-
Notifications
You must be signed in to change notification settings - Fork 1
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #20 from middleware-labs/bhogayatakb/AGE-6
Allow reading existing API Key secret for kube agent
- Loading branch information
Showing
9 changed files
with
170 additions
and
3 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,86 @@ | ||
name: Helm Chart Tests | ||
|
||
on: | ||
push: | ||
branches: | ||
- master | ||
pull_request: | ||
branches: | ||
- master | ||
|
||
jobs: | ||
test: | ||
runs-on: ubuntu-latest | ||
steps: | ||
- name: Checkout code | ||
uses: actions/checkout@v3 | ||
|
||
- name: Start Minikube | ||
id: minikube | ||
uses: medyagh/setup-minikube@latest | ||
|
||
- name: Set up Kubectl | ||
uses: azure/setup-kubectl@v1 | ||
with: | ||
version: 'latest' | ||
|
||
- name: Set up Helm | ||
uses: azure/[email protected] | ||
|
||
- name: Install Kubernetes and Helm dependencies | ||
run: | | ||
sudo apt-get install -y kubectl | ||
helm repo add stable https://charts.helm.sh/stable | ||
- name: Lint Helm chart | ||
run: helm lint ./charts/mw-kube-agent-v2 | ||
|
||
- name: Render Helm templates with apiKeyFromExistingSecret enabled | ||
run: helm template my-release ./charts/mw-kube-agent-v2 --values ./charts/mw-kube-agent-v2/testvalues/api-key-from-existing-secret-enabled.yaml > rendered-with-secret.yaml | ||
|
||
- name: Render Helm templates with apiKeyFromExistingSecret disabled | ||
run: helm template my-release ./charts/mw-kube-agent-v2 --values ./charts/mw-kube-agent-v2/testvalues/api-key-from-existing-secret-disabled.yaml > rendered-no-secret.yaml | ||
|
||
- name: Apply Helm chart with apiKeyFromExistingSecret enabled | ||
run: | | ||
kubectl apply -f ./charts/mw-kube-agent-v2/namespace.yaml | ||
helm install my-release ./charts/mw-kube-agent-v2 --values ./charts/mw-kube-agent-v2/testvalues/api-key-from-existing-secret-enabled.yaml | ||
- name: Validate Secret with apiKeyFromExistingSecret enabled | ||
run: | | ||
sleep 10 # Wait for resources to be created | ||
SECRET_VALUE=$(kubectl get secret middleware-secret -n mw-agent-ns -o jsonpath='{.data.api-key}' | base64 --decode) | ||
echo "Secret value with apiKeyFromExistingSecret enabled: $SECRET_VALUE" | ||
if [[ "$SECRET_VALUE" != "fallback-api-key" ]]; then | ||
echo "Test passed for apiKeyFromExistingSecret enabled" | ||
else | ||
echo "Test failed for apiKeyFromExistingSecret enabled" | ||
exit 1 | ||
fi | ||
- name: Clean up with apiKeyFromExistingSecret enabled | ||
run: | | ||
helm uninstall my-release | ||
kubectl delete ns mw-agent-ns | ||
- name: Apply Helm chart with apiKeyFromExistingSecret disabled | ||
run: | | ||
kubectl create ns mw-agent-ns | ||
helm install my-release ./charts/mw-kube-agent-v2 --values ./charts/mw-kube-agent-v2/testvalues/api-key-from-existing-secret-disabled.yaml | ||
- name: Validate Secret with apiKeyFromExistingSecret disabled | ||
run: | | ||
sleep 10 # Wait for resources to be created | ||
SECRET_VALUE=$(kubectl get secret middleware-secret -n mw-agent-ns -o jsonpath='{.data.api-key}' | base64 --decode) | ||
echo "Secret value with apiKeyFromExistingSecret disabled: $SECRET_VALUE" | ||
if [[ "$SECRET_VALUE" == "fallback-api-key" ]]; then | ||
echo "Test passed for apiKeyFromExistingSecret disabled" | ||
else | ||
echo "Test failed for apiKeyFromExistingSecret disabled" | ||
exit 1 | ||
fi | ||
- name: Clean up with apiKeyFromExistingSecret disabled | ||
run: | | ||
helm uninstall my-release | ||
kubectl delete ns mw-agent-ns |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,38 @@ | ||
## Middleware Kubernetes Agent | ||
|
||
### Installation Process | ||
|
||
Create a `middleware-values.yaml` using the content given below. | ||
``` | ||
mw: | ||
target: XXXXXXXXX | ||
apiKey: XXXXXXXXX | ||
clusterMetadata: | ||
name: my-cluster | ||
``` | ||
|
||
Replace `XXXXXXXXX` with actual Middleware Target & API Key which you can get from your Middleware account => https://app.middleware.io | ||
|
||
``` | ||
helm repo add middleware-labs https://helm.middleware.io | ||
``` | ||
``` | ||
helm install mw-agent middleware-labs/mw-kube-agent-v2 -f middleware-values.yaml | ||
``` | ||
|
||
#### Use Existing Secret for API Key ( Optional ) | ||
|
||
If you already have a secret named `my-custom-secret` that contains `middleware-api-key`, you can use it instead of putting your API Key in a local file. | ||
|
||
``` | ||
mw: | ||
target: XXXXXXXXX | ||
apiKeyFromExistingSecret: | ||
enabled: true | ||
name: my-custom-secret | ||
key: middleware-api-key | ||
clusterMetadata: | ||
name: my-cluster | ||
``` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,4 @@ | ||
apiVersion: v1 | ||
kind: Namespace | ||
metadata: | ||
name: mw-agent-ns |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
6 changes: 6 additions & 0 deletions
6
charts/mw-kube-agent-v2/testvalues/api-key-from-existing-secret-disabled.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,6 @@ | ||
mw: | ||
apiKey: fallback-api-key | ||
apiKeyFromExistingSecret: | ||
enabled: false | ||
name: existing-secret | ||
key: existing-secret-key |
6 changes: 6 additions & 0 deletions
6
charts/mw-kube-agent-v2/testvalues/api-key-from-existing-secret-enabled.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,6 @@ | ||
mw: | ||
apiKey: fallback-api-key | ||
apiKeyFromExistingSecret: | ||
enabled: true | ||
name: existing-secret | ||
key: existing-secret-key |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters