From 8bd5de95fa31f0967c468f782e118a69ec8720c0 Mon Sep 17 00:00:00 2001
From: Daniel Del Rio <daniel@passbolt.com>
Date: Fri, 26 Apr 2024 17:12:07 +0000
Subject: [PATCH 1/2] fixes #81 and adds integration tests for passbolt with
postgresql
---
.github/workflows/push_pr_main.yaml | 14 ++++++-
.gitlab-ci.yml | 10 ++++-
run_tests.sh | 22 +++++++----
templates/_helpers.tpl | 4 +-
templates/secret-env.yaml | 2 +-
.../fixtures/create-cluster-with-passbolt.sh | 3 +-
.../{testing.yaml => testing-mariadb.yaml} | 0
.../fixtures/testing-postgresql.yaml | 39 +++++++++++++++++++
tests/secret_env_postgresql_support_test.yaml | 19 +++++++++
9 files changed, 99 insertions(+), 14 deletions(-)
rename tests/integration/fixtures/{testing.yaml => testing-mariadb.yaml} (100%)
create mode 100644 tests/integration/fixtures/testing-postgresql.yaml
diff --git a/.github/workflows/push_pr_main.yaml b/.github/workflows/push_pr_main.yaml
index 5b268c6..1512599 100644
--- a/.github/workflows/push_pr_main.yaml
+++ b/.github/workflows/push_pr_main.yaml
@@ -39,8 +39,8 @@ jobs:
- name: Run unit tests
run: bash run_tests.sh --unit
- integration-test:
- name: Integration Tests
+ integration-tests-mariadb:
+ name: Integration Tests Mariadb
runs-on: ubuntu-latest
steps:
- name: Checkout
@@ -48,3 +48,13 @@ jobs:
- name: Run integration tests
run: bash run_tests.sh --integration
+
+ integration-tests-postgresql:
+ name: Integration Tests Postgresql
+ runs-on: ubuntu-latest
+ steps:
+ - name: Checkout
+ uses: actions/checkout@v4
+
+ - name: Run integration tests
+ run: bash run_tests.sh --integration -d postgresql
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 04af5aa..d8cf583 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -31,7 +31,7 @@ test Helm Charts:
- helm plugin install https://github.com/helm-unittest/helm-unittest
- bash run_tests.sh --unit
-integration Tests Helm Charts:
+integration Tests Helm Charts Mariadb:
image: ${CI_DEPENDENCY_PROXY_DIRECT_GROUP_IMAGE_PREFIX}/docker:dind
script:
- |
@@ -39,6 +39,14 @@ integration Tests Helm Charts:
sleep 10 # Wait for docker service
bash run_tests.sh --integration
+integration Tests Helm Charts Postgresql:
+ image: ${CI_DEPENDENCY_PROXY_DIRECT_GROUP_IMAGE_PREFIX}/docker:dind
+ script:
+ - |
+ apk update && apk add -U curl bash
+ sleep 10 # Wait for docker service
+ bash run_tests.sh --integration -d postgresql
+
publish:
stage: publish
image: ${CI_DEPENDENCY_PROXY_DIRECT_GROUP_IMAGE_PREFIX}/alpine/helm
diff --git a/run_tests.sh b/run_tests.sh
index 6036a8f..d88a698 100644
--- a/run_tests.sh
+++ b/run_tests.sh
@@ -2,6 +2,7 @@
set -eo pipefail
+DATABASE_ENGINGE=mariadb
RUN_UNIT=false
RUN_LINT=false
RUN_INTEGRATION=false
@@ -21,10 +22,11 @@ function run_unit_tests {
}
function run_integration_tests {
+ local database="$1"
if [[ "$RUN_INTEGRATION" == "true" || "$RUN_ALL" == "true" ]]; then
source tests/integration/fixtures/install_dependencies.sh
installDependencies
- bash tests/integration/fixtures/create-cluster-with-passbolt.sh
+ bash tests/integration/fixtures/create-cluster-with-passbolt.sh "$database"
"$HELM_BINARY" test --logs passbolt -n default
fi
}
@@ -43,11 +45,12 @@ function showHelp {
echo "$0 with no arguments will run all of the available tests."
echo
echo "options:"
- echo "-h|--help Show this message."
- echo "-l|--lint Run helm lint."
- echo "-u|--unit Run helm unittest tests."
- echo "-i|--integration Run integration tests."
- echo "-no-clean Skip cleaning step."
+ echo "-h|--help Show this message."
+ echo "-l|--lint Run helm lint."
+ echo "-u|--unit Run helm unittest tests."
+ echo "-i|--integration Run integration tests."
+ echo "-d|--database [option] Database to run integration tests to [mariadb|postgresql]."
+ echo "-no-clean Skip cleaning step."
echo
exit 0
}
@@ -55,7 +58,7 @@ function showHelp {
function run_all {
run_linter
run_unit_tests
- run_integration_tests
+ run_integration_tests "$DATABASE_ENGINGE"
clean_integration_assets
}
@@ -79,6 +82,11 @@ while [[ $# -gt 0 ]]; do
RUN_INTEGRATION=true
shift
;;
+ -d | --database)
+ shift
+ DATABASE_ENGINGE=$1
+ shift
+ ;;
--no-clean)
CLEAN_INTEGRATION_ASSETS=false
shift
diff --git a/templates/_helpers.tpl b/templates/_helpers.tpl
index 80d336f..fd8426e 100644
--- a/templates/_helpers.tpl
+++ b/templates/_helpers.tpl
@@ -93,7 +93,7 @@ Render the value of the database port
{{- else if and ( eq .Values.postgresqlDependencyEnabled true ) ( eq .Values.app.database.kind "postgresql" ) }}
{{- default 5432 .Values.passboltEnv.plain.DATASOURCES_DEFAULT_PORT | quote }}
{{- else if ( hasKey .Values.passboltEnv.plain "DATASOURCES_DEFAULT_PORT" ) -}}
-{{- printf "%s" .Values.passboltEnv.plain.DATASOURCES_DEFAULT_PORT }}
+{{- printf "%s" (.Values.passboltEnv.plain.DATASOURCES_DEFAULT_PORT | toString )}}
{{- else }}
{{- fail "DATASOURCES_DEFAULT_PORT can't be empty when mariadbDependencyEnabled and postgresqlDependencyEnabled are disabled"}}
{{- end }}
@@ -109,7 +109,7 @@ Show error message if the user didn't set the needed values during upgrade
{{ if and $.Release.IsUpgrade ( not $.Values.gpgExistingSecret ) (or ( not $.Values.gpgServerKeyPublic ) ( not $.Values.gpgServerKeyPrivate )) }}
{{- $secretName := printf "%s-%s-%s" (include "passbolt-library.fullname" . ) "sec" "gpg" -}}
{{- $dpName := printf "%s-%s-%s" (include "passbolt-library.fullname" . ) "depl" "srv" -}}
-{{- $containerName := printf "%s-%s-%s" (include "passbolt-library.fullname" . ) "depl" "srv" -}}
+{{- $containerName := "passbolt" -}}
{{- $header = printf "GPG" -}}
{{- $message = printf "%s\n%s" $message (printf " export PRIVATE_KEY=$(kubectl get secret %s --namespace %s -o jsonpath=\"{.data.%s}\")" $secretName $.Release.Namespace "serverkey_private\\.asc") -}}
{{- $message = printf "%s\n%s" $message (printf " export PUBLIC_KEY=$(kubectl get secret %s --namespace %s -o jsonpath=\"{.data.%s}\")" $secretName $.Release.Namespace "serverkey\\.asc") -}}
diff --git a/templates/secret-env.yaml b/templates/secret-env.yaml
index 26978bb..e491bd0 100644
--- a/templates/secret-env.yaml
+++ b/templates/secret-env.yaml
@@ -23,6 +23,6 @@ data:
{{- $database := .Values.passboltEnv.secret.DATASOURCES_DEFAULT_DATABASE }}
{{- $schema := ( default "passbolt" .Values.passboltEnv.secret.DATASOURCES_DEFAULT_SCHEMA ) }}
