Skip to content

Commit

Permalink
server: fix config templating (#1073)
Browse files Browse the repository at this point in the history
* server: fix templated server config for HCL and JSON

* reformat some of the config tests so they run locally on macos
  • Loading branch information
tvoran authored Nov 20, 2024
1 parent 427cd1a commit 87d6789
Show file tree
Hide file tree
Showing 3 changed files with 62 additions and 22 deletions.
6 changes: 6 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
@@ -1,7 +1,13 @@
## Unreleased

Bugs:
* server: restore support for templated config [GH-1073](https://github.com/hashicorp/vault-helm/pull/1073)

## 0.29.0 (November 7, 2024)

KNOWN ISSUES:
* Template support in server config stopped working [GH-1072](https://github.com/hashicorp/vault-helm/issues/1072)

Changes:

* Default `vault` version updated to 1.18.1
Expand Down
4 changes: 2 additions & 2 deletions templates/_helpers.tpl
Original file line number Diff line number Diff line change
Expand Up @@ -1091,7 +1091,7 @@ config file from values
{{- $type := typeOf $config -}}
{{- if eq $type "string" -}}
{{/* Vault supports both HCL and JSON as its configuration format */}}
{{- $json := $config | fromJson -}}
{{- $json := tpl $config . | fromJson -}}
{{/*
Helm's fromJson does not behave according to the corresponding sprig function nor Helm docs,
which claim that it should return empty string on invalid JSON, it actually returns
Expand All @@ -1109,6 +1109,6 @@ https://github.com/helm/helm/blob/50c22ed7f953fadb32755e5881ba95a92da852b2/pkg/e
{{- else }}
{{- fail "structured server config is not supported, value must be a string"}}
{{- end }}
{{- $config | nindent 4 | trim }}
{{- tpl $config . | nindent 4 | trim }}
{{- end -}}
{{- end -}}
74 changes: 54 additions & 20 deletions test/unit/server-configmap.bats
Original file line number Diff line number Diff line change
Expand Up @@ -57,6 +57,35 @@ load _helpers
[ "${actual}" = "true" ]
}

@test "server/ConfigMap: raft config templated not JSON" {
cd `chart_dir`
local actual
actual=$(helm template \
--show-only templates/server-config-configmap.yaml \
--set 'server.ha.enabled=true' \
--set 'server.ha.raft.enabled=true' \
--set "server.ha.raft.config=hello = {{ .Chart.Name }}" \
. | tee /dev/stderr |
yq '.data' | tee /dev/stderr)
local check=$(echo "${actual}" | \
yq '."extraconfig-from-values.hcl" == "hello = vault\ndisable_mlock = true"')
[ "${check}" = "true" ]
}

@test "server/ConfigMap: raft config templated JSON" {
cd `chart_dir`
local actual
actual=$(helm template \
--show-only templates/server-config-configmap.yaml \
--set 'server.ha.enabled=true' \
--set 'server.ha.raft.enabled=true' \
--set "server.ha.raft.config=\{\"hello\": \"{{ .Chart.Name }}\"\}" \
. | tee /dev/stderr |
yq '.data' | tee /dev/stderr)
local check=$(echo "${actual}" | \
yq '."extraconfig-from-values.hcl" == "{\"disable_mlock\":true,\"hello\":\"vault\"}"')
[ "${check}" = "true" ]
}

@test "server/ConfigMap: disabled by server.dev.enabled true" {
cd `chart_dir`
Expand Down Expand Up @@ -107,32 +136,35 @@ load _helpers
--set 'server.standalone.config=\{\"hello\": \"world\"\}' \
. | tee /dev/stderr |
yq '.data')
[ "$(echo "${data}" | \
yq '(. | length) == 1')" = "true" ]
[ "$(echo "${data}" | \
yq '."extraconfig-from-values.hcl" == "{\"disable_mlock\":true,\"hello\":\"world\"}"')" = 'true' ]
local checkLength=$(echo "${data}" | yq '(. | length) == 1')
[ "${checkLength}" = "true" ]
local checkExtraConfig=$(echo "${data}" | \
yq '."extraconfig-from-values.hcl" == "{\"disable_mlock\":true,\"hello\":\"world\"}"')
[ "${checkExtraConfig}" = 'true' ]

