) *bool { return &b }(true), - RunAsUser: func(i int64) *int64 { return &i }(20202), + RunAsNonRoot: ptr.To(true), + RunAsUser: ptr.To[int64](20202), }, false), ) @@ -1928,7 +1954,7 @@ roleRef: ) DescribeTable("rendering conditional deployment strategy", - func(values map[string]any, conditionalStrategy []model.ConditionalStrategy, expectedStrategy appsv1.DeploymentStrategy) { + func(values map[string]any, conditionalStrategy []ConditionalStrategy, expectedStrategy appsv1.DeploymentStrategy) { cmd := &Command{ Chart: &Chart{ Operators: []Operator{ @@ -1999,7 +2025,7 @@ roleRef: ), Entry("when the condition is true", map[string]any{"enabled": true, "condition": true}, - []model.ConditionalStrategy{ + []ConditionalStrategy{ { Condition: "$.Values.painter.condition", Strategy: appsv1.DeploymentStrategy{ @@ -2019,7 +2045,7 @@ roleRef: ), Entry("when the condition is false", map[string]any{"enabled": true, "condition": false}, - []model.ConditionalStrategy{ + []ConditionalStrategy{ { Condition: "$.Values.painter.condition", Strategy: appsv1.DeploymentStrategy{ @@ -2114,23 +2140,23 @@ roleRef: map[string]interface{}{"fsGroup": 1000}, nil, &v1.PodSecurityContext{ - FSGroup: pointer.Int64(1000), + FSGroup: ptr.To[int64](1000), }), Entry("when PodSecurityContext is defined only in the operator", nil, &v1.PodSecurityContext{ - FSGroup: pointer.Int64(1000), + FSGroup: ptr.To[int64](1000), }, &v1.PodSecurityContext{ - FSGroup: pointer.Int64(1000), + FSGroup: ptr.To[int64](1000), }), Entry("when PodSecurityContext is defined in both values and the operator", map[string]interface{}{"fsGroup": 1024}, &v1.PodSecurityContext{ - FSGroup: pointer.Int64(1000), + FSGroup: ptr.To[int64](1000), }, &v1.PodSecurityContext{ - FSGroup: pointer.Int64(1024), // should override the value defined in the operator + FSGroup: ptr.To[int64](1024), // should override the value defined in the operator }), ) @@ -2318,7 +2344,7 @@ roleRef: }) DescribeTable("validation", - func(values map[string]any, defaultVolumes []v1.Volume, conditionalVolumes []model.ConditionalVolume, expected []v1.Volume) { + func(values map[string]any, defaultVolumes []v1.Volume, conditionalVolumes []ConditionalVolume, expected []v1.Volume) { cmd := &Command{ Chart: &Chart{ Operators: []Operator{ @@ -2412,7 +2438,7 @@ roleRef: "condition": "true", }, nil, - []model.ConditionalVolume{ + []ConditionalVolume{ { Condition: "$.Values.painter.condition", Volume: v1.Volume{ @@ -2432,7 +2458,7 @@ roleRef: "condition": "true", }, nil, - []model.ConditionalVolume{ + []ConditionalVolume{ { Condition: "$.Values.painter.invalidCondition", Volume: v1.Volume{ @@ -2452,7 +2478,7 @@ roleRef: Name: "vol-1", }, }, - []model.ConditionalVolume{ + []ConditionalVolume{ { Condition: "$.Values.painter.condition", Volume: v1.Volume{ @@ -2484,7 +2510,7 @@ roleRef: }) DescribeTable("validation", - func(values map[string]any, defaultMounts []v1.VolumeMount, conditionalMounts []model.ConditionalVolumeMount, expected []v1.VolumeMount) { + func(values map[string]any, defaultMounts []v1.VolumeMount, conditionalMounts []ConditionalVolumeMount, expected []v1.VolumeMount) { cmd := &Command{ Chart: &Chart{ Operators: []Operator{ @@ -2580,7 +2606,7 @@ roleRef: "condition": "true", }, nil, - []model.ConditionalVolumeMount{ + []ConditionalVolumeMount{ { Condition: "$.Values.painter.condition", VolumeMount: v1.VolumeMount{ @@ -2600,7 +2626,7 @@ roleRef: "condition": "true", }, nil, - []model.ConditionalVolumeMount{ + []ConditionalVolumeMount{ { Condition: "$.Values.painter.invalidCondition", VolumeMount: v1.VolumeMount{ @@ -2620,7 +2646,7 @@ roleRef: Name: "vol-1", }, }, - []model.ConditionalVolumeMount{ + []ConditionalVolumeMount{ { Condition: "$.Values.painter.condition", VolumeMount: v1.VolumeMount{ diff --git a/codegen/model/chart.go b/codegen/model/chart.go index 78f53cdce..fd46d9a84 100644 --- a/codegen/model/chart.go +++ b/codegen/model/chart.go @@ -173,6 +173,9 @@ type TemplateEnvVar struct { // Helm value // E.g. {{ .Values.foo.bar }} Value string + + // + ValueFrom corev1.EnvVarSource } type ContainerPort struct { diff --git a/codegen/templates/chart/operator-deployment.yamltmpl b/codegen/templates/chart/operator-deployment.yamltmpl index 965053d30..8d0cb3816 100644 --- a/codegen/templates/chart/operator-deployment.yamltmpl +++ b/codegen/templates/chart/operator-deployment.yamltmpl @@ -147,12 +147,17 @@ spec: [[- if $f.Condition ]] {{- if [[ $f.Condition ]] }} [[- end]] + [[- if $f.Value ]] - name: [[ $f.Name ]] value: [[ $f.Value ]] + [[- else if $f.ValueFrom ]] + - name: [[ $f.Name ]] + valueFrom: [[ $f.ValueFrom | toYaml | nindent 14 ]] + [[- end ]] [[- if $f.Condition ]] {{- end }} -[[- end]] -[[- end ]] +[[- end ]] [[/* end Condition */]] +[[- end ]] [[/* end TemplateEnvVars */]] {{- else if [[ $containerVar ]].extraEnvs }} env: {{- end }} diff --git a/codegen/test/chart-conditional-deployment-strategy/templates/deployment.yaml b/codegen/test/chart-conditional-deployment-strategy/templates/deployment.yaml index 9c9ab1ae6..5e3b3cc76 100644 --- a/codegen/test/chart-conditional-deployment-strategy/templates/deployment.yaml +++ b/codegen/test/chart-conditional-deployment-strategy/templates/deployment.yaml @@ -50,7 +50,7 @@ spec: imagePullPolicy: {{ $painterImage.pullPolicy }} {{- if $painter.env }} env: -{{ toYaml $painter.env | indent 10 }} +{{ toYaml $painter.env | indent 10 }} {{- else if $painter.extraEnvs }} env: {{- end }} diff --git a/codegen/test/chart-deployment-strategy/templates/deployment.yaml b/codegen/test/chart-deployment-strategy/templates/deployment.yaml index da16e12c3..8ed61e506 100644 --- a/codegen/test/chart-deployment-strategy/templates/deployment.yaml +++ b/codegen/test/chart-deployment-strategy/templates/deployment.yaml @@ -46,7 +46,7 @@ spec: imagePullPolicy: {{ $painterImage.pullPolicy }} {{- if $painter.env }} env: -{{ toYaml $painter.env | indent 10 }} +{{ toYaml $painter.env | indent 10 }} {{- else if $painter.extraEnvs }} env: {{- end }} diff --git a/codegen/test/chart-envvars/templates/deployment.yaml b/codegen/test/chart-envvars/templates/deployment.yaml index a0cc21108..112aad1b8 100644 --- a/codegen/test/chart-envvars/templates/deployment.yaml +++ b/codegen/test/chart-envvars/templates/deployment.yaml @@ -42,7 +42,7 @@ spec: imagePullPolicy: {{ $painterImage.pullPolicy }} {{- if $painter.env }} env: -{{ toYaml $painter.env | indent 10 }} +{{ toYaml $painter.env | indent 10 }} {{- else if $painter.extraEnvs }} env: {{- end }} diff --git a/codegen/test/chart-no-desc/templates/deployment.yaml b/codegen/test/chart-no-desc/templates/deployment.yaml index 63ca1bf3c..eecea3b80 100644 --- a/codegen/test/chart-no-desc/templates/deployment.yaml +++ b/codegen/test/chart-no-desc/templates/deployment.yaml @@ -52,7 +52,7 @@ spec: - foo {{- if $painter.env }} env: -{{ toYaml $painter.env | indent 10 }} +{{ toYaml $painter.env | indent 10 }} {{- else if $painter.extraEnvs }} env: {{- end }} @@ -107,7 +107,7 @@ spec: - baz {{- if $palette.env }} env: -{{ toYaml $palette.env | indent 10 }} +{{ toYaml $palette.env | indent 10 }} {{- else if $palette.extraEnvs }} env: {{- end }} diff --git a/codegen/test/chart-pod-security-context/templates/deployment.yaml b/codegen/test/chart-pod-security-context/templates/deployment.yaml index 543b3977c..2b7979e0e 100644 --- a/codegen/test/chart-pod-security-context/templates/deployment.yaml +++ b/codegen/test/chart-pod-security-context/templates/deployment.yaml @@ -45,7 +45,7 @@ spec: imagePullPolicy: {{ $painterImage.pullPolicy }} {{- if $painter.env }} env: -{{ toYaml $painter.env | indent 10 }} +{{ toYaml $painter.env | indent 10 }} {{- else if $painter.extraEnvs }} env: {{- end }} diff --git a/codegen/test/chart-readiness/templates/deployment.yaml b/codegen/test/chart-readiness/templates/deployment.yaml index 83d00d696..83f2c7c65 100644 --- a/codegen/test/chart-readiness/templates/deployment.yaml +++ b/codegen/test/chart-readiness/templates/deployment.yaml @@ -42,7 +42,7 @@ spec: imagePullPolicy: {{ $painterImage.pullPolicy }} {{- if $painter.env }} env: -{{ toYaml $painter.env | indent 10 }} +{{ toYaml $painter.env | indent 10 }} {{- else if $painter.extraEnvs }} env: {{- end }} diff --git a/codegen/test/chart-sidecar-svcport/templates/deployment.yaml b/codegen/test/chart-sidecar-svcport/templates/deployment.yaml index 4839536e7..8db236f7c 100644 --- a/codegen/test/chart-sidecar-svcport/templates/deployment.yaml +++ b/codegen/test/chart-sidecar-svcport/templates/deployment.yaml @@ -42,7 +42,7 @@ spec: imagePullPolicy: {{ $painterImage.pullPolicy }} {{- if $painter.env }} env: -{{ toYaml $painter.env | indent 10 }} +{{ toYaml $painter.env | indent 10 }} {{- else if $painter.extraEnvs }} env: {{- end }} @@ -88,7 +88,7 @@ spec: imagePullPolicy: {{ $sidecarPainterImage.pullPolicy }} {{- if $sidecarPainter.env }} env: -{{ toYaml $sidecarPainter.env | indent 10 }} +{{ toYaml $sidecarPainter.env | indent 10 }} {{- else if $sidecarPainter.extraEnvs }} env: {{- end }} diff --git a/codegen/test/chart-sidecar/templates/deployment.yaml b/codegen/test/chart-sidecar/templates/deployment.yaml index faa9fd5d7..4099c2b03 100644 --- a/codegen/test/chart-sidecar/templates/deployment.yaml +++ b/codegen/test/chart-sidecar/templates/deployment.yaml @@ -42,7 +42,7 @@ spec: imagePullPolicy: {{ $painterImage.pullPolicy }} {{- if $painter.env }} env: -{{ toYaml $painter.env | indent 10 }} +{{ toYaml $painter.env | indent 10 }} {{- else if $painter.extraEnvs }} env: {{- end }} @@ -87,7 +87,7 @@ spec: imagePullPolicy: {{ $fooBarImage.pullPolicy }} {{- if $fooBar.env }} env: -{{ toYaml $fooBar.env | indent 10 }} +{{ toYaml $fooBar.env | indent 10 }} {{- else if $fooBar.extraEnvs }} env: {{- end }} diff --git a/codegen/test/chart-svcport/templates/deployment.yaml b/codegen/test/chart-svcport/templates/deployment.yaml index f532d199d..3904d15cd 100644 --- a/codegen/test/chart-svcport/templates/deployment.yaml +++ b/codegen/test/chart-svcport/templates/deployment.yaml @@ -42,7 +42,7 @@ spec: imagePullPolicy: {{ $painterImage.pullPolicy }} {{- if $painter.env }} env: -{{ toYaml $painter.env | indent 10 }} +{{ toYaml $painter.env | indent 10 }} {{- else if $painter.extraEnvs }} env: {{- end }} diff --git a/codegen/test/chart/conditional-sidecar/templates/deployment.yaml b/codegen/test/chart/conditional-sidecar/templates/deployment.yaml index 7310b367b..672c7657a 100644 --- a/codegen/test/chart/conditional-sidecar/templates/deployment.yaml +++ b/codegen/test/chart/conditional-sidecar/templates/deployment.yaml @@ -58,6 +58,16 @@ spec: {{- if $glooMgmtServer.env }} env: {{ toYaml $glooMgmtServer.env | indent 10 }} + - name: USERNAME + valueFrom: + secretKeyRef: + key: '{{ $.Values.usernameKey }}' + name: '{{ $.Values.someSecret }}' + - name: PASSWORD + valueFrom: + configMapKeyRef: + key: '{{ $.Values.passwordKey }}' + name: '{{ $.Values.someConfigMap }}' {{- else if $glooMgmtServer.extraEnvs }} env: {{- end }} @@ -107,7 +117,7 @@ spec: imagePullPolicy: {{ $glooAgentImage.pullPolicy }} {{- if $glooAgent.env }} env: -{{ toYaml $glooAgent.env | indent 10 }} +{{ toYaml $glooAgent.env | indent 10 }} {{- else if $glooAgent.extraEnvs }} env: {{- end }} @@ -279,7 +289,7 @@ spec: imagePullPolicy: {{ $glooAgentImage.pullPolicy }} {{- if $glooAgent.env }} env: -{{ toYaml $glooAgent.env | indent 10 }} +{{ toYaml $glooAgent.env | indent 10 }} {{- else if $glooAgent.extraEnvs }} env: {{- end }} diff --git a/codegen/test/chart/templates/deployment.yaml b/codegen/test/chart/templates/deployment.yaml index a0cc21108..112aad1b8 100644 --- a/codegen/test/chart/templates/deployment.yaml +++ b/codegen/test/chart/templates/deployment.yaml @@ -42,7 +42,7 @@ spec: imagePullPolicy: {{ $painterImage.pullPolicy }} {{- if $painter.env }} env: -{{ toYaml $painter.env | indent 10 }} +{{ toYaml $painter.env | indent 10 }} {{- else if $painter.extraEnvs }} env: {{- end }} diff --git a/codegen/test/name_override_chart/templates/deployment.yaml b/codegen/test/name_override_chart/templates/deployment.yaml index b39427080..ba6dfa083 100644 --- a/codegen/test/name_override_chart/templates/deployment.yaml +++ b/codegen/test/name_override_chart/templates/deployment.yaml @@ -44,7 +44,7 @@ spec: - foo {{- if $painterOriginalName.env }} env: -{{ toYaml $painterOriginalName.env | indent 10 }} +{{ toYaml $painterOriginalName.env | indent 10 }} {{- else if $painterOriginalName.extraEnvs }} env: {{- end }}