{{- $host := ( include "passbolt.databaseServiceName" . ) | replace "\"" "" }}
- {{- $port := ( default "5432" .Values.passboltEnv.plain.DATASOURCES_DEFAULT_PORT ) }}
+ {{- $port := ( default "5432" .Values.passboltEnv.plain.DATASOURCES_DEFAULT_PORT) | toString }}
DATASOURCES_DEFAULT_URL: {{ printf "postgres://%s:%s@%s:%s/%s?schema=%s" $username $password $host $port $database $schema | toString | b64enc }}
{{- end -}}
diff --git a/tests/integration/fixtures/create-cluster-with-passbolt.sh b/tests/integration/fixtures/create-cluster-with-passbolt.sh
index d27686b..dc8cac5 100644
--- a/tests/integration/fixtures/create-cluster-with-passbolt.sh
+++ b/tests/integration/fixtures/create-cluster-with-passbolt.sh
@@ -3,8 +3,9 @@
set -eo pipefail
+DATABASE_ENGINE="${1:-mariadb}"
KIND_CLUSTER_CONFIG_FILE="tests/integration/fixtures/kind-config.yaml"
-HELM_TESTING_VALUES="tests/integration/fixtures/testing.yaml"
+HELM_TESTING_VALUES="tests/integration/fixtures/testing-$DATABASE_ENGINE.yaml"
KIND_CLUSTER_NAME="charts-passbolt-integration"
K8S_LOCAL_TLS_SECRET="local-tls-secret"
SSL_KEY_PATH="/tmp/ssl.key"
diff --git a/tests/integration/fixtures/testing.yaml b/tests/integration/fixtures/testing-mariadb.yaml
similarity index 100%
rename from tests/integration/fixtures/testing.yaml
rename to tests/integration/fixtures/testing-mariadb.yaml
diff --git a/tests/integration/fixtures/testing-postgresql.yaml b/tests/integration/fixtures/testing-postgresql.yaml
new file mode 100644
index 0000000..a0abbe4
--- /dev/null
+++ b/tests/integration/fixtures/testing-postgresql.yaml
@@ -0,0 +1,39 @@
+postgresqlDependencyEnabled: true
+mariadbDependencyEnabled: false
+postgresql:
+ auth:
+ # -- Configure postgresql auth username
+ username: CHANGEME
+ # -- Configure postgresql auth password
+ password: CHANGEME
+ # -- Configure postgresql auth database
+ database: passbolt
+# -- Enable integration tests
+integrationTests:
+ enabled: true
+ certificatesSecret: mkcert-ca
+ debug: false
+ingress:
+ # -- Enable passbolt ingress
+ enabled: true
+ # -- Configure passbolt ingress annotations
+ annotations:
+ nginx.ingress.kubernetes.io/backend-protocol: HTTPS
+ # -- Configure passbolt ingress hosts
+ hosts:
+ # @ignored
+ - host: "passbolt.local"
+ paths:
+ - path: /
+ port: https
+ pathType: ImplementationSpecific
+ tls:
+ - existingSecret: "local-tls-secret"
+ hosts:
+ - passbolt.local
+app:
+ database:
+ kind: postgresql
+ tls:
+ autogenerate: false
+ existingSecret: "local-tls-secret"
diff --git a/tests/secret_env_postgresql_support_test.yaml b/tests/secret_env_postgresql_support_test.yaml
index 19a9297..2e26260 100644
--- a/tests/secret_env_postgresql_support_test.yaml
+++ b/tests/secret_env_postgresql_support_test.yaml
@@ -53,3 +53,22 @@ tests:
path: data.DATASOURCES_DEFAULT_URL
value: "postgres://passboltUsername:pass@passboltHost:1234/passboltDatabase?schema=passboltSchema"
decodeBase64: true
+
+ - it: should contain the DATASOURCES_DEFAULT_URL with given schema, host and port as integer
