KUOKA Yusuke
GitHub
parent
5f8b2e5c7f
commit
f5e565ea3e
16
README.md
16
README.md
|
|
@ -52,6 +52,14 @@ helmDefaults:
|
|||
timeout: 600
|
||||
recreatePods: true
|
||||
force: true
|
||||
# enable TLS for request to Tiller
|
||||
tls: true
|
||||
# path to TLS CA certificate file (default "$HELM_HOME/ca.pem")
|
||||
tlsCACert: "path/to/ca.pem"
|
||||
# path to TLS certificate file (default "$HELM_HOME/cert.pem")
|
||||
tlsCert: "path/to/cert.pem"
|
||||
# path to TLS key file (default "$HELM_HOME/key.pem")
|
||||
tlsKey: "path/to/key.pem"
|
||||
|
||||
releases:
|
||||
# Published chart example
|
||||
|
|
@ -101,6 +109,14 @@ releases:
|
|||
installed: true
|
||||
# restores previous state in case of failed release
|
||||
atomic: true
|
||||
# enable TLS for request to Tiller
|
||||
tls: true
|
||||
# path to TLS CA certificate file (default "$HELM_HOME/ca.pem")
|
||||
tlsCACert: "path/to/ca.pem"
|
||||
# path to TLS certificate file (default "$HELM_HOME/cert.pem")
|
||||
tlsCert: "path/to/cert.pem"
|
||||
# path to TLS key file (default "$HELM_HOME/key.pem")
|
||||
tlsKey: "path/to/key.pem"
|
||||
|
||||
# Local chart example
|
||||
- name: grafana # name of this release
|
||||
|
|
|
|||
|
|
@ -83,9 +83,6 @@ func GetArgs(args string, state *state.HelmState) []string {
|
|||
}
|
||||
}
|
||||
|
||||
if state.HelmDefaults.TillerNamespace != "" {
|
||||
argsMap.SetArg("--tiller-namespace", state.HelmDefaults.TillerNamespace, false)
|
||||
}
|
||||
if state.HelmDefaults.KubeContext != "" {
|
||||
argsMap.SetArg("--kube-context", state.HelmDefaults.KubeContext, false)
|
||||
}
|
||||
|
|
|
|||
|
|
@ -68,6 +68,11 @@ type HelmSpec struct {
|
|||
Force bool `yaml:"force"`
|
||||
// Atomic, when set to true, restore previous state in case of a failed install/upgrade attempt
|
||||
Atomic bool `yaml:"atomic"`
|
||||
|
||||
TLS bool `yaml:"tls"`
|
||||
TLSCACert string `yaml:"tlsCACert"`
|
||||
TLSKey string `yaml:"tlsKey"`
|
||||
TLSCert string `yaml:"tlsCert"`
|
||||
}
|
||||
|
||||
// RepositorySpec that defines values for a helm repo
|
||||
|
|
@ -121,6 +126,13 @@ type ReleaseSpec struct {
|
|||
|
||||
ValuesPathPrefix string `yaml:"valuesPathPrefix"`
|
||||
|
||||
TillerNamespace string `yaml:"tillerNamespace"`
|
||||
|
||||
TLS *bool `yaml:"tls"`
|
||||
TLSCACert string `yaml:"tlsCACert"`
|
||||
TLSKey string `yaml:"tlsKey"`
|
||||
TLSCert string `yaml:"tlsCert"`
|
||||
|
||||
// generatedValues are values that need cleaned up on exit
|
||||
generatedValues []string
|
||||
}
|
||||
|
|
@ -929,6 +941,38 @@ func findChartDirectory(topLevelDir string) (string, error) {
|
|||
return topLevelDir, errors.New("No Chart.yaml found")
|
||||
}
|
||||
|
||||
func (st *HelmState) appendTillerFlags(flags []string, release *ReleaseSpec) []string {
|
||||
if release.TillerNamespace != "" {
|
||||
flags = append(flags, "--tiller-namespace", release.TillerNamespace)
|
||||
} else if st.HelmDefaults.TillerNamespace != "" {
|
||||
flags = append(flags, "--tiller-namespace", st.HelmDefaults.TillerNamespace)
|
||||
}
|
||||
|
||||
if release.TLS != nil && *release.TLS || release.TLS == nil && st.HelmDefaults.TLS {
|
||||
flags = append(flags, "--tls")
|
||||
}
|
||||
|
||||
if release.TLSKey != "" {
|
||||
flags = append(flags, "--tls-key", release.TLSKey)
|
||||
} else if st.HelmDefaults.TLSKey != "" {
|
||||
flags = append(flags, "--tls-key", st.HelmDefaults.TLSKey)
|
||||
}
|
||||
|
||||
if release.TLSCert != "" {
|
||||
flags = append(flags, "--tls-cert", release.TLSCert)
|
||||
} else if st.HelmDefaults.TLSCert != "" {
|
||||
