From fb0eb40d5146255e0a339cb77bef80154e916143 Mon Sep 17 00:00:00 2001 From: Tim Collins Date: Fri, 22 Oct 2021 08:38:59 +0100 Subject: [PATCH 1/9] Add option for Ingress PathType Signed-off-by: Tim Collins --- Chart.yaml | 2 +- templates/server-ingress.yaml | 4 ++++ values.yaml | 4 ++++ 3 files changed, 9 insertions(+), 1 deletion(-) diff --git a/Chart.yaml b/Chart.yaml index 094ab89eb..7a4e86f59 100644 --- a/Chart.yaml +++ b/Chart.yaml @@ -1,6 +1,6 @@ apiVersion: v2 name: vault -version: 0.17.0 +version: 0.17.1 appVersion: 1.8.4 kubeVersion: ">= 1.14.0-0" description: Official HashiCorp Vault Chart diff --git a/templates/server-ingress.yaml b/templates/server-ingress.yaml index b814a6afe..48c76a828 100644 --- a/templates/server-ingress.yaml +++ b/templates/server-ingress.yaml @@ -8,6 +8,7 @@ {{- $serviceName = printf "%s-%s" $serviceName "active" -}} {{- end }} {{- $servicePort := .Values.server.service.port -}} +{{- $pathType := .Values.server.ingress.pathType -}} {{- $kubeVersion := .Capabilities.KubeVersion.Version }} {{ if semverCompare ">= 1.19.0-0" $kubeVersion }} apiVersion: networking.k8s.io/v1 @@ -53,6 +54,9 @@ spec: {{- end }} {{- range (.paths | default (list "/")) }} - path: {{ . }} + {{ if semverCompare ">= 1.19.0-0" $kubeVersion }} + pathType: {{ $pathType }} + {{ end }} backend: {{ if semverCompare ">= 1.19.0-0" $kubeVersion }} service: diff --git a/values.yaml b/values.yaml index 6abc909f5..2d975be06 100644 --- a/values.yaml +++ b/values.yaml @@ -275,6 +275,10 @@ server: # See: https://kubernetes.io/docs/concepts/services-networking/ingress/#deprecated-annotation ingressClassName: "" + # If using Kubernetes 1.19+, set the Ingress PathType. + # See: https://kubernetes.io/docs/concepts/services-networking/ingress/#path-types + pathType: Prefix + # When HA mode is enabled and K8s service registration is being used, # configure the ingress to point to the Vault active service. activeService: true From b7cb5db9d592c9ed0d476d367eebf49acaac790e Mon Sep 17 00:00:00 2001 From: Tim Collins Date: Fri, 22 Oct 2021 08:45:14 +0100 Subject: [PATCH 2/9] Looks like hashicorp handle the Chart versioning Signed-off-by: Tim Collins --- Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Chart.yaml b/Chart.yaml index 7a4e86f59..094ab89eb 100644 --- a/Chart.yaml +++ b/Chart.yaml @@ -1,6 +1,6 @@ apiVersion: v2 name: vault -version: 0.17.1 +version: 0.17.0 appVersion: 1.8.4 kubeVersion: ">= 1.14.0-0" description: Official HashiCorp Vault Chart From 739db2b61ca084c7c12b6235ef35e97177f5a71f Mon Sep 17 00:00:00 2001 From: Tim Collins Date: Mon, 25 Oct 2021 07:13:31 +0100 Subject: [PATCH 3/9] PathType unit test Signed-off-by: Tim Collins --- test/unit/server-ingress.bats | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/test/unit/server-ingress.bats b/test/unit/server-ingress.bats index 56a3f9241..8fa162174 100755 --- a/test/unit/server-ingress.bats +++ b/test/unit/server-ingress.bats @@ -226,3 +226,16 @@ load _helpers yq -r '.spec.rules[0].http.paths[0].backend.service.name' | tee /dev/stderr) [ "${actual}" = "RELEASE-NAME-vault" ] } + +@test "server/ingress: pathType added to object spec - string" { + cd `chart_dir` + + local actual=$(helm template \ + --show-only templates/server-ingress.yaml \ + --set 'server.ingress.enabled=true' \ + --set server.ingress.ingressClassName=nginx \ + --set server.ingress.pathType=ImplementationSpecific + . | tee /dev/stderr | + yq -r '.spec.rules[0].http.paths[0].pathType' | tee /dev/stderr) + [ "${actual}" = "ImplementationSpecific" ] +} \ No newline at end of file From 1123995806a85bc213d8c10ef03d5158190dd660 Mon Sep 17 00:00:00 2001 From: Tim Collins Date: Mon, 25 Oct 2021 07:29:09 +0100 Subject: [PATCH 4/9] Add negative unit test. Add missing char Signed-off-by: Tim Collins --- test/unit/server-ingress.bats | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) diff --git a/test/unit/server-ingress.bats b/test/unit/server-ingress.bats index 8fa162174..5fb5f8da0 100755 --- a/test/unit/server-ingress.bats +++ b/test/unit/server-ingress.bats @@ -234,8 +234,22 @@ load _helpers --show-only templates/server-ingress.yaml \ --set 'server.ingress.enabled=true' \ --set server.ingress.ingressClassName=nginx \ - --set server.ingress.pathType=ImplementationSpecific + --set server.ingress.pathType=ImplementationSpecific \ . | tee /dev/stderr | yq -r '.spec.rules[0].http.paths[0].pathType' | tee /dev/stderr) [ "${actual}" = "ImplementationSpecific" ] +} + +@test "server/ingress: pathType is not added to Kubernetes versions < 1.19" { + cd `chart_dir` + + local actual=$(helm template \ + --show-only templates/server-ingress.yaml \ + --set 'server.ingress.enabled=true' \ + --set server.ingress.ingressClassName=nginx \ + --set server.ingress.pathType=ImplementationSpecific \ + --kube-version 1.18.3 \ + . | tee /dev/stderr | + yq -r '.spec.rules[0].http.paths[0].pathType' | tee /dev/stderr) + [ "${actual}" = "null" ] } \ No newline at end of file From ce8afdd4b17ac1d3ee7330ae1eb4776f8bbb2ae5 Mon Sep 17 00:00:00 2001 From: Tim Collins Date: Mon, 25 Oct 2021 07:33:17 +0100 Subject: [PATCH 5/9] It seems that I don't need to set the ingressClassName for unit tests Signed-off-by: Tim Collins --- test/unit/server-ingress.bats | 2 -- 1 file changed, 2 deletions(-) diff --git a/test/unit/server-ingress.bats b/test/unit/server-ingress.bats index 5fb5f8da0..406f66589 100755 --- a/test/unit/server-ingress.bats +++ b/test/unit/server-ingress.bats @@ -233,7 +233,6 @@ load _helpers local actual=$(helm template \ --show-only templates/server-ingress.yaml \ --set 'server.ingress.enabled=true' \ - --set server.ingress.ingressClassName=nginx \ --set server.ingress.pathType=ImplementationSpecific \ . | tee /dev/stderr | yq -r '.spec.rules[0].http.paths[0].pathType' | tee /dev/stderr) @@ -246,7 +245,6 @@ load _helpers local actual=$(helm template \ --show-only templates/server-ingress.yaml \ --set 'server.ingress.enabled=true' \ - --set server.ingress.ingressClassName=nginx \ --set server.ingress.pathType=ImplementationSpecific \ --kube-version 1.18.3 \ . | tee /dev/stderr | From 80f60a2eb8b2d67df0400f37f7b454c1cc883208 Mon Sep 17 00:00:00 2001 From: Tim Collins <45351296+tico24@users.noreply.github.com> Date: Mon, 25 Oct 2021 15:08:00 +0100 Subject: [PATCH 6/9] Update test/unit/server-ingress.bats Co-authored-by: Ben Ash <32777270+benashz@users.noreply.github.com> --- test/unit/server-ingress.bats | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/unit/server-ingress.bats b/test/unit/server-ingress.bats index 406f66589..b33e60ddd 100755 --- a/test/unit/server-ingress.bats +++ b/test/unit/server-ingress.bats @@ -250,4 +250,4 @@ load _helpers . | tee /dev/stderr | yq -r '.spec.rules[0].http.paths[0].pathType' | tee /dev/stderr) [ "${actual}" = "null" ] -} \ No newline at end of file +} From 4cee00c84dbd2898ed8cf83ca9833821cb7ba7e2 Mon Sep 17 00:00:00 2001 From: Tim Collins <45351296+tico24@users.noreply.github.com> Date: Mon, 25 Oct 2021 15:08:11 +0100 Subject: [PATCH 7/9] Update values.yaml Co-authored-by: Ben Ash <32777270+benashz@users.noreply.github.com> --- values.