data=$(helm template \
--show-only templates/server-config-configmap.yaml \
--set 'server.standalone.enabled=true' \
--set 'server.standalone.config=\{\"foo\": \"bar\"\}' \
. | tee /dev/stderr |
yq '.data' | tee /dev/stderr)
[ "$(echo "${data}" | \
yq '(. | length) == 1')" = "true" ]
[ "$(echo "${data}" | \
yq '."extraconfig-from-values.hcl" == "{\"disable_mlock\":true,\"foo\":\"bar\"}"')" = 'true' ]
checkLength=$(echo "${data}" | yq '(. | length) == 1')
[ "${checkLength}" = "true" ]
checkExtraConfig=$(echo "${data}" | \
yq '."extraconfig-from-values.hcl" == "{\"disable_mlock\":true,\"foo\":\"bar\"}"')
[ "${checkExtraConfig}" = 'true' ]

data=$(helm template \
--show-only templates/server-config-configmap.yaml \
--set 'server.standalone.enabled=true' \
--set 'server.standalone.config=\{\"disable_mlock\": false\,\"foo\":\"bar\"\}' \
. | tee /dev/stderr |
yq '.data' | tee /dev/stderr)
[ "$(echo "${data}" | \
yq '(. | length) == 1')" = "true" ]
[ "$(echo "${data}" | \
yq '."extraconfig-from-values.hcl" == "{\"disable_mlock\":false,\"foo\":\"bar\"}"')" = 'true' ]
checkLength=$(echo "${data}" | yq '(. | length) == 1')
[ "${checkLength}" = "true" ]
checkExtraConfig=$(echo "${data}" | \
yq '."extraconfig-from-values.hcl" == "{\"disable_mlock\":false,\"foo\":\"bar\"}"')
[ "${checkExtraConfig}" = 'true' ]
}

@test "server/ConfigMap: standalone extraConfig is set as not JSON" {
Expand Down Expand Up @@ -173,21 +205,23 @@ load _helpers
--set 'server.ha.config=\{\"hello\": \"ha-world\"\}' \
. | tee /dev/stderr |
yq '.data' | tee /dev/stderr)
[ "$(echo "${data}" | \
yq '(. | length) == 1')" = "true" ]
[ "$(echo "${data}" | \
yq '."extraconfig-from-values.hcl" == "{\"disable_mlock\":true,\"hello\":\"ha-world\"}"')" = 'true' ]
local checkLength=$(echo "${data}" | yq '(. | length) == 1')
[ "${checkLength}" = "true" ]
local checkExtraConfig=$(echo "${data}" | \
yq '."extraconfig-from-values.hcl" == "{\"disable_mlock\":true,\"hello\":\"ha-world\"}"')
[ "$checkExtraConfig" = 'true' ]

data=$(helm template \
--show-only templates/server-config-configmap.yaml \
--set 'server.ha.enabled=true' \
--set 'server.ha.config=\{\"foo\": \"bar\"\,\"disable_mlock\":false\}' \
. | tee /dev/stderr |
yq '.data' | tee /dev/stderr)
[ "$(echo "${data}" | \
yq '(. | length) == 1')" = "true" ]
[ "$(echo "${data}" | \
yq '."extraconfig-from-values.hcl" == "{\"disable_mlock\":false,\"foo\":\"bar\"}"')" = 'true' ]
checkLength=$(echo "${data}" | yq '(. | length) == 1')
[ "$checkLength" = "true" ]
checkExtraConfig=$(echo "${data}" | \
yq '."extraconfig-from-values.hcl" == "{\"disable_mlock\":false,\"foo\":\"bar\"}"')
[ "${checkExtraConfig}" = 'true' ]
}

@test "server/ConfigMap: disabled by injector.externalVaultAddr" {
Expand Down

0 comments on commit 87d6789

Please sign in to comment.