From ef07a964b80ed0dff61e55d14aa6a1a756059258 Mon Sep 17 00:00:00 2001 From: Isman Firmansyah Date: Wed, 30 Oct 2024 13:56:30 +0700 Subject: [PATCH] feat(charts): allow using custom configuration schema (#1868) * feat(charts): allow using custom configuration schema Signed-off-by: iromli * docs: revert unnecessary changes to cn-istio-ingress subchart Signed-off-by: iromli --------- Signed-off-by: iromli Signed-off-by: Isman Firmansyah --- charts/gluu-all-in-one/README.md | 5 ++--- charts/gluu-all-in-one/templates/_helpers.tpl | 16 ++++++++++++++++ charts/gluu-all-in-one/templates/cronjobs.yaml | 12 ++++++------ charts/gluu-all-in-one/templates/deployment.yml | 12 ++++++------ charts/gluu-all-in-one/templates/secret.yaml | 3 +++ charts/gluu-all-in-one/values.yaml | 4 ++++ charts/gluu/README.md | 7 +++---- .../templates/cronjobs.yaml | 12 ++++++------ .../charts/auth-server/templates/deployment.yml | 12 ++++++------ .../gluu/charts/casa/templates/deployment.yaml | 12 ++++++------ .../charts/config-api/templates/deployment.yaml | 9 ++++++--- .../charts/config/templates/load-init-config.yml | 12 ++++++------ charts/gluu/charts/config/templates/secrets.yaml | 2 ++ .../gluu/charts/fido2/templates/deployment.yml | 12 ++++++------ .../charts/kc-scheduler/templates/cronjobs.yaml | 12 ++++++------ .../gluu/charts/link/templates/deployment.yaml | 12 ++++++------ .../gluu/charts/persistence/templates/jobs.yml | 12 ++++++------ .../gluu/charts/saml/templates/deployment.yaml | 12 ++++++------ charts/gluu/charts/scim/templates/deployment.yml | 12 ++++++------ charts/gluu/templates/_helpers.tpl | 16 ++++++++++++++++ charts/gluu/values.yaml | 4 ++++ 21 files changed, 128 insertions(+), 82 deletions(-) diff --git a/charts/gluu-all-in-one/README.md b/charts/gluu-all-in-one/README.md index 76e1dfc1d..bd2d41bec 100644 --- a/charts/gluu-all-in-one/README.md +++ b/charts/gluu-all-in-one/README.md @@ -139,6 +139,8 @@ Kubernetes: `>=v1.22.0-0` | cnAwsSecretsReplicaRegionsFile | string | `"/etc/jans/conf/aws_secrets_replica_regions"` | | | cnAwsSharedCredentialsFile | string | `"/etc/jans/conf/aws_shared_credential_file"` | | | cnConfiguratorConfigurationFile | string | `"/etc/jans/conf/configuration.json"` | Path to configuration schema file | +| cnConfiguratorCustomSchema | object | `{"secretName":""}` | Use custom configuration schema in existing secrets. Note, the secrets has to contain the key configuration.json or any basename as specified in cnConfiguratorConfigurationFile. | +| cnConfiguratorCustomSchema.secretName | string | `""` | The name of the secrets used for storing custom configuration schema. | | cnConfiguratorDumpFile | string | `"/etc/jans/conf/configuration.out.json"` | Path to dumped configuration schema file | | cnCouchbasePasswordFile | string | `"/etc/jans/conf/couchbase_password"` | Path to Couchbase password file | | cnCouchbaseSuperuserPasswordFile | string | `"/etc/jans/conf/couchbase_superuser_password"` | Path to Couchbase superuser password file | @@ -386,6 +388,3 @@ Kubernetes: `>=v1.22.0-0` | usrEnvs.secret | object | `{}` | Add custom secret envs to the service variable1: value1 | | volumeMounts | list | `[]` | Configure any additional volumesMounts that need to be attached to the containers | | volumes | list | `[]` | Configure any additional volumes that need to be attached to the pod | - ----------------------------------------------- -Autogenerated from chart metadata using [helm-docs v1.12.0](https://github.com/norwoodj/helm-docs/releases/v1.12.0) diff --git a/charts/gluu-all-in-one/templates/_helpers.tpl b/charts/gluu-all-in-one/templates/_helpers.tpl index 0f4236a1b..1f844d64a 100644 --- a/charts/gluu-all-in-one/templates/_helpers.tpl +++ b/charts/gluu-all-in-one/templates/_helpers.tpl @@ -177,3 +177,19 @@ Create AWS config. {{- end }} {{- printf "[%s]\nregion = %s\n" $profile .Values.configmap.cnAwsDefaultRegion }} {{- end }} + +{{/* +Create configuration schema-related objects. +*/}} +{{- define "flex-all-in-one.config.schema" -}} +{{- $commonName := (printf "%s-configuration-file" .Release.Name) -}} +{{- $secretName := .Values.cnConfiguratorCustomSchema.secretName | default $commonName -}} +volumes: + - name: {{ $commonName }} + secret: + secretName: {{ $secretName }} +volumeMounts: + - name: {{ $commonName }} + mountPath: {{ .Values.cnConfiguratorConfigurationFile }} + subPath: {{ .Values.cnConfiguratorConfigurationFile | base }} +{{- end -}} diff --git a/charts/gluu-all-in-one/templates/cronjobs.yaml b/charts/gluu-all-in-one/templates/cronjobs.yaml index ff1ec9188..52a46dfde 100644 --- a/charts/gluu-all-in-one/templates/cronjobs.yaml +++ b/charts/gluu-all-in-one/templates/cronjobs.yaml @@ -66,9 +66,9 @@ spec: {{- with (index .Values "auth-server-key-rotation" "volumeMounts") }} {{- toYaml . | nindent 16 }} {{- end }} - - mountPath: {{ .Values.cnConfiguratorConfigurationFile }} - name: {{ .Release.Name }}-configuration-file - subPath: {{ .Values.cnConfiguratorConfigurationFile | base }} + {{- with (include "flex-all-in-one.config.schema" . | fromYaml).volumeMounts }} +{{- toYaml . | nindent 16 }} + {{- end }} envFrom: - configMapRef: name: {{ .Release.Name }}-config-cm @@ -91,9 +91,9 @@ spec: {{- with (index .Values "auth-server-key-rotation" "volumes") }} {{- toYaml . | nindent 12 }} {{- end }} - - name: {{ .Release.Name }}-configuration-file - secret: - secretName: {{ .Release.Name }}-configuration-file + {{- with (include "flex-all-in-one.config.schema" . | fromYaml).volumes }} +{{- toYaml . | nindent 12 }} + {{- end }} restartPolicy: Never {{- end }} diff --git a/charts/gluu-all-in-one/templates/deployment.yml b/charts/gluu-all-in-one/templates/deployment.yml index 4ccbfa830..cab56772b 100644 --- a/charts/gluu-all-in-one/templates/deployment.yml +++ b/charts/gluu-all-in-one/templates/deployment.yml @@ -105,9 +105,9 @@ spec: {{- with .Values.volumeMounts }} {{- toYaml . | nindent 10 }} {{- end }} - - mountPath: {{ .Values.cnConfiguratorConfigurationFile }} - name: {{ .Release.Name }}-configuration-file - subPath: {{ .Values.cnConfiguratorConfigurationFile | base }} + {{- with (include "flex-all-in-one.config.schema" . | fromYaml).volumeMounts }} +{{- toYaml . | nindent 10 }} + {{- end }} - mountPath: /scripts/tls_generator.py name: {{ include "flex-all-in-one.name" . }}-tls-script subPath: tls_generator.py @@ -141,9 +141,9 @@ spec: {{- with .Values.volumes }} {{- toYaml . | nindent 8 }} {{- end }} - - name: {{ .Release.Name }}-configuration-file - secret: - secretName: {{ .Release.Name }}-configuration-file + {{- with (include "flex-all-in-one.config.schema" . | fromYaml).volumes }} +{{- toYaml . | nindent 8 }} + {{- end }} - name: {{ include "flex-all-in-one.name" . }}-tls-script configMap: name: {{ include "flex-all-in-one.fullname" . }}-tls-script diff --git a/charts/gluu-all-in-one/templates/secret.yaml b/charts/gluu-all-in-one/templates/secret.yaml index 00d303d42..ae1d7b6e2 100644 --- a/charts/gluu-all-in-one/templates/secret.yaml +++ b/charts/gluu-all-in-one/templates/secret.yaml @@ -1,3 +1,5 @@ +{{- if not .Values.cnConfiguratorCustomSchema.secretName -}} +apiVersion: v1 apiVersion: v1 kind: Secret metadata: @@ -60,6 +62,7 @@ stringData: "encoded_salt": {{ .Values.salt | quote }} } } +{{- end }} {{- if .Values.saml.enabled }} --- diff --git a/charts/gluu-all-in-one/values.yaml b/charts/gluu-all-in-one/values.yaml index 99d2d0094..a65174045 100644 --- a/charts/gluu-all-in-one/values.yaml +++ b/charts/gluu-all-in-one/values.yaml @@ -611,6 +611,10 @@ kcAdminCredentialsFile: /etc/jans/conf/kc_admin_creds cnConfiguratorConfigurationFile: /etc/jans/conf/configuration.json # -- Path to dumped configuration schema file cnConfiguratorDumpFile: /etc/jans/conf/configuration.out.json +# -- Use custom configuration schema in existing secrets. Note, the secrets has to contain the key configuration.json or any basename as specified in cnConfiguratorConfigurationFile. +cnConfiguratorCustomSchema: + # -- The name of the secrets used for storing custom configuration schema. + secretName: "" # ingress properties istio: diff --git a/charts/gluu/README.md b/charts/gluu/README.md index d247ebb32..4041bce82 100644 --- a/charts/gluu/README.md +++ b/charts/gluu/README.md @@ -391,6 +391,8 @@ Kubernetes: `>=v1.21.0-0` | global.casa.ingress.casaLabels | object | `{}` | Casa ingress resource labels. key app is taken | | global.cloud.testEnviroment | bool | `false` | Boolean flag if enabled will strip resources requests and limits from all services. | | global.cnConfiguratorConfigurationFile | string | `"/etc/jans/conf/configuration.json"` | Path to configuration schema file | +| global.cnConfiguratorCustomSchema | object | `{"secretName":""}` | Use custom configuration schema in existing secrets. Note, the secrets has to contain the key configuration.json or any basename as specified in cnConfiguratorConfigurationFile. | +| global.cnConfiguratorCustomSchema.secretName | string | `""` | The name of the secrets used for storing custom configuration schema. | | global.cnConfiguratorDumpFile | string | `"/etc/jans/conf/configuration.out.json"` | Path to dumped configuration schema file | | global.cnCouchbasePasswordFile | string | `"/etc/jans/conf/couchbase_password"` | Path to Couchbase password file | | global.cnCouchbaseSuperuserPasswordFile | string | `"/etc/jans/conf/couchbase_superuser_password"` | Path to Couchbase superuser password file | @@ -658,7 +660,4 @@ Kubernetes: `>=v1.21.0-0` | scim.usrEnvs.normal | object | `{}` | Add custom normal envs to the service variable1: value1 | | scim.usrEnvs.secret | object | `{}` | Add custom secret envs to the service variable1: value1 | | scim.volumeMounts | list | `[]` | Configure any additional volumesMounts that need to be attached to the containers | -| scim.volumes | list | `[]` | Configure any additional volumes that need to be attached to the pod | - ----------------------------------------------- -Autogenerated from chart metadata using [helm-docs v1.12.0](https://github.com/norwoodj/helm-docs/releases/v1.12.0) +| scim.volumes | list | `[]` | Configure any additional volumes that need to be attached to the pod | \ No newline at end of file diff --git a/charts/gluu/charts/auth-server-key-rotation/templates/cronjobs.yaml b/charts/gluu/charts/auth-server-key-rotation/templates/cronjobs.yaml index 2ad945f7b..ad66e8a3c 100644 --- a/charts/gluu/charts/auth-server-key-rotation/templates/cronjobs.yaml +++ b/charts/gluu/charts/auth-server-key-rotation/templates/cronjobs.yaml @@ -66,9 +66,9 @@ spec: {{- with .Values.volumeMounts }} {{- toYaml . | nindent 16 }} {{- end }} - - mountPath: {{ .Values.global.cnConfiguratorConfigurationFile }} - name: {{ .Release.Name }}-configuration-file - subPath: {{ .Values.global.cnConfiguratorConfigurationFile | base }} + {{- with (include "cn.config.schema" . | fromYaml).volumeMounts }} +{{- toYaml . | nindent 16 }} + {{- end }} envFrom: - configMapRef: name: {{ .Release.Name }}-config-cm @@ -91,7 +91,7 @@ spec: {{- with .Values.volumes }} {{- toYaml . | nindent 12 }} {{- end }} - - name: {{ .Release.Name }}-configuration-file - secret: - secretName: {{ .Release.Name }}-configuration-file + {{- with (include "cn.config.schema" . | fromYaml).volumes }} +{{- toYaml . | nindent 12 }} + {{- end }} restartPolicy: Never diff --git a/charts/gluu/charts/auth-server/templates/deployment.yml b/charts/gluu/charts/auth-server/templates/deployment.yml index 023ac9d32..75c34a47f 100644 --- a/charts/gluu/charts/auth-server/templates/deployment.yml +++ b/charts/gluu/charts/auth-server/templates/deployment.yml @@ -144,9 +144,9 @@ spec: - name: {{ include "auth-server.fullname" .}}-updatelbip mountPath: "/scripts" {{- end }} - - mountPath: {{ .Values.global.cnConfiguratorConfigurationFile }} - name: {{ .Release.Name }}-configuration-file - subPath: {{ .Values.global.cnConfiguratorConfigurationFile | base }} + {{- with (include "cn.config.schema" . | fromYaml).volumeMounts }} +{{- toYaml . | nindent 10 }} + {{- end }} livenessProbe: {{- toYaml .Values.livenessProbe | nindent 10 }} readinessProbe: @@ -225,6 +225,6 @@ spec: configMap: name: {{ .Release.Name }}-updatelbip {{- end }} - - name: {{ .Release.Name }}-configuration-file - secret: - secretName: {{ .Release.Name }}-configuration-file + {{- with (include "cn.config.schema" . | fromYaml).volumes }} +{{- toYaml . | nindent 8 }} + {{- end }} diff --git a/charts/gluu/charts/casa/templates/deployment.yaml b/charts/gluu/charts/casa/templates/deployment.yaml index 948449cd6..c890312be 100644 --- a/charts/gluu/charts/casa/templates/deployment.yaml +++ b/charts/gluu/charts/casa/templates/deployment.yaml @@ -110,9 +110,9 @@ spec: {{- with .Values.volumeMounts }} {{- toYaml . | nindent 12 }} {{- end }} - - mountPath: {{ .Values.global.cnConfiguratorConfigurationFile }} - name: {{ .Release.Name }}-configuration-file - subPath: {{ .Values.global.cnConfiguratorConfigurationFile | base }} + {{- with (include "cn.config.schema" . | fromYaml).volumeMounts }} +{{- toYaml . | nindent 12 }} + {{- end }} {{- if and (not .Values.global.isFqdnRegistered ) (or (eq .Values.global.storageClass.provisioner "kubernetes.io/aws-ebs") (eq .Values.global.storageClass.provisioner "openebs.io/local")) }} - name: {{ include "casa.fullname" .}}-updatelbip mountPath: "/scripts" @@ -136,9 +136,9 @@ spec: configMap: name: {{ .Release.Name }}-updatelbip {{- end }} - - name: {{ .Release.Name }}-configuration-file - secret: - secretName: {{ .Release.Name }}-configuration-file + {{- with (include "cn.config.schema" . | fromYaml).volumes }} +{{- toYaml . | nindent 8 }} + {{- end }} {{- if not .Values.global.isFqdnRegistered }} hostAliases: - ip: {{ .Values.global.lbIp }} diff --git a/charts/gluu/charts/config-api/templates/deployment.yaml b/charts/gluu/charts/config-api/templates/deployment.yaml index 707874338..db5ae689c 100644 --- a/charts/gluu/charts/config-api/templates/deployment.yaml +++ b/charts/gluu/charts/config-api/templates/deployment.yaml @@ -105,6 +105,9 @@ spec: - name: {{ include "config-api.name" . }}-updatelbip mountPath: /scripts {{- end }} + {{- with (include "cn.config.schema" . | fromYaml).volumeMounts }} +{{- toYaml . | nindent 12 }} + {{- end }} - mountPath: {{ .Values.global.cnConfiguratorConfigurationFile }} name: {{ .Release.Name }}-configuration-file subPath: {{ .Values.global.cnConfiguratorConfigurationFile | base }} @@ -123,9 +126,9 @@ spec: configMap: name: {{ .Release.Name }}-updatelbip {{- end }} - - name: {{ .Release.Name }}-configuration-file - secret: - secretName: {{ .Release.Name }}-configuration-file + {{- with (include "cn.config.schema" . | fromYaml).volumes }} +{{- toYaml . | nindent 8 }} + {{- end }} {{- if not .Values.global.isFqdnRegistered }} hostAliases: - ip: {{ .Values.global.lbIp }} diff --git a/charts/gluu/charts/config/templates/load-init-config.yml b/charts/gluu/charts/config/templates/load-init-config.yml index 9e92451e1..88d235df2 100644 --- a/charts/gluu/charts/config/templates/load-init-config.yml +++ b/charts/gluu/charts/config/templates/load-init-config.yml @@ -40,9 +40,9 @@ spec: {{- with .Values.volumes }} {{- toYaml . | nindent 8 }} {{- end }} - - name: {{ .Release.Name }}-configuration-file - secret: - secretName: {{ .Release.Name }}-configuration-file + {{- with (include "cn.config.schema" . | fromYaml).volumes }} +{{- toYaml . | nindent 8 }} + {{- end }} - name: {{ include "config.fullname" . }}-tls-script configMap: name: {{ include "config.fullname" . }}-tls-script @@ -62,9 +62,9 @@ spec: {{- with .Values.volumeMounts }} {{- toYaml . | nindent 10 }} {{- end }} - - mountPath: {{ .Values.global.cnConfiguratorConfigurationFile }} - name: {{ .Release.Name }}-configuration-file - subPath: {{ .Values.global.cnConfiguratorConfigurationFile | base }} + {{- with (include "cn.config.schema" . | fromYaml).volumeMounts }} +{{- toYaml . | nindent 10 }} + {{- end }} - mountPath: /scripts/tls_generator.py name: {{ include "config.fullname" . }}-tls-script subPath: tls_generator.py diff --git a/charts/gluu/charts/config/templates/secrets.yaml b/charts/gluu/charts/config/templates/secrets.yaml index ef36fdc61..10ebb855a 100644 --- a/charts/gluu/charts/config/templates/secrets.yaml +++ b/charts/gluu/charts/config/templates/secrets.yaml @@ -1,3 +1,4 @@ +{{- if not .Values.global.cnConfiguratorCustomSchema.secretName -}} apiVersion: v1 kind: Secret metadata: @@ -60,6 +61,7 @@ stringData: "encoded_salt": {{ .Values.salt | quote }} } } +{{- end -}} {{- if .Values.global.saml.enabled }} --- diff --git a/charts/gluu/charts/fido2/templates/deployment.yml b/charts/gluu/charts/fido2/templates/deployment.yml index 054449618..a99766923 100644 --- a/charts/gluu/charts/fido2/templates/deployment.yml +++ b/charts/gluu/charts/fido2/templates/deployment.yml @@ -109,9 +109,9 @@ spec: - name: {{ include "fido2.fullname" .}}-updatelbip mountPath: "/scripts" {{- end }} - - mountPath: {{ .Values.global.cnConfiguratorConfigurationFile }} - name: {{ .Release.Name }}-configuration-file - subPath: {{ .Values.global.cnConfiguratorConfigurationFile | base }} + {{- with (include "cn.config.schema" . | fromYaml).volumeMounts }} +{{- toYaml . | nindent 10 }} + {{- end }} livenessProbe: {{- toYaml .Values.livenessProbe | nindent 10 }} readinessProbe: @@ -137,6 +137,6 @@ spec: configMap: name: {{ .Release.Name }}-updatelbip {{- end }} - - name: {{ .Release.Name }}-configuration-file - secret: - secretName: {{ .Release.Name }}-configuration-file + {{- with (include "cn.config.schema" . | fromYaml).volumes }} +{{- toYaml . | nindent 8 }} + {{- end }} diff --git a/charts/gluu/charts/kc-scheduler/templates/cronjobs.yaml