flags = append(flags, "--tls-cert", st.HelmDefaults.TLSCert)
|
||||
}
|
||||
|
||||
if release.TLSCACert != "" {
|
||||
flags = append(flags, "--tls-ca-cert", release.TLSCACert)
|
||||
} else if st.HelmDefaults.TLSCACert != "" {
|
||||
flags = append(flags, "--tls-ca-cert", st.HelmDefaults.TLSCACert)
|
||||
}
|
||||
|
||||
return flags
|
||||
}
|
||||
|
||||
func (st *HelmState) flagsForUpgrade(helm helmexec.Interface, release *ReleaseSpec) ([]string, error) {
|
||||
flags := []string{}
|
||||
if release.Version != "" {
|
||||
|
|
@ -967,6 +1011,8 @@ func (st *HelmState) flagsForUpgrade(helm helmexec.Interface, release *ReleaseSp
|
|||
flags = append(flags, "--atomic")
|
||||
}
|
||||
|
||||
flags = st.appendTillerFlags(flags, release)
|
||||
|
||||
common, err := st.namespaceAndValuesFlags(helm, release)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
|
|
@ -995,6 +1041,8 @@ func (st *HelmState) flagsForDiff(helm helmexec.Interface, release *ReleaseSpec)
|
|||
flags = append(flags, "--devel")
|
||||
}
|
||||
|
||||
flags = st.appendTillerFlags(flags, release)
|
||||
|
||||
common, err := st.namespaceAndValuesFlags(helm, release)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
|
|
|
|||
|
|
@ -129,6 +129,10 @@ func TestHelmState_applyDefaultsTo(t *testing.T) {
|
|||
}
|
||||
}
|
||||
|
||||
func boolValue(v bool) *bool {
|
||||
return &v
|
||||
}
|
||||
|
||||
func TestHelmState_flagsForUpgrade(t *testing.T) {
|
||||
enable := true
|
||||
disable := false
|
||||
|
|
@ -424,6 +428,79 @@ func TestHelmState_flagsForUpgrade(t *testing.T) {
|
|||
"--namespace", "test-namespace",
|
||||
},
|
||||
},
|
||||
{
|
||||
name: "tiller",
|
||||
defaults: HelmSpec{},
|
||||
release: &ReleaseSpec{
|
||||
Chart: "test/chart",
|
||||
Version: "0.1",
|
||||
Name: "test-charts",
|
||||
TLS: boolValue(true),
|
||||
TillerNamespace: "tiller-system",
|
||||
TLSKey: "key.pem",
|
||||
TLSCert: "cert.pem",
|
||||
TLSCACert: "ca.pem",
|
||||
},
|
||||
want: []string{
|
||||
"--version", "0.1",
|
||||
"--tiller-namespace", "tiller-system",
|
||||
"--tls",
|
||||
"--tls-key", "key.pem",
|
||||
"--tls-cert", "cert.pem",
|
||||
"--tls-ca-cert", "ca.pem",
|
||||
},
|
||||
},
|
||||
{
|
||||
name: "tiller-override-defaults",
|
||||
defaults: HelmSpec{
|
||||
TLS: false,
|
||||
TillerNamespace: "a",
|
||||
TLSKey: "b.pem",
|
||||
TLSCert: "c.pem",
|
||||
TLSCACert: "d.pem",
|
||||
},
|
||||
release: &ReleaseSpec{
|
||||
Chart: "test/chart",
|
||||
Version: "0.1",
|
||||
Name: "test-charts",
|
||||
TLS: boolValue(true),
|
||||
TillerNamespace: "tiller-system",
|
||||
TLSKey: "key.pem",
|
||||
TLSCert: "cert.pem",
|
||||
TLSCACert: "ca.pem",
|
||||
},
|
||||
want: []string{
|
||||
"--version", "0.1",
|
||||
"--tiller-namespace", "tiller-system",
|
||||
"--tls",
|
||||
"--tls-key", "key.pem",
|
||||
"--tls-cert", "cert.pem",
|
||||
"--tls-ca-cert", "ca.pem",
|
||||
},
|
||||
},
|
||||
{
|
||||
name: "tiller-from-defaults",
|
||||
defaults: HelmSpec{
|
||||
TLS: true,
|
||||
TillerNamespace: "tiller-system",
|
||||
TLSKey: "key.pem",
|
||||
TLSCert: "cert.pem",
|
||||
TLSCACert: "ca.pem",
|
||||
},
|
||||
release: &ReleaseSpec{
|
||||
Chart: "test/chart",
|
||||
Version: "0.1",
|
||||
Name: "test-charts",
|
||||
},
|
||||
want: []string{
|
||||
"--version", "0.1",
|
||||
"--tiller-namespace", "tiller-system",
|
||||
"--tls",
|
||||
"--tls-key", "key.pem",
|
||||
"--tls-cert", "cert.pem",
|
||||
"--tls-ca-cert", "ca.pem",
|
||||
},
|
||||
},
|
||||
}
|
||||
for _, tt := range tests {
|
||||
t.Run(tt.name, func(t *testing.T) {
|
||||
|
|
|
|||
Loading…
Reference in New Issue