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/values.yaml b/values.yaml index 2d975be06..44869da78 100644 --- a/values.yaml +++ b/values.yaml @@ -275,8 +275,8 @@ server: # See: https://kubernetes.io/docs/concepts/services-networking/ingress/#deprecated-annotation ingressClassName: "" - # If using Kubernetes 1.19+, set the Ingress PathType. - # See: https://kubernetes.io/docs/concepts/services-networking/ingress/#path-types + # As of Kubernetes 1.19, all Ingress Paths must have a pathType configured. The default value below should be sufficient in most cases. + # See: https://kubernetes.io/docs/concepts/services-networking/ingress/#path-types for other possible values. pathType: Prefix # When HA mode is enabled and K8s service registration is being used, From 09df98917a257259272da1bcd7a68bcc2f5f2024 Mon Sep 17 00:00:00 2001 From: Tim Collins <45351296+tico24@users.noreply.github.com> Date: Mon, 25 Oct 2021 15:08:21 +0100 Subject: [PATCH 8/9] Update test/unit/server-ingress.bats Co-authored-by: Ben Ash <32777270+benashz@users.noreply.github.com> --- test/unit/server-ingress.bats | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/test/unit/server-ingress.bats b/test/unit/server-ingress.bats index b33e60ddd..bac903d14 100755 --- a/test/unit/server-ingress.bats +++ b/test/unit/server-ingress.bats @@ -227,7 +227,8 @@ load _helpers [ "${actual}" = "RELEASE-NAME-vault" ] } -@test "server/ingress: pathType added to object spec - string" { +@test "server/ingress: pathType is added to Kubernetes version == 1.19.0" { + cd `chart_dir` local actual=$(helm template \ From 9e30da63d43cf5bdfab489beacf050c8520920a5 Mon Sep 17 00:00:00 2001 From: Tim Collins Date: Mon, 25 Oct 2021 15:15:50 +0100 Subject: [PATCH 9/9] Add >1.19 test and address feedback Signed-off-by: Tim Collins --- test/unit/server-ingress.bats | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-) diff --git a/test/unit/server-ingress.bats b/test/unit/server-ingress.bats index bac903d14..4132c16a7 100755 --- a/test/unit/server-ingress.bats +++ b/test/unit/server-ingress.bats @@ -228,13 +228,13 @@ load _helpers } @test "server/ingress: pathType is added to Kubernetes version == 1.19.0" { - cd `chart_dir` local actual=$(helm template \ --show-only templates/server-ingress.yaml \ --set 'server.ingress.enabled=true' \ --set server.ingress.pathType=ImplementationSpecific \ + --kube-version 1.19.0 \ . | tee /dev/stderr | yq -r '.spec.rules[0].http.paths[0].pathType' | tee /dev/stderr) [ "${actual}" = "ImplementationSpecific" ] @@ -252,3 +252,16 @@ load _helpers yq -r '.spec.rules[0].http.paths[0].pathType' | tee /dev/stderr) [ "${actual}" = "null" ] } + +@test "server/ingress: pathType is added to Kubernetes versions > 1.19" { + cd `chart_dir` + + local actual=$(helm template \ + --show-only templates/server-ingress.yaml \ + --set 'server.ingress.enabled=true' \ + --set server.ingress.pathType=Prefix \ + --kube-version 1.20.0 \ + . | tee /dev/stderr | + yq -r '.spec.rules[0].http.paths[0].pathType' | tee /dev/stderr) + [ "${actual}" = "Prefix" ] +}