b/charts/gluu/charts/kc-scheduler/templates/cronjobs.yaml index 72c983807..a879b8652 100644 --- a/charts/gluu/charts/kc-scheduler/templates/cronjobs.yaml +++ b/charts/gluu/charts/kc-scheduler/templates/cronjobs.yaml @@ -61,9 +61,9 @@ spec: {{- with .Values.volumeMounts }} {{- toYaml . | nindent 16 }} {{- end }} - - mountPath: {{ .Values.global.cnConfiguratorConfigurationFile }} - name: {{ .Release.Name }}-configuration-file - subPath: {{ .Values.global.cnConfiguratorConfigurationFile | base }} + {{- with (include "cn.config.schema" . | fromYaml).volumeMounts }} +{{- toYaml . | nindent 16 }} + {{- end }} envFrom: - configMapRef: name: {{ .Release.Name }}-config-cm @@ -85,9 +85,9 @@ spec: {{- with .Values.volumes }} {{- toYaml . | nindent 12 }} {{- end }} - - name: {{ .Release.Name }}-configuration-file - secret: - secretName: {{ .Release.Name }}-configuration-file + {{- with (include "cn.config.schema" . | fromYaml).volumes }} +{{- toYaml . | nindent 12 }} + {{- end }} restartPolicy: Never {{- if not .Values.global.isFqdnRegistered }} hostAliases: diff --git a/charts/gluu/charts/link/templates/deployment.yaml b/charts/gluu/charts/link/templates/deployment.yaml index 25864db39..f2d01e6b1 100644 --- a/charts/gluu/charts/link/templates/deployment.yaml +++ b/charts/gluu/charts/link/templates/deployment.yaml @@ -104,9 +104,9 @@ spec: - name: {{ include "link.name" . }}-updatelbip mountPath: /scripts {{- end }} - - mountPath: {{ .Values.global.cnConfiguratorConfigurationFile }} - name: {{ .Release.Name }}-configuration-file - subPath: {{ .Values.global.cnConfiguratorConfigurationFile | base }} + {{- with (include "cn.config.schema" . | fromYaml).volumeMounts }} +{{- toYaml . | nindent 12 }} + {{- end }} {{- if .Values.global.cloud.testEnviroment }} resources: {} {{- else }} @@ -122,9 +122,9 @@ spec: configMap: name: {{ .Release.Name }}-updatelbip {{- end }} - - name: {{ .Release.Name }}-configuration-file - secret: - secretName: {{ .Release.Name }}-configuration-file + {{- with (include "cn.config.schema" . | fromYaml).volumes }} +{{- toYaml . | nindent 8 }} + {{- end }} {{- if not .Values.global.isFqdnRegistered }} hostAliases: - ip: {{ .Values.global.lbIp }} diff --git a/charts/gluu/charts/persistence/templates/jobs.yml b/charts/gluu/charts/persistence/templates/jobs.yml index a9ac07bdb..a76cdf50e 100644 --- a/charts/gluu/charts/persistence/templates/jobs.yml +++ b/charts/gluu/charts/persistence/templates/jobs.yml @@ -84,15 +84,15 @@ spec: {{- with .Values.volumeMounts }} {{- toYaml . | nindent 10 }} {{- end }} - - mountPath: {{ .Values.global.cnConfiguratorConfigurationFile }} - name: {{ .Release.Name }}-configuration-file - subPath: {{ .Values.global.cnConfiguratorConfigurationFile | base }} + {{- with (include "cn.config.schema" . | fromYaml).volumeMounts }} + {{- toYaml . | nindent 10 }} + {{- end }} resources: {{- toYaml .Values.resources | nindent 10 }} volumes: {{- with .Values.volumes }} {{- toYaml . | nindent 8 }} {{- end }} - - name: {{ .Release.Name }}-configuration-file - secret: - secretName: {{ .Release.Name }}-configuration-file + {{- with (include "cn.config.schema" . | fromYaml).volumes }} +{{- toYaml . | nindent 8 }} + {{- end }} diff --git a/charts/gluu/charts/saml/templates/deployment.yaml b/charts/gluu/charts/saml/templates/deployment.yaml index d0b44b587..3650b5b22 100644 --- a/charts/gluu/charts/saml/templates/deployment.yaml +++ b/charts/gluu/charts/saml/templates/deployment.yaml @@ -117,9 +117,9 @@ spec: - name: {{ include "saml.fullname" .