From e849ccdddcadea8dc52e9195a94a9ea02e1d4310 Mon Sep 17 00:00:00 2001 From: Anthony Somerset Date: Thu, 2 May 2024 17:50:00 +0200 Subject: [PATCH] Puppet certs import options (#224) * possible bug preventing tar file being added to configmap * ability to optionally exclude puppetdb cert import * updating README to add the config variable * bump version and update Changelog * updating unittests * fixing lint issue with values comment --- CHANGELOG.md | 6 ++++++ Chart.yaml | 2 +- README.md | 1 + templates/puppet-preInstall.job.yaml | 2 +- templates/puppetdb-preInstall.configMap.yaml | 2 +- templates/puppetserver-preInstall.configMap.yaml | 2 +- tests/__snapshot__/jmx-servicemonitor_test.yaml.snap | 2 +- tests/__snapshot__/puppetdb-pvc_test.yaml.snap | 2 +- tests/__snapshot__/puppetdb-servicemonitor_test.yaml.snap | 2 +- tests/__snapshot__/puppetdb.networkpolicy_test.yaml.snap | 2 +- tests/__snapshot__/puppetserver-ca-pvc_test.yaml.snap | 2 +- .../puppetserver-compilers.deployment_test.yaml.snap | 4 ++-- .../puppetserver-compilers.networkpolicy_test.yaml.snap | 2 +- .../__snapshot__/puppetserver-compilers.pdb_test.yaml.snap | 2 +- .../puppetserver-compilers.statefulset_test.yaml.snap | 4 ++-- .../puppetserver-masters.networkpolicy_test.yaml.snap | 2 +- tests/__snapshot__/puppetserver-masters.pdb_test.yaml.snap | 2 +- tests/__snapshot__/puppetserver-pvc_test.yaml.snap | 2 +- values.yaml | 2 ++ 19 files changed, 27 insertions(+), 18 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 3127515d..ad03f1e5 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -5,6 +5,12 @@ numbering uses [semantic versioning](http://semver.org). NOTE: The change log until version `v0.2.4` is auto-generated. +## [v9.4.1](https://github.com/puppetlabs/puppetserver-helm-chart/tree/v9.4.1) (2024-05-02) +- Feat: allow option to import CA to only deal with CA and not puppetdb + +## [v9.4.0](https://github.com/puppetlabs/puppetserver-helm-chart/tree/v9.4.0) (2024-04-19) +- Fix: Update Vox Pupuli Containers + ## [v9.3.4](https://github.com/puppetlabs/puppetserver-helm-chart/tree/v9.3.4) (2024-04-11) - Fix: Bump bitnami/jmx-exporter to latest stable for container patches diff --git a/Chart.yaml b/Chart.yaml index 0009460d..7f53365b 100644 --- a/Chart.yaml +++ b/Chart.yaml @@ -1,6 +1,6 @@ apiVersion: v2 name: puppetserver -version: 9.4.0 +version: 9.4.1 appVersion: 7.17.0 description: Puppet automates the delivery and operation of software. keywords: ["puppet", "puppetserver", "automation", "iac", "infrastructure", "cm", "ci", "cd"] diff --git a/README.md b/README.md index 9fb4ce6f..c67df248 100644 --- a/README.md +++ b/README.md @@ -342,6 +342,7 @@ The following table lists the configurable parameters of the Puppetserver chart | `puppetserver.compilers.ingress.hosts`| puppetserver compilers ingress hostnames |``| | `puppetserver.compilers.ingress.tls`| puppetserver compilers ingress tls configuration |``| | `puppetserver.preGeneratedCertsJob.enabled` | puppetserver pre-generated certs |`false`| +| `puppetserver.preGeneratedCertsJob.importPuppetdb` | import puppetdb pre-generated certs |`true`| | `puppetserver.preGeneratedCertsJob.jobDeadline` | puppetserver pre-generated certs job deadline in seconds |`60`| | `puppetserver.puppeturl`| puppetserver control repo url |``| | `puppetserver.serviceAccount.enabled`| Enable service account (Note: Service Account will only be automatically created if `puppetserver.serviceAccount.create` is not set. |`false`| diff --git a/templates/puppet-preInstall.job.yaml b/templates/puppet-preInstall.job.yaml index 695b4792..fab4688c 100644 --- a/templates/puppet-preInstall.job.yaml +++ b/templates/puppet-preInstall.job.yaml @@ -172,7 +172,7 @@ spec: runAsUser: {{ .Values.global.securityContext.runAsUser }} runAsGroup: {{ .Values.global.securityContext.runAsGroup }} {{- end }} - {{- if .Values.puppetdb.enabled }} + {{- if and .Values.puppetdb.enabled .Values.puppetserver.preGeneratedCertsJob.importPuppetdb }} - name: copy-ro-puppetdb-certs image: "{{.Values.puppetdb.image}}:{{.Values.puppetdb.tag}}" imagePullPolicy: "{{.Values.puppetdb.pullPolicy}}" diff --git a/templates/puppetdb-preInstall.configMap.yaml b/templates/puppetdb-preInstall.configMap.yaml index 12ffc8e3..9ec7a5d8 100644 --- a/templates/puppetdb-preInstall.configMap.yaml +++ b/templates/puppetdb-preInstall.configMap.yaml @@ -1,4 +1,4 @@ -{{- if and (.Values.puppetserver.preGeneratedCertsJob.enabled) (not .Values.singleCA.enabled) }} +{{- if and (.Values.puppetserver.preGeneratedCertsJob.enabled) (.Values.puppetserver.preGeneratedCertsJob.importPuppetdb) (not .Values.singleCA.enabled) }} apiVersion: v1 kind: ConfigMap metadata: diff --git a/templates/puppetserver-preInstall.configMap.yaml b/templates/puppetserver-preInstall.configMap.yaml index fb2c69a3..c75beb3b 100644 --- a/templates/puppetserver-preInstall.configMap.yaml +++ b/templates/puppetserver-preInstall.configMap.yaml @@ -13,7 +13,7 @@ metadata: "helm.sh/hook-weight": "1" "helm.sh/hook-delete-policy": "hook-succeeded,hook-failed" binaryData: -{{- $root := . }} + {{- $root := . }} {{- range $path, $bytes := .Files.Glob "init/puppet-certs/puppetserver/*.gz" }} {{ base $path }}: {{ $root.Files.Get $path | b64enc | quote }} {{- end }} diff --git a/tests/__snapshot__/jmx-servicemonitor_test.yaml.snap b/tests/__snapshot__/jmx-servicemonitor_test.yaml.snap index bd73e8a9..d29cb6a8 100644 --- a/tests/__snapshot__/jmx-servicemonitor_test.yaml.snap +++ b/tests/__snapshot__/jmx-servicemonitor_test.yaml.snap @@ -9,7 +9,7 @@ manifest should match snapshot: app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: puppetserver app.kubernetes.io/version: 7.17.0 - helm.sh/chart: puppetserver-9.4.0 + helm.sh/chart: puppetserver-9.4.1 release: kube-prometheus-stack name: puppetserver-jmx namespace: puppet diff --git a/tests/__snapshot__/puppetdb-pvc_test.yaml.snap b/tests/__snapshot__/puppetdb-pvc_test.yaml.snap index d095d539..037cc679 100644 --- a/tests/__snapshot__/puppetdb-pvc_test.yaml.snap +++ b/tests/__snapshot__/puppetdb-pvc_test.yaml.snap @@ -10,7 +10,7 @@ manifest should match snapshot: app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: puppetserver app.kubernetes.io/version: 7.17.0 - helm.sh/chart: puppetserver-9.4.0 + helm.sh/chart: puppetserver-9.4.1 name: puppetserver-puppetdb-claim spec: accessModes: diff --git a/tests/__snapshot__/puppetdb-servicemonitor_test.yaml.snap b/tests/__snapshot__/puppetdb-servicemonitor_test.yaml.snap index 30b12073..ef3cf6e0 100644 --- a/tests/__snapshot__/puppetdb-servicemonitor_test.yaml.snap +++ b/tests/__snapshot__/puppetdb-servicemonitor_test.yaml.snap @@ -9,7 +9,7 @@ manifest should match snapshot: app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: puppetserver app.kubernetes.io/version: 7.17.0 - helm.sh/chart: puppetserver-9.4.0 + helm.sh/chart: puppetserver-9.4.1 release: kube-prometheus-stack name: puppetserver-puppetdb namespace: puppet diff --git a/tests/__snapshot__/puppetdb.networkpolicy_test.yaml.snap b/tests/__snapshot__/puppetdb.networkpolicy_test.yaml.snap index ec2d8818..cd6ed789 100644 --- a/tests/__snapshot__/puppetdb.networkpolicy_test.yaml.snap +++ b/tests/__snapshot__/puppetdb.networkpolicy_test.yaml.snap @@ -9,7 +9,7 @@ manifest should match snapshot: app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: puppetserver app.kubernetes.io/version: 7.17.0 - helm.sh/chart: puppetserver-9.4.0 + helm.sh/chart: puppetserver-9.4.1 name: puppetserver-puppetdb spec: egress: diff --git a/tests/__snapshot__/puppetserver-ca-pvc_test.yaml.snap b/tests/__snapshot__/puppetserver-ca-pvc_test.yaml.snap index 0eb9955a..def49265 100644 --- a/tests/__snapshot__/puppetserver-ca-pvc_test.yaml.snap +++ b/tests/__snapshot__/puppetserver-ca-pvc_test.yaml.snap @@ -10,7 +10,7 @@ manifest should match snapshot: app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: puppetserver app.kubernetes.io/version: 7.17.0 - helm.sh/chart: puppetserver-9.4.0 + helm.sh/chart: puppetserver-9.4.1 name: puppetserver-ca-claim spec: accessModes: diff --git a/tests/__snapshot__/puppetserver-compilers.deployment_test.yaml.snap b/tests/__snapshot__/puppetserver-compilers.deployment_test.yaml.snap index ea19597d..8639399d 100644 --- a/tests/__snapshot__/puppetserver-compilers.deployment_test.yaml.snap +++ b/tests/__snapshot__/puppetserver-compilers.deployment_test.yaml.snap @@ -9,7 +9,7 @@ manifest should match snapshot: app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: puppetserver app.kubernetes.io/version: 7.17.0 - helm.sh/chart: puppetserver-9.4.0 + helm.sh/chart: puppetserver-9.4.1 name: puppetserver-puppetserver-compiler spec: replicas: 1 @@ -31,7 +31,7 @@ manifest should match snapshot: app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: puppetserver app.kubernetes.io/version: 7.17.0 - helm.sh/chart: puppetserver-9.4.0 + helm.sh/chart: puppetserver-9.4.1 spec: containers: - env: diff --git a/tests/__snapshot__/puppetserver-compilers.networkpolicy_test.yaml.snap b/tests/__snapshot__/puppetserver-compilers.networkpolicy_test.yaml.snap index 057e87d8..4ec48666 100644 --- a/tests/__snapshot__/puppetserver-compilers.networkpolicy_test.yaml.snap +++ b/tests/__snapshot__/puppetserver-compilers.networkpolicy_test.yaml.snap @@ -9,7 +9,7 @@ manifest should match snapshot: app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: puppetserver app.kubernetes.io/version: 7.17.0 - helm.sh/chart: puppetserver-9.4.0 + helm.sh/chart: puppetserver-9.4.1 name: puppetserver-puppetserver-compilers spec: egress: diff --git a/tests/__snapshot__/puppetserver-compilers.pdb_test.yaml.snap b/tests/__snapshot__/puppetserver-compilers.pdb_test.yaml.snap index f8598525..29da9d62 100644 --- a/tests/__snapshot__/puppetserver-compilers.pdb_test.yaml.snap +++ b/tests/__snapshot__/puppetserver-compilers.pdb_test.yaml.snap @@ -9,7 +9,7 @@ manifest should match snapshot: app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: puppetserver app.kubernetes.io/version: 7.17.0 - helm.sh/chart: puppetserver-9.4.0 + helm.sh/chart: puppetserver-9.4.1 name: puppetserver-compilers spec: maxUnavailable: 2 diff --git a/tests/__snapshot__/puppetserver-compilers.statefulset_test.yaml.snap b/tests/__snapshot__/puppetserver-compilers.statefulset_test.yaml.snap index cd703e9f..aba0a849 100644 --- a/tests/__snapshot__/puppetserver-compilers.statefulset_test.yaml.snap +++ b/tests/__snapshot__/puppetserver-compilers.statefulset_test.yaml.snap @@ -9,7 +9,7 @@ manifest should match snapshot: app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: puppetserver app.kubernetes.io/version: 7.17.0 - helm.sh/chart: puppetserver-9.4.0 + helm.sh/chart: puppetserver-9.4.1 name: puppetserver-puppetserver-compiler spec: podManagementPolicy: OrderedReady @@ -32,7 +32,7 @@ manifest should match snapshot: app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: puppetserver app.kubernetes.io/version: 7.17.0 - helm.sh/chart: puppetserver-9.4.0 + helm.sh/chart: puppetserver-9.4.1 spec: containers: - env: diff --git a/tests/__snapshot__/puppetserver-masters.networkpolicy_test.yaml.snap b/tests/__snapshot__/puppetserver-masters.networkpolicy_test.yaml.snap index 04bb1552..6f383dc8 100644 --- a/tests/__snapshot__/puppetserver-masters.networkpolicy_test.yaml.snap +++ b/tests/__snapshot__/puppetserver-masters.networkpolicy_test.yaml.snap @@ -9,7 +9,7 @@ manifest should match snapshot: app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: puppetserver app.kubernetes.io/version: 7.17.0 - helm.sh/chart: puppetserver-9.4.0 + helm.sh/chart: puppetserver-9.4.1 name: puppetserver-puppetserver spec: egress: diff --git a/tests/__snapshot__/puppetserver-masters.pdb_test.yaml.snap b/tests/__snapshot__/puppetserver-masters.pdb_test.yaml.snap index 75e8f724..e12c23b8 100644 --- a/tests/__snapshot__/puppetserver-masters.pdb_test.yaml.snap +++ b/tests/__snapshot__/puppetserver-masters.pdb_test.yaml.snap @@ -9,7 +9,7 @@ manifest should match snapshot: app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: puppetserver app.kubernetes.io/version: 7.17.0 - helm.sh/chart: puppetserver-9.4.0 + helm.sh/chart: puppetserver-9.4.1 name: puppetserver-masters spec: maxUnavailable: 2 diff --git a/tests/__snapshot__/puppetserver-pvc_test.yaml.snap b/tests/__snapshot__/puppetserver-pvc_test.yaml.snap index 7f3b6d3b..8b4427c7 100644 --- a/tests/__snapshot__/puppetserver-pvc_test.yaml.snap +++ b/tests/__snapshot__/puppetserver-pvc_test.yaml.snap @@ -10,7 +10,7 @@ manifest should match snapshot: app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: puppetserver app.kubernetes.io/version: 7.17.0 - helm.sh/chart: puppetserver-9.4.0 + helm.sh/chart: puppetserver-9.4.1 name: puppetserver-puppet-claim spec: accessModes: diff --git a/values.yaml b/values.yaml index 5628fb3a..f315c377 100644 --- a/values.yaml +++ b/values.yaml @@ -546,6 +546,8 @@ puppetserver: ## preGeneratedCertsJob: enabled: false + # Defaults to true to remain backwards compatible + importPuppetdb: true jobDeadline: 300 ## Custom puppetserver conf.d configs