From 2162b826be9ab8333340422842004f30098fe086 Mon Sep 17 00:00:00 2001 From: ArkBriar Date: Thu, 7 Mar 2024 18:20:54 +0800 Subject: [PATCH] feat: support existing secret for etcd auth (#34) * fix & test: enrich test cases and fix bug found Signed-off-by: arkbriar * feat: support existing secret for etcd auth Signed-off-by: arkbriar * feat: support extra volumes and volume mounts Signed-off-by: arkbriar * chore: append new lines to all files Signed-off-by: arkbriar --------- Signed-off-by: arkbriar --- .github/workflows/release.yml | 2 +- .github/workflows/test.yml | 2 +- .gitignore | 2 +- Makefile | 5 ++- charts/risingwave-operator/.helmignore | 2 +- .../templates/_helpers.tpl | 2 +- .../templates/certs/certificate.yaml | 2 +- .../templates/certs/issuer.yaml | 2 +- .../templates/clusterrole.yaml | 2 +- .../templates/clusterrolebinding.yaml | 2 +- .../templates/deployment.yaml | 2 +- .../templates/podmonitor.yaml | 2 +- .../templates/proxy/clusterrole.yaml | 2 +- .../templates/proxy/clusterrolebinding.yaml | 2 +- .../risingwave-operator/templates/role.yaml | 2 +- .../templates/rolebinding.yaml | 2 +- .../templates/service.yaml | 2 +- charts/risingwave/templates/NOTES.txt | 2 +- charts/risingwave/templates/_helpers.tpl | 6 +++- .../templates/compactor-deploy.yaml | 6 ++++ .../templates/compute-headless-svc.yaml | 2 +- charts/risingwave/templates/compute-sts.yaml | 9 +++++ charts/risingwave/templates/configmap.yaml | 2 +- charts/risingwave/templates/etcd-secret.yaml | 2 ++ .../risingwave/templates/frontend-deploy.yaml | 6 ++++ .../hooks/post-install-create-databases.yaml | 2 +- .../templates/hooks/post-install-wait.yaml | 2 +- .../templates/meta-headless-svc.yaml | 2 +- charts/risingwave/templates/meta-sts.yaml | 21 ++++++++++- charts/risingwave/templates/oss-secret.yaml | 2 +- charts/risingwave/templates/podmonitor.yaml | 2 +- charts/risingwave/templates/service.yaml | 2 +- .../templates/standalone/standalone-sts.yaml | 21 ++++++++++- .../risingwave/tests/azblob_secret_test.yaml | 2 +- charts/risingwave/tests/configmap_test.yaml | 2 +- charts/risingwave/tests/etcd_secret_test.yaml | 15 ++++++-- charts/risingwave/tests/gcs_secret_test.yaml | 2 +- .../risingwave/tests/minio_secret_test.yaml | 2 +- charts/risingwave/tests/obs_secret_test.yaml | 2 +- charts/risingwave/tests/oss_secret_test.yaml | 2 +- charts/risingwave/tests/s3_secret_test.yaml | 2 +- charts/risingwave/tests/service_test.yaml | 2 +- charts/risingwave/values.yaml | 35 +++++++++++++++++++ examples/auth/root-user.values.yaml | 2 +- examples/database/databases.values.yaml | 2 +- examples/general/compact-mode.values.yaml | 2 +- examples/general/diagnostic-mode.values.yaml | 2 +- examples/general/monitor.values.yaml | 2 +- examples/general/resources.values.yaml | 2 +- .../meta-stores/external-etcd.values.yaml | 2 +- examples/recommend/values.yaml | 2 +- examples/service/load-balancer.values.yaml | 2 +- examples/service/node-port.values.yaml | 2 +- examples/state-stores/azblob.values.yaml | 2 +- .../customize-data-directory.values.yaml | 2 +- examples/state-stores/eks-s3-iam.values.yaml | 2 +- .../state-stores/external-minio.values.yaml | 2 +- examples/state-stores/gcs.values.yaml | 2 +- examples/state-stores/hdfs.values.yaml | 2 +- examples/state-stores/oss.values.yaml | 2 +- .../state-stores/s3-compatible.values.yaml | 2 +- examples/state-stores/s3.values.yaml | 2 +- plugins/risingwave/pause.values.yaml | 2 +- plugins/risingwave/plugin.yaml | 2 +- scripts/sanitize.sh | 3 ++ 65 files changed, 177 insertions(+), 60 deletions(-) create mode 100755 scripts/sanitize.sh diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index e89e0da..27d2763 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -32,4 +32,4 @@ jobs: - name: Run chart-releaser uses: helm/chart-releaser-action@v1.6.0 env: - CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}" \ No newline at end of file + CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}" diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 298dc52..4b1f912 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -30,4 +30,4 @@ jobs: - name: Run Unit Tests run: | - make test \ No newline at end of file + make test diff --git a/.gitignore b/.gitignore index 7c049ee..8b2b215 100644 --- a/.gitignore +++ b/.gitignore @@ -134,4 +134,4 @@ Temporary Items .idea **/.debug -**/__snapshot__ \ No newline at end of file +**/__snapshot__ diff --git a/Makefile b/Makefile index 2cac4cb..0cd1eaf 100644 --- a/Makefile +++ b/Makefile @@ -10,4 +10,7 @@ test: $(foreach chart,$(HELM_CHARTS),helm unittest charts/$(chart);) sync-crds: - ./scripts/sync-crds.sh charts/risingwave-operator/crds \ No newline at end of file + ./scripts/sync-crds.sh charts/risingwave-operator/crds + +sanitize: + @./scripts/sanitize.sh diff --git a/charts/risingwave-operator/.helmignore b/charts/risingwave-operator/.helmignore index 446ca36..2d9d142 100644 --- a/charts/risingwave-operator/.helmignore +++ b/charts/risingwave-operator/.helmignore @@ -21,4 +21,4 @@ .idea/ *.tmproj .vscode/ -tests \ No newline at end of file +tests diff --git a/charts/risingwave-operator/templates/_helpers.tpl b/charts/risingwave-operator/templates/_helpers.tpl index 36ec178..4b2f5a5 100644 --- a/charts/risingwave-operator/templates/_helpers.tpl +++ b/charts/risingwave-operator/templates/_helpers.tpl @@ -96,4 +96,4 @@ Create the image name to use. {{- else -}} {{- printf "%s%s%s" $repositoryName $separator $termination -}} {{- end -}} -{{- end }} \ No newline at end of file +{{- end }} diff --git a/charts/risingwave-operator/templates/certs/certificate.yaml b/charts/risingwave-operator/templates/certs/certificate.yaml index 701429e..b45fdaf 100644 --- a/charts/risingwave-operator/templates/certs/certificate.yaml +++ b/charts/risingwave-operator/templates/certs/certificate.yaml @@ -24,4 +24,4 @@ spec: issuerRef: name: {{ include "risingwave-operator.fullname" . }} kind: Issuer - secretName: {{ include "risingwave-operator.fullname" . }} \ No newline at end of file + secretName: {{ include "risingwave-operator.fullname" . }} diff --git a/charts/risingwave-operator/templates/certs/issuer.yaml b/charts/risingwave-operator/templates/certs/issuer.yaml index cee1e33..ee1710e 100644 --- a/charts/risingwave-operator/templates/certs/issuer.yaml +++ b/charts/risingwave-operator/templates/certs/issuer.yaml @@ -18,4 +18,4 @@ metadata: {{- toYaml . | nindent 4 }} {{- end }} spec: - selfSigned: {} \ No newline at end of file + selfSigned: {} diff --git a/charts/risingwave-operator/templates/clusterrole.yaml b/charts/risingwave-operator/templates/clusterrole.yaml index 60dc70b..4d4e209 100644 --- a/charts/risingwave-operator/templates/clusterrole.yaml +++ b/charts/risingwave-operator/templates/clusterrole.yaml @@ -170,4 +170,4 @@ rules: verbs: - get - patch - - update \ No newline at end of file + - update diff --git a/charts/risingwave-operator/templates/clusterrolebinding.yaml b/charts/risingwave-operator/templates/clusterrolebinding.yaml index 2be1c3b..f5ec29e 100644 --- a/charts/risingwave-operator/templates/clusterrolebinding.yaml +++ b/charts/risingwave-operator/templates/clusterrolebinding.yaml @@ -22,4 +22,4 @@ roleRef: subjects: - kind: ServiceAccount name: {{ include "risingwave-operator.serviceAccountName" . }} - namespace: {{ .Release.Namespace }} \ No newline at end of file + namespace: {{ .Release.Namespace }} diff --git a/charts/risingwave-operator/templates/deployment.yaml b/charts/risingwave-operator/templates/deployment.yaml index 36fa756..7b19bc9 100644 --- a/charts/risingwave-operator/templates/deployment.yaml +++ b/charts/risingwave-operator/templates/deployment.yaml @@ -162,4 +162,4 @@ spec: {{- if .Values.manager.additionalContainers }} {{- toYaml .Values.manager.additionalContainers | nindent 6 }} {{- end }} - {{- end }} \ No newline at end of file + {{- end }} diff --git a/charts/risingwave-operator/templates/podmonitor.yaml b/charts/risingwave-operator/templates/podmonitor.yaml index 3ed94bd..cabf174 100644 --- a/charts/risingwave-operator/templates/podmonitor.yaml +++ b/charts/risingwave-operator/templates/podmonitor.yaml @@ -51,4 +51,4 @@ spec: {{- if .Values.monitor.podMonitor.relabelings }} {{- include "common.tplvalues.render" (dict "value" .Values.monitor.podMonitor.relabelings "context" $) | nindent 4 }} {{- end }} -{{- end }} \ No newline at end of file +{{- end }} diff --git a/charts/risingwave-operator/templates/proxy/clusterrole.yaml b/charts/risingwave-operator/templates/proxy/clusterrole.yaml index 41dd150..cbb3a4b 100644 --- a/charts/risingwave-operator/templates/proxy/clusterrole.yaml +++ b/charts/risingwave-operator/templates/proxy/clusterrole.yaml @@ -29,4 +29,4 @@ rules: resources: - subjectaccessreviews verbs: - - create \ No newline at end of file + - create diff --git a/charts/risingwave-operator/templates/proxy/clusterrolebinding.yaml b/charts/risingwave-operator/templates/proxy/clusterrolebinding.yaml index e28c776..7950f81 100644 --- a/charts/risingwave-operator/templates/proxy/clusterrolebinding.yaml +++ b/charts/risingwave-operator/templates/proxy/clusterrolebinding.yaml @@ -24,4 +24,4 @@ roleRef: subjects: - kind: ServiceAccount name: {{ include "risingwave-operator.serviceAccountName" . }} - namespace: {{ .Release.Namespace }} \ No newline at end of file + namespace: {{ .Release.Namespace }} diff --git a/charts/risingwave-operator/templates/role.yaml b/charts/risingwave-operator/templates/role.yaml index a75fb2f..a67c954 100644 --- a/charts/risingwave-operator/templates/role.yaml +++ b/charts/risingwave-operator/templates/role.yaml @@ -45,4 +45,4 @@ rules: - events verbs: - create - - patch \ No newline at end of file + - patch diff --git a/charts/risingwave-operator/templates/rolebinding.yaml b/charts/risingwave-operator/templates/rolebinding.yaml index 424eab2..2c2fede 100644 --- a/charts/risingwave-operator/templates/rolebinding.yaml +++ b/charts/risingwave-operator/templates/rolebinding.yaml @@ -21,4 +21,4 @@ roleRef: subjects: - kind: ServiceAccount name: {{ include "risingwave-operator.serviceAccountName" . }} - namespace: {{ .Release.Namespace }} \ No newline at end of file + namespace: {{ .Release.Namespace }} diff --git a/charts/risingwave-operator/templates/service.yaml b/charts/risingwave-operator/templates/service.yaml index 3fcb8f1..9918aac 100644 --- a/charts/risingwave-operator/templates/service.yaml +++ b/charts/risingwave-operator/templates/service.yaml @@ -25,4 +25,4 @@ spec: targetPort: metrics name: metrics selector: - {{- include "risingwave-operator.selectorLabels" . | nindent 4 }} \ No newline at end of file + {{- include "risingwave-operator.selectorLabels" . | nindent 4 }} diff --git a/charts/risingwave/templates/NOTES.txt b/charts/risingwave/templates/NOTES.txt index 6ffef97..6ceafba 100644 --- a/charts/risingwave/templates/NOTES.txt +++ b/charts/risingwave/templates/NOTES.txt @@ -34,4 +34,4 @@ Keep the above command running and open a new terminal window to run the followi {{- end }} psql {{ $psqlHostArgs -}} -p {{ $port }} -d {{ $firstDatabase }} -U {{ .Values.auth.rootUser }} -For more advanced applications, refer to our documentation at: https://www.risingwave.dev \ No newline at end of file +For more advanced applications, refer to our documentation at: https://www.risingwave.dev diff --git a/charts/risingwave/templates/_helpers.tpl b/charts/risingwave/templates/_helpers.tpl index 4e12d05..cb5367c 100644 --- a/charts/risingwave/templates/_helpers.tpl +++ b/charts/risingwave/templates/_helpers.tpl @@ -82,8 +82,12 @@ Create the name of the service account to use Create the name of the etcd credentials Secret to use */}} {{- define "risingwave.etcdCredentialsSecretName" -}} +{{- if .Values.metaStore.etcd.authentication.existingSecretName }} +{{- .Values.metaStore.etcd.authentication.existingSecretName }} +{{- else }} {{- printf "%s-etcd" (include "risingwave.fullname" .) | trunc 63 | trimSuffix "-" }} {{- end }} +{{- end }} {{/* Create the name of the S3 credentials Secret to use @@ -315,4 +319,4 @@ Create the OBS endpoint to use. */}} {{- define "risingwave.obs.endpoint" }} {{- printf "https://obs.$(OBS_REGION).myhuaweicloud.com" }} -{{- end }} \ No newline at end of file +{{- end }} diff --git a/charts/risingwave/templates/compactor-deploy.yaml b/charts/risingwave/templates/compactor-deploy.yaml index e45d889..976da57 100644 --- a/charts/risingwave/templates/compactor-deploy.yaml +++ b/charts/risingwave/templates/compactor-deploy.yaml @@ -53,6 +53,9 @@ spec: - name: config configMap: name: {{ include "risingwave.configurationConfigMapName" . }} + {{- if .Values.compactorComponent.extraVolumes }} + {{- toYaml .Values.compactorComponent.extraVolumes | nindent 6}} + {{- end }} restartPolicy: Always {{- if .Values.compactorComponent.terminationGracePeriodSeconds }} terminationGracePeriodSeconds: {{ .Values.compactorComponent.terminationGracePeriodSeconds }} @@ -221,6 +224,9 @@ spec: - mountPath: /risingwave/config name: config readOnly: true + {{- if .Values.compactorComponent.extraVolumeMounts }} + {{- toYaml .Values.compactorComponent.extraVolumeMounts | nindent 8 }} + {{- end }} {{- if .Values.compactorComponent.securityContext }} securityContext: {{ toYaml .Values.compactorComponent.securityContext | nindent 10 }} {{- end }} diff --git