}}-updatelbip mountPath: "/scripts" {{- end }} - - mountPath: {{ .Values.global.cnConfiguratorConfigurationFile }} - name: {{ .Release.Name }}-configuration-file - subPath: {{ .Values.global.cnConfiguratorConfigurationFile | base }} + {{- with (include "cn.config.schema" . | fromYaml).volumeMounts }} +{{- toYaml . | nindent 12 }} + {{- end }} livenessProbe: {{- toYaml .Values.livenessProbe | nindent 12 }} readinessProbe: @@ -142,9 +142,9 @@ spec: configMap: name: {{ .Release.Name }}-updatelbip {{- end }} - - name: {{ .Release.Name }}-configuration-file - secret: - secretName: {{ .Release.Name }}-configuration-file + {{- with (include "cn.config.schema" . | fromYaml).volumes }} +{{- toYaml . | nindent 8 }} + {{- end }} {{- if not .Values.global.isFqdnRegistered }} hostAliases: - ip: {{ .Values.global.lbIp }} diff --git a/charts/gluu/charts/scim/templates/deployment.yml b/charts/gluu/charts/scim/templates/deployment.yml index 504224f8d..a6a33631d 100644 --- a/charts/gluu/charts/scim/templates/deployment.yml +++ b/charts/gluu/charts/scim/templates/deployment.yml @@ -115,9 +115,9 @@ spec: - name: {{ include "scim.fullname" .}}-updatelbip mountPath: "/scripts" {{- end }} - - mountPath: {{ .Values.global.cnConfiguratorConfigurationFile }} - name: {{ .Release.Name }}-configuration-file - subPath: {{ .Values.global.cnConfiguratorConfigurationFile | base }} + {{- with (include "cn.config.schema" . | fromYaml).volumeMounts }} +{{- toYaml . | nindent 10 }} + {{- end }} livenessProbe: {{- toYaml .Values.livenessProbe | nindent 10 }} readinessProbe: @@ -137,6 +137,6 @@ spec: configMap: name: {{ .Release.Name }}-updatelbip {{- end }} - - name: {{ .Release.Name }}-configuration-file - secret: - secretName: {{ .Release.Name }}-configuration-file + {{- with (include "cn.config.schema" . | fromYaml).volumes }} +{{- toYaml . | nindent 8 }} + {{- end }} diff --git a/charts/gluu/templates/_helpers.tpl b/charts/gluu/templates/_helpers.tpl index c5b8d3d30..c284b5db6 100644 --- a/charts/gluu/templates/_helpers.tpl +++ b/charts/gluu/templates/_helpers.tpl @@ -30,3 +30,19 @@ Create chart name and version as used by the chart label. {{- define "cn.chart" -}} {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} {{- end -}} + +{{/* +Create configuration schema-related objects. +*/}} +{{- define "cn.config.schema" -}} +{{- $commonName := (printf "%s-configuration-file" .Release.Name) -}} +{{- $secretName := .Values.global.cnConfiguratorCustomSchema.secretName | default $commonName -}} +volumes: + - name: {{ $commonName }} + secret: + secretName: {{ $secretName }} +volumeMounts: + - name: {{ $commonName }} + mountPath: {{ .Values.global.cnConfiguratorConfigurationFile }} + subPath: {{ .Values.global.cnConfiguratorConfigurationFile | base }} +{{- end -}} diff --git a/charts/gluu/values.yaml b/charts/gluu/values.yaml index 8a87ff2eb..3e2561786 100644 --- a/charts/gluu/values.yaml +++ b/charts/gluu/values.yaml @@ -1449,6 +1449,10 @@ global: cnConfiguratorConfigurationFile: /etc/jans/conf/configuration.json # -- Path to dumped configuration schema file cnConfiguratorDumpFile: /etc/jans/conf/configuration.out.json + # -- Use custom configuration schema in existing secrets. Note, the secrets has to contain the key configuration.json or any basename as specified in cnConfiguratorConfigurationFile. + cnConfiguratorCustomSchema: + # -- The name of the secrets used for storing custom configuration schema. + secretName: "" # -- Nginx ingress definitions chart nginx-ingress: