diff --git a/charts/sourcegraph/templates/_helpers.tpl b/charts/sourcegraph/templates/_helpers.tpl index c1671edd..13d0ed52 100644 --- a/charts/sourcegraph/templates/_helpers.tpl +++ b/charts/sourcegraph/templates/_helpers.tpl @@ -249,23 +249,35 @@ app.kubernetes.io/name: jaeger {{- end }} {{/* -Set redisCache and redisStore endpoints -So that customers can configure them any of these ways: -1. Create a new Kubernetes secret, with default values (default, no override config required) -2. Use an existing Kubernetes secret, by configuring .Values.redisCache.connection.existingSecret -3. Do not create or use Kubernetes secrets, just pass the default values directly as environment variables into the needed pods, by configuring .Values.sourcegraph.disableKubernetesSecrets = true -4. Do not create or use Kubernetes secrets, but pass custom values (ex. external Redis) directly as environment variables into the needed pods, by configuring .Values.sourcegraph.disableKubernetesSecrets = true, .Values.redisCache.connection.endpoint = "", .Values.redisStore.connection.endpoint = "", and defining the REDIS_CACHE_ENDPOINT and REDIS_STORE_ENDPOINT env vars on frontend, gitserver, searcher, and worker pods +Set redisCache and redisStore endpoints, +so that customers can configure them any of these ways: + +1. Create new Kubernetes secrets, with default values (default, no override config required) + +2. Use existing Kubernetes secrets, managed externally, by configuring: +.Values.redisCache.connection.existingSecret: +.Values.redisStore.connection.existingSecret: + +3. Do not create or use Kubernetes secrets, just pass the default values directly as environment variables into the needed pods, by configuring: +.Values.sourcegraph.disableKubernetesSecrets: true + +4. Do not create or use Kubernetes secrets, but provide custom values (ex. external Redis) to have this function pass them into the REDIS_CACHE_ENDPOINT and REDIS_STORE_ENDPOINT env vars on frontend, gitserver, searcher, and worker pods, by configuring: +.Values.sourcegraph.disableKubernetesSecrets: true +.Values.redisCache.connection.endpoint: +.Values.redisStore.connection.endpoint: + */}} {{- define "sourcegraph.redisConnection" -}} {{- if .Values.sourcegraph.disableKubernetesSecrets -}} -{{- if .Values.redisCache.connection.endpoint -}} -- name: REDIS_CACHE_ENDPOINT - value: {{ .Values.redisCache.connection.endpoint }} +{{- $cacheEndpoint := dig "connection" "endpoint" "" .Values.redisCache -}} +{{- $storeEndpoint := dig "connection" "endpoint" "" .Values.redisStore -}} +{{- if not (and $cacheEndpoint $storeEndpoint) -}} +{{- fail ".Values.redisCache.connection.endpoint and .Values.redisStore.connection.endpoint must be set when disableKubernetesSecrets is true!" -}} {{- end -}} -{{- if .Values.redisStore.connection.endpoint -}} +- name: REDIS_CACHE_ENDPOINT + value: {{ $cacheEndpoint }} - name: REDIS_STORE_ENDPOINT - value: {{ .Values.redisStore.connection.endpoint }} -{{- end -}} + value: {{ $storeEndpoint }} {{- else -}} - name: REDIS_CACHE_ENDPOINT valueFrom: diff --git a/charts/sourcegraph/tests/redisConnection_test.yaml b/charts/sourcegraph/tests/redisConnection_test.yaml new file mode 100644 index 00000000..c387b8e6 --- /dev/null +++ b/charts/sourcegraph/tests/redisConnection_test.yaml @@ -0,0 +1,57 @@ +--- +suite: redisConnection +templates: +- frontend/sourcegraph-frontend.Deployment.yaml +tests: +- it: should reference the default secret + asserts: + - contains: + path: spec.template.spec.containers[0].env + content: + name: REDIS_CACHE_ENDPOINT + valueFrom: + secretKeyRef: + key: endpoint + name: redis-cache + - contains: + path: spec.template.spec.containers[0].env + content: + name: REDIS_STORE_ENDPOINT + valueFrom: + secretKeyRef: + key: endpoint + name: redis-store +- it: should not reference secret when .sourcegraph.disableKubernetesSecrets is true + set: + sourcegraph: + disableKubernetesSecrets: true + redisCache: + connection: + endpoint: redis-cache-svc + redisStore: + connection: + endpoint: redis-store-svc + asserts: + - contains: + path: spec.template.spec.containers[0].env + content: + name: REDIS_CACHE_ENDPOINT + value: redis-cache-svc + - contains: + path: spec.template.spec.containers[0].env + content: + name: REDIS_STORE_ENDPOINT + value: redis-store-svc +- it: should fail when .sourcegraph.disableKubernetesSecrets is true but .Values.redisCache.connection.endpoint and .Values.redisStore.connection.endpoint are not set + set: + sourcegraph: + disableKubernetesSecrets: true + redisCache: + connection: + endpoint: "" + redisStore: + connection: + endpoint: "" + asserts: + - failedTemplate: + errorMessage: .Values.redisCache.connection.endpoint and .Values.redisStore.connection.endpoint must be set when disableKubernetesSecrets is true!