a/charts/risingwave/templates/compute-headless-svc.yaml b/charts/risingwave/templates/compute-headless-svc.yaml index 31fb34b..775dfdf 100644 --- a/charts/risingwave/templates/compute-headless-svc.yaml +++ b/charts/risingwave/templates/compute-headless-svc.yaml @@ -44,4 +44,4 @@ spec: port: {{ .Values.ports.frontend.metrics }} targetPort: f-metrics {{- end }} -{{- end -}} \ No newline at end of file +{{- end -}} diff --git a/charts/risingwave/templates/compute-sts.yaml b/charts/risingwave/templates/compute-sts.yaml index d493818..693a0bd 100644 --- a/charts/risingwave/templates/compute-sts.yaml +++ b/charts/risingwave/templates/compute-sts.yaml @@ -57,6 +57,9 @@ spec: - name: config configMap: name: {{ include "risingwave.configurationConfigMapName" . }} + {{- if .Values.computeComponent.extraVolumes }} + {{- toYaml .Values.computeComponent.extraVolumes | nindent 6}} + {{- end }} restartPolicy: Always {{- if .Values.computeComponent.terminationGracePeriodSeconds }} terminationGracePeriodSeconds: {{ .Values.computeComponent.terminationGracePeriodSeconds }} @@ -239,6 +242,9 @@ spec: - mountPath: /risingwave/config name: config readOnly: true + {{- if .Values.computeComponent.extraVolumeMounts }} + {{- toYaml .Values.computeComponent.extraVolumeMounts | nindent 8 }} + {{- end }} {{- if .Values.computeComponent.securityContext }} securityContext: {{ toYaml .Values.computeComponent.securityContext | nindent 10 }} {{- end }} @@ -436,6 +442,9 @@ spec: - mountPath: /risingwave/config name: config readOnly: true + {{- if .Values.frontendComponent.extraVolumeMounts }} + {{- toYaml .Values.frontendComponent.extraVolumeMounts | nindent 8 }} + {{- end }} {{- if .Values.frontendComponent.securityContext }} securityContext: {{ toYaml .Values.frontendComponent.securityContext | nindent 10 }} {{- end }} diff --git a/charts/risingwave/templates/configmap.yaml b/charts/risingwave/templates/configmap.yaml index c7217d9..02c7a86 100644 --- a/charts/risingwave/templates/configmap.yaml +++ b/charts/risingwave/templates/configmap.yaml @@ -18,4 +18,4 @@ metadata: data: risingwave.toml: | {{ .Values.configuration | nindent 4 }} -{{- end }} \ No newline at end of file +{{- end }} diff --git a/charts/risingwave/templates/etcd-secret.yaml b/charts/risingwave/templates/etcd-secret.yaml index 6fbda52..7b5a1b6 100644 --- a/charts/risingwave/templates/etcd-secret.yaml +++ b/charts/risingwave/templates/etcd-secret.yaml @@ -4,6 +4,7 @@ SPDX-License-Identifier: APACHE-2.0 */}} {{- if and (not .Values.tags.etcd) .Values.metaStore.etcd.authentication.enabled }} +{{- if not .Values.metaStore.etcd.authentication.existingSecretName }} apiVersion: v1 kind: Secret metadata: @@ -19,3 +20,4 @@ stringData: RW_ETCD_USERNAME: {{ .Values.metaStore.etcd.authentication.username | quote }} RW_ETCD_PASSWORD: {{ .Values.metaStore.etcd.authentication.password | quote }} {{- end }} +{{- end }} diff --git a/charts/risingwave/templates/frontend-deploy.yaml b/charts/risingwave/templates/frontend-deploy.yaml index e51f324..c236673 100644 --- a/charts/risingwave/templates/frontend-deploy.yaml +++ b/charts/risingwave/templates/frontend-deploy.yaml @@ -54,6 +54,9 @@ spec: - name: config configMap: name: {{ include "risingwave.configurationConfigMapName" . }} + {{- if .Values.frontendComponent.extraVolumes }} + {{- toYaml .Values.frontendComponent.extraVolumes | nindent 6}} + {{- end }} restartPolicy: Always {{- if .Values.frontendComponent.terminationGracePeriodSeconds }} terminationGracePeriodSeconds: {{ .Values.frontendComponent.terminationGracePeriodSeconds }} @@ -174,6 +177,9 @@ spec: - mountPath: /risingwave/config name: config readOnly: true + {{- if .Values.frontendComponent.extraVolumeMounts }} + {{- toYaml .Values.frontendComponent.extraVolumeMounts | nindent 8 }} + {{- end }} {{- if .Values.frontendComponent.securityContext }} securityContext: {{ toYaml .Values.frontendComponent.securityContext | nindent 10 }} {{- end }} diff --git a/charts/risingwave/templates/hooks/post-install-create-databases.yaml b/charts/risingwave/templates/hooks/post-install-create-databases.yaml index cbd9fb3..62cf256 100644 --- a/charts/risingwave/templates/hooks/post-install-create-databases.yaml +++ b/charts/risingwave/templates/hooks/post-install-create-databases.yaml @@ -57,4 +57,4 @@ spec: {{- end }} EOSQL echo "Created databases {{ join "," .Values.databases }}" -{{- end }} \ No newline at end of file +{{- end }} diff --git