+ templates:
+ - secret-env.yaml
+ set:
+ app.database.kind: "postgresql"
+ mariadbDependencyEnabled: false
+ postgresqlDependencyEnabled: true
+ passboltEnv.secret.DATASOURCES_DEFAULT_PASSWORD: pass
+ passboltEnv.secret.DATASOURCES_DEFAULT_DATABASE: passboltDatabase
+ passboltEnv.secret.DATASOURCES_DEFAULT_USERNAME: passboltUsername
+ passboltEnv.secret.DATASOURCES_DEFAULT_SCHEMA: passboltSchema
+ passboltEnv.plain.DATASOURCES_DEFAULT_HOST: "passboltHost"
+ passboltEnv.plain.DATASOURCES_DEFAULT_PORT: 1234
+ asserts:
+ - equal:
+ path: data.DATASOURCES_DEFAULT_URL
+ value: "postgres://passboltUsername:pass@passboltHost:1234/passboltDatabase?schema=passboltSchema"
+ decodeBase64: true
From 9cc3980949264b8d89158207c86448b23bf644d3 Mon Sep 17 00:00:00 2001
From: Daniel Del Rio Figueira <daniel@passbolt.com>
Date: Fri, 26 Apr 2024 19:17:05 +0200
Subject: [PATCH 2/2] Updated README.m Chart.yaml CHANGELOG.md and
RELEASE_NOTES.md to 1.1.0
---
CHANGELOG.md | 12 +++++++-
Chart.yaml | 2 +-
README.md | 13 ++++----
README.md.gotmpl | 11 +++----
RELEASE_NOTES.md | 78 ++----------------------------------------------
5 files changed, 28 insertions(+), 88 deletions(-)
diff --git a/CHANGELOG.md b/CHANGELOG.md
index e2bf597..dc06836 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -3,7 +3,17 @@
All notable changes to this project will be documented in this file.
This project adheres to [Semantic Versioning](http://semver.org/).
-## [Unreleased](https://github.com/passbolt/charts-passbolt/compare/1.0.0...HEAD)
+## [Unreleased](https://github.com/passbolt/charts-passbolt/compare/1.1.0...HEAD)
+
+## [1.1.0] - 2024-04-26
+
+### Fixed
+
+- [#81](https://github.com/passbolt/charts-passbolt/issues/81) Install passbolt with an existing Postgresql server.
+
+### Added
+
+- Integration tests for passbolt with postgresql were added.
## [1.0.0] - 2024-04-25
diff --git a/Chart.yaml b/Chart.yaml
index 4779275..009b24d 100644
--- a/Chart.yaml
+++ b/Chart.yaml
@@ -15,7 +15,7 @@ type: application
# This is the chart version. This version number should be incremented each time you make changes
# to the chart and its templates, including the app version.
# Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 1.0.0
+version: 1.1.0
# This is the version number of the application being deployed. This version number should be
# incremented each time you make changes to the application. Versions are not expected to
diff --git a/README.md b/README.md
index fb26b8d..0d6cade 100644
--- a/README.md
+++ b/README.md
@@ -4,7 +4,7 @@
<img src="./.assets/helm_passbolt.png" alt="passbolt sails kubernetes" width="500"/>
</h3>
-  
+  
Passbolt is an open source, security first password manager with strong focus on
collaboration.
@@ -246,11 +246,12 @@ Syntax: run_tests.sh [options]
run_tests.sh with no arguments will run all of the available tests.
options:
--h|--help Show this message.
--l|--lint Run helm lint.
--u|--unit Run helm unittest tests.
--i|--integration Run integration tests.