a/charts/risingwave/templates/hooks/post-install-wait.yaml b/charts/risingwave/templates/hooks/post-install-wait.yaml index f76feeb..fe99d9a 100644 --- a/charts/risingwave/templates/hooks/post-install-wait.yaml +++ b/charts/risingwave/templates/hooks/post-install-wait.yaml @@ -50,4 +50,4 @@ spec: done echo "RisingWave is ready" -{{- end }} \ No newline at end of file +{{- end }} diff --git a/charts/risingwave/templates/meta-headless-svc.yaml b/charts/risingwave/templates/meta-headless-svc.yaml index 37ed497..0212e41 100644 --- a/charts/risingwave/templates/meta-headless-svc.yaml +++ b/charts/risingwave/templates/meta-headless-svc.yaml @@ -31,4 +31,4 @@ spec: - name: metrics port: {{ .Values.ports.meta.metrics }} targetPort: metrics -{{- end -}} \ No newline at end of file +{{- end -}} diff --git a/charts/risingwave/templates/meta-sts.yaml b/charts/risingwave/templates/meta-sts.yaml index f44b68c..f3a49e6 100644 --- a/charts/risingwave/templates/meta-sts.yaml +++ b/charts/risingwave/templates/meta-sts.yaml @@ -57,6 +57,9 @@ spec: - name: config configMap: name: {{ include "risingwave.configurationConfigMapName" . }} + {{- if .Values.metaComponent.extraVolumes }} + {{- toYaml .Values.metaComponent.extraVolumes | nindent 6}} + {{- end }} restartPolicy: Always {{- if .Values.metaComponent.terminationGracePeriodSeconds }} terminationGracePeriodSeconds: {{ .Values.metaComponent.terminationGracePeriodSeconds }} @@ -130,7 +133,7 @@ spec: - secretRef: name: {{ $credentialsSecret }} {{- end }} - {{- if .Values.metaStore.etcd.authentication.enabled }} + {{- if and .Values.metaStore.etcd.authentication.enabled (not .Values.metaStore.etcd.authentication.existingSecretName) }} - secretRef: name: {{ include "risingwave.etcdCredentialsSecretName" . }} {{- end }} @@ -236,6 +239,19 @@ spec: key: {{ include "etcd.secretPasswordKey" .Subcharts.etcd }} name: {{ include "etcd.secretName" .Subcharts.etcd }} {{- end }} + {{- else }} + {{- if and .Values.metaStore.etcd.authentication.enabled .Values.metaStore.etcd.authentication.existingSecretName }} + - name: RW_ETCD_PASSWORD + valueFrom: + secretKeyRef: + key: username + name: {{ include "risingwave.etcdCredentialsSecretName" . }} + - name: RW_ETCD_PASSWORD + valueFrom: + secretKeyRef: + key: password + name: {{ include "risingwave.etcdCredentialsSecretName" . }} + {{- end }} {{- end }} {{- range .Values.metaComponent.extraEnvVars }} - {{ . }} @@ -253,6 +269,9 @@ spec: - mountPath: /risingwave/config name: config readOnly: true + {{- if .Values.metaComponent.extraVolumeMounts }} + {{- toYaml .Values.metaComponent.extraVolumeMounts | nindent 8 }} + {{- end }} {{- if .Values.metaComponent.securityContext }} securityContext: {{ toYaml .Values.metaComponent.securityContext | nindent 10 }} {{- end }} diff --git a/charts/risingwave/templates/oss-secret.yaml b/charts/risingwave/templates/oss-secret.yaml index ce22d9e..9f4f61a 100644 --- a/charts/risingwave/templates/oss-secret.yaml +++ b/charts/risingwave/templates/oss-secret.yaml @@ -20,4 +20,4 @@ stringData: OSS_ACCESS_KEY_ID: {{ .Values.stateStore.oss.authentication.accessKey }} OSS_ACCESS_KEY_SECRET: {{ .Values.stateStore.oss.authentication.secretAccessKey }} {{- end }} -{{- end }} \ No newline at end of file +{{- end }} diff --git a/charts/risingwave/templates/podmonitor.yaml b/charts/risingwave/templates/podmonitor.yaml index 9d8344b..1f1f89a 100644 --- a/charts/risingwave/templates/podmonitor.yaml +++ b/charts/risingwave/templates/podmonitor.yaml @@ -123,4 +123,4 @@ spec: {{- end }} {{- end }} {{- end }} -{{- end -}} \ No newline at end of file +{{- end -}} diff --git a/charts/risingwave/templates/service.yaml b/charts/risingwave/templates/service.yaml index 35dce8f..e42aa32 100644 --- a/charts/risingwave/templates/service.yaml +++ b/charts/risingwave/templates/service.yaml @@ -62,4 +62,4 @@ spec: {{- end }} {{- if or (eq .Values.service.type "NodePort") (eq .Values.service.type "LoadBalancer") }} nodePort: {{ .Values.service.nodePort }} - {{- end }} \ No newline at end of file + {{- end }} diff --git a/charts/risingwave/templates/standalone/standalone-sts.yaml b/charts/risingwave/templates/standalone/standalone-sts.yaml index 9fbc27b..13e8331 100644 --- a/charts/risingwave/templates/standalone/standalone-sts.yaml +++ b/charts/risingwave/templates/standalone/standalone-sts.yaml @@ -54,6 +54,9 @@ spec: - name: config configMap: name: {{ include "risingwave.configurationConfigMapName" . }} + {{- if .Values.standalone.extraVolumes }} + {{- toYaml .Values.standalone.extraVolumes | nindent 6}} + {{- end }} restartPolicy: Always {{- if .Values.standalone.terminationGracePeriodSeconds }} terminationGracePeriodSeconds: {{ .Values.standalone.terminationGracePeriodSeconds }} @@ -184,7 +187,7 @@ spec: - secretRef: name: {{ $credentialsSecret }} {{- end }} - {{- if .Values.metaStore.etcd.authentication.enabled }} + {{- if and .Values.metaStore.etcd.authentication.enabled (not .Values.metaStore.etcd.authentication.existingSecretName) }} - secretRef: name: {{ include "risingwave.etcdCredentialsSecretName" . }} {{- end }} @@ -286,6 +289,19 @@ spec: key: {{ include "etcd.secretPasswordKey" .Subcharts.etcd }} name: {{ include "etcd.secretName" .Subcharts.etcd }} {{- end }} + {{- else }} + {{- if and .Values.metaStore.etcd.authentication.enabled .Values.metaStore.etcd.authentication.existingSecretName }} + - name: RW_ETCD_PASSWORD + valueFrom: + secretKeyRef: + key: username + name: {{ include "risingwave.etcdCredentialsSecretName" . }} + - name: RW_ETCD_PASSWORD + valueFrom: + secretKeyRef: + key: password + name: {{ include "risingwave.etcdCredentialsSecretName" . }} + {{- end }} {{- end }} {{- range .Values.standalone.extraEnvVars }} - {{ . }} @@ -303,6 +319,9 @@ spec: - mountPath: /risingwave/config name: config readOnly: true + {{- if .Values.standalone.extraVolumeMounts }} + {{- toYaml .Values.standalone.extraVolumeMounts | nindent 8 }} + {{- end }} {{- if .Values.standalone.securityContext }} securityContext: {{ toYaml .Values.standalone.securityContext | nindent 10 }} {{- end }} diff --git a/charts/risingwave/tests/azblob_secret_test.yaml b/charts/risingwave/tests/azblob_secret_test.yaml index e7d3f49..a110935 100644 --- a/charts/risingwave/tests/azblob_secret_test.yaml +++ b/charts/risingwave/tests/azblob_secret_test.yaml @@ -99,4 +99,4 @@ tests: - isSubset: path: metadata.annotations content: - ANNOTATION: ANNOTATION_V \ No newline at end of file + ANNOTATION: ANNOTATION_V diff --git a/charts/risingwave/tests/configmap_test.yaml b/charts/risingwave/tests/configmap_test.yaml index 9b227c0..635a9ff 100644 --- a/charts/risingwave/tests/configmap_test.yaml +++ b/charts/risingwave/tests/configmap_test.yaml @@ -70,4 +70,4 @@ tests: - isSubset: path: metadata.annotations content: - ANNOTATION: ANNOTATION_V \ No newline at end of file + ANNOTATION: ANNOTATION_V diff --git a/charts/risingwave/tests/etcd_secret_test.yaml b/charts/risingwave/tests/etcd_secret_test.yaml index 09006c2..91e35de 100644 --- a/charts/risingwave/tests/etcd_secret_test.yaml +++ b/charts/risingwave/tests/etcd_secret_test.yaml @@ -8,7 +8,9 @@ tests: - it: bundled etcd should not render secret set: tags.etcd: true - metaStore.etcd.authentication.enabled: true + metaStore.etcd.authentication: + enabled: true + existingSecretName: EXISTING_SECRET_NAME asserts: - hasDocuments: count: 0 @@ -20,6 +22,15 @@ tests: asserts: - hasDocuments: count: 0 +- it: external etcd with existing secret should not render secret + set: + tags.etcd: false + metaStore.etcd.authentication: + enabled: true + existingSecretName: EXISTING_SECRET_NAME + asserts: + - hasDocuments: + count: 0 - it: external etcd with authentication should pass set: tags.etcd: false @@ -85,4 +96,4 @@ tests: - isSubset: path: metadata.annotations content: - ANNOTATION: ANNOTATION_V \ No newline at end of file + ANNOTATION: ANNOTATION_V diff --git a/charts/risingwave/tests/gcs_secret_test.yaml b/charts/risingwave/tests/gcs_secret_test.yaml index 62f86a5..0274754 100644 --- a/charts/risingwave/tests/gcs_secret_test.yaml +++ b/charts/risingwave/tests/gcs_secret_test.yaml @@ -97,4 +97,4 @@ tests: - isSubset: path: metadata.annotations content: - ANNOTATION: ANNOTATION_V \ No newline at end of file + ANNOTATION: ANNOTATION_V diff --git a/charts/risingwave/tests/minio_secret_test.yaml b/charts/risingwave/tests/minio_secret_test.yaml index 4e65b0d..4aaf593 100644 --- a/charts/risingwave/tests/minio_secret_test.yaml +++ b/charts/risingwave/tests/minio_secret_test.yaml @@ -91,4 +91,4 @@ tests: - isSubset: path: metadata.annotations content: - ANNOTATION: ANNOTATION_V \ No newline at end of file + ANNOTATION: ANNOTATION_V diff --git a/charts/risingwave/tests/obs_secret_test.yaml b/charts/risingwave/tests/obs_secret_test.yaml index d91b0f2..6bf859e 100644 --- a/charts/risingwave/tests/obs_secret_test.yaml +++ b/charts/risingwave/tests/obs_secret_test.yaml @@ -99,4 +99,4 @@ tests: - isSubset: path: metadata.annotations content: - ANNOTATION: ANNOTATION_V \ No newline at end of file + ANNOTATION: ANNOTATION_V diff --git a/charts/risingwave/tests/oss_secret_test.yaml b/charts/risingwave/tests/oss_secret_test.yaml index 2e6c481..2b325f1 100644 --- a/charts/risingwave/tests/oss_secret_test.yaml +++ b/charts/risingwave/tests/oss_secret_test.yaml @@ -99,4 +99,4 @@ tests: - isSubset: path: metadata.annotations content: - ANNOTATION: ANNOTATION_V \ No newline at end of file + ANNOTATION: ANNOTATION_V diff --git a/charts/risingwave/tests/s3_secret_test.yaml b/charts/risingwave/tests/s3_secret_test.yaml index 0efd1ec..3799719 100644 --- a/charts/risingwave/tests/s3_secret_test.yaml +++ b/charts/risingwave/tests/s3_secret_test.yaml @@ -99,4 +99,4 @@ tests: - isSubset: path: metadata.annotations content: - ANNOTATION: ANNOTATION_V \ No newline at end of file + ANNOTATION: ANNOTATION_V diff --git a/charts/risingwave/tests/service_test.yaml b/charts/risingwave/tests/service_test.yaml index 7a2bbee..a62669e 100644 --- a/charts/risingwave/tests/service_test.yaml +++ b/charts/risingwave/tests/service_test.yaml @@ -145,4 +145,4 @@ tests: risingwave.risingwavelabs.com/component: compute - equal: path: spec.ports[0].targetPort - value: f-svc \ No newline at end of file + value: f-svc diff --git a/charts/risingwave/values.yaml b/charts/risingwave/values.yaml index efa209c..70d6029 100644 --- a/charts/risingwave/values.yaml +++ b/charts/risingwave/values.yaml @@ -236,6 +236,12 @@ standalone: ## extraEnvVarsSecret: "" + ## @param standalone.extraVolumes Extra volumes to add to the component pods. + extraVolumes: [] + + ## @param standalone.extraVolumeMounts Extra volume mounts to add to the component pods. + extraVolumeMounts: [] + ## @param standalone.replicas Number of replicas. ## replicas: 1 @@ -336,6 +342,11 @@ metaStore: ## @param metaStore.etcd.authentication.password Etcd password ## password: "" + ## @param metaStore.etcd.authentication.existingSecretName Use existing Secret for etcd authentication. + ## If set, use the existing Secret instead of creating a new one. + ## Secret must contain `username` and `password` keys. + ## + existingSecretName: "" ## @section RisingWave state store values. ## @@ -602,6 +613,12 @@ metaComponent: ## extraEnvVarsSecret: "" + ## @param metaComponent.extraVolumes Extra volumes to add to the component pods. + extraVolumes: [] + + ## @param metaComponent.extraVolumeMounts Extra volume mounts to add to the component pods. + extraVolumeMounts: [] + ## @param metaComponent.replicas Number of replicas. ## replicas: 1 @@ -701,6 +718,12 @@ frontendComponent: ## extraEnvVarsSecret: "" + ## @param frontendComponent.extraVolumes Extra volumes to add to the component pods. + extraVolumes: [] + + ## @param frontendComponent.extraVolumeMounts Extra volume mounts to add to the component pods. + extraVolumeMounts: [] + ## @param frontendComponent.replicas Number of replicas. ## replicas: 1 @@ -800,6 +823,12 @@ computeComponent: ## extraEnvVarsSecret: "" + ## @param computeComponent.extraVolumes Extra volumes to add to the component pods. + extraVolumes: [] + + ## @param computeComponent.extraVolumeMounts Extra volume mounts to add to the component pods. + extraVolumeMounts: [] + ## @param computeComponent.replicas Number of replicas. ## replicas: 1 @@ -899,6 +928,12 @@ compactorComponent: ## extraEnvVarsSecret: "" + ## @param compactorComponent.extraVolumes Extra volumes to add to the component pods. + extraVolumes: [] + + ## @param compactorComponent.extraVolumeMounts Extra volume mounts to add to the component pods. + extraVolumeMounts: [] + ## @param compactorComponent.replicas Number of replicas. ## replicas: 1 diff --git a/examples/auth/root-user.values.yaml b/examples/auth/root-user.values.yaml index a1ccfc7..269a36a 100644 --- a/examples/auth/root-user.values.yaml +++ b/examples/auth/root-user.values.yaml @@ -1,3 +1,3 @@ auth: rootUser: admin - rootPassword: admin \ No newline at end of file + rootPassword: admin diff --git a/examples/database/databases.values.yaml b/examples/database/databases.values.yaml index fd41005..636f9c8 100644 --- a/examples/database/databases.values.yaml +++ b/examples/database/databases.values.yaml @@ -1,2 +1,2 @@ databases: -- stream \ No newline at end of file +- stream diff --git a/examples/general/compact-mode.values.yaml b/examples/general/compact-mode.values.yaml