--no-clean Skip cleaning step.
+-h|--help Show this message.
+-l|--lint Run helm lint.
+-u|--unit Run helm unittest tests.
+-i|--integration Run integration tests.
+-d|--database [option] Database to run integration tests with [mariadb|postgresql]."
+-no-clean Skip cleaning step.
```
diff --git a/README.md.gotmpl b/README.md.gotmpl
index 4c90ddb..a59b221 100644
--- a/README.md.gotmpl
+++ b/README.md.gotmpl
@@ -115,11 +115,12 @@ Syntax: run_tests.sh [options]
run_tests.sh with no arguments will run all of the available tests.
options:
--h|--help Show this message.
--l|--lint Run helm lint.
--u|--unit Run helm unittest tests.
--i|--integration Run integration tests.
--no-clean Skip cleaning step.
+-h|--help Show this message.
+-l|--lint Run helm lint.
+-u|--unit Run helm unittest tests.
+-i|--integration Run integration tests.
+-d|--database [option] Database to run integration tests with [mariadb|postgresql]."
+-no-clean Skip cleaning step.
```
diff --git a/RELEASE_NOTES.md b/RELEASE_NOTES.md
index fa90b6e..0118794 100644
--- a/RELEASE_NOTES.md
+++ b/RELEASE_NOTES.md
@@ -1,76 +1,4 @@
-Announcing the immediate availability of passbolt's helm chart 1.0.0.
-This is a major release that introduces some breaking changes contributed
-by the community.
+Announcing the immediate availability of passbolt's helm chart 1.1.0.
-Thanks to all the community members that helped us to improve this chart
-and reach version 1.0.0!! :tada:
-
-@chris968
-@jouve
-@Kuruyia
-
-Following there is a list of breaking changes and possible migration paths
-from previous chart versions. Please keep in mind that we can't cover all
-possible scenarios.
-
-If you are having issues upgrading from older chart versions please let us
-known by opening an issue in Github
-
-# TL;DR
-
-List of breaking changes:
-
-- Global `tls` value has been removed in favour of `ingress.tls` and `app.tls`
-- `ingress.tls[].secretName` has been removed in favour of `ingress.tls[].existingSecret`
-- `extraVolumes` and `extraVolumeMounts` values are now a list instead of a string.
-- Expose the HTTP port in the service. `service.port`, `service.name` and
- `service.targetPort` have been removed in favour of `service.ports`
- in order to expose configurable http and https ports.
-
-# Ingress and TLS related changes
-
-Global `tls` value has been removed to allow users to have different TLS
-certificates injected on ingress objects and passbolt containers.
-Ingress TLS is now managed with `ingress.tls` value, while passbolt TLS
-is managed with `app.tls` field in the values file.
-
-## Migrate from old TLS configuration
-
-`ingress.tls[].secretName` has been removed in favour of
-`ingress.tls[].existingSecret` for clarity.
-
-## Inject same SSL certificate on ingress and service
-
-Users that were injecting the same secret on Ingress objects and passbolt
-container will have to migrate to a configuration similar to:
-
-```yaml
-ingress.tls:
- - autogenerate: false
- existingSecret: mySSLSecret
- hosts: [yourhost.com]
-```
-
-```yaml
-app.tls:
- - autogenerate: false
- existingSecret: mySSLSecret
-```
-
-## Inject separate certificates on ingress and service
-
-Users who want to inject different SSL certificates on ingress objects and passbolt
-containers now they have a way to do it by setting:
-
-```yaml
-ingress.tls:
- - autogenerate: false
- existingSecret: myIngressSSLSecret
- hosts: [yourhost.com]
-```
-
-```yaml
-app.tls:
- - autogenerate: false
- existingSecret: mypassboltSSLSecret
-```
+This is a minor change release that fixes a bug when forcing the passboltEnv.DATASOURCES_DEFAULT_PORT on values file
+and adds the passbolt with postgresql integration tests.