index 0049491..8077ec2 100644 --- a/examples/general/compact-mode.values.yaml +++ b/examples/general/compact-mode.values.yaml @@ -1,2 +1,2 @@ compactMode: - enabled: true \ No newline at end of file + enabled: true diff --git a/examples/general/diagnostic-mode.values.yaml b/examples/general/diagnostic-mode.values.yaml index c43f5dd..d5e6221 100644 --- a/examples/general/diagnostic-mode.values.yaml +++ b/examples/general/diagnostic-mode.values.yaml @@ -1,2 +1,2 @@ diagnosticMode: - enabled: true \ No newline at end of file + enabled: true diff --git a/examples/general/monitor.values.yaml b/examples/general/monitor.values.yaml index a09c92f..00a1b87 100644 --- a/examples/general/monitor.values.yaml +++ b/examples/general/monitor.values.yaml @@ -2,4 +2,4 @@ monitor: podMonitor: enabled: true additionalLabels: - release: prometheus \ No newline at end of file + release: prometheus diff --git a/examples/general/resources.values.yaml b/examples/general/resources.values.yaml index 7422a28..4669e9e 100644 --- a/examples/general/resources.values.yaml +++ b/examples/general/resources.values.yaml @@ -41,4 +41,4 @@ connectorComponent: memory: 1Gi requests: cpu: 100m - memory: 128Mi \ No newline at end of file + memory: 128Mi diff --git a/examples/meta-stores/external-etcd.values.yaml b/examples/meta-stores/external-etcd.values.yaml index faebab6..a9d494d 100644 --- a/examples/meta-stores/external-etcd.values.yaml +++ b/examples/meta-stores/external-etcd.values.yaml @@ -9,4 +9,4 @@ metaStore: authentication: enabled: true username: "root" - password: "123456" \ No newline at end of file + password: "123456" diff --git a/examples/recommend/values.yaml b/examples/recommend/values.yaml index 0641b2c..70861f5 100644 --- a/examples/recommend/values.yaml +++ b/examples/recommend/values.yaml @@ -41,4 +41,4 @@ compactorComponent: resources: limits: cpu: 2 - memory: 4Gi \ No newline at end of file + memory: 4Gi diff --git a/examples/service/load-balancer.values.yaml b/examples/service/load-balancer.values.yaml index 02bdbeb..e09573e 100644 --- a/examples/service/load-balancer.values.yaml +++ b/examples/service/load-balancer.values.yaml @@ -2,4 +2,4 @@ service: type: LoadBalancer loadBalancerSourceRanges: [ ] labels: { } - annotations: { } \ No newline at end of file + annotations: { } diff --git a/examples/service/node-port.values.yaml b/examples/service/node-port.values.yaml index e725b20..fb34692 100644 --- a/examples/service/node-port.values.yaml +++ b/examples/service/node-port.values.yaml @@ -1,3 +1,3 @@ service: type: NodePort - nodePort: "" \ No newline at end of file + nodePort: "" diff --git a/examples/state-stores/azblob.values.yaml b/examples/state-stores/azblob.values.yaml index 9ab4a0d..061437e 100644 --- a/examples/state-stores/azblob.values.yaml +++ b/examples/state-stores/azblob.values.yaml @@ -13,4 +13,4 @@ stateStore: authentication: useServiceAccount: false accountName: dummy - accountKey: dummy \ No newline at end of file + accountKey: dummy diff --git a/examples/state-stores/customize-data-directory.values.yaml b/examples/state-stores/customize-data-directory.values.yaml index d1b144e..6d639be 100644 --- a/examples/state-stores/customize-data-directory.values.yaml +++ b/examples/state-stores/customize-data-directory.values.yaml @@ -1,2 +1,2 @@ stateStore: - dataDirectory: "my/hummock" \ No newline at end of file + dataDirectory: "my/hummock" diff --git a/examples/state-stores/eks-s3-iam.values.yaml b/examples/state-stores/eks-s3-iam.values.yaml index 6c6955b..b867616 100644 --- a/examples/state-stores/eks-s3-iam.values.yaml +++ b/examples/state-stores/eks-s3-iam.values.yaml @@ -15,4 +15,4 @@ stateStore: region: us-east-1 bucket: risingwave authentication: - useServiceAccount: true \ No newline at end of file + useServiceAccount: true diff --git a/examples/state-stores/external-minio.values.yaml b/examples/state-stores/external-minio.values.yaml index e743698..35ae4ac 100644 --- a/examples/state-stores/external-minio.values.yaml +++ b/examples/state-stores/external-minio.values.yaml @@ -8,4 +8,4 @@ stateStore: bucket: risingwave authentication: username: root - password: "123456" \ No newline at end of file + password: "123456" diff --git a/examples/state-stores/gcs.values.yaml b/examples/state-stores/gcs.values.yaml index 5450669..2b210f8 100644 --- a/examples/state-stores/gcs.values.yaml +++ b/examples/state-stores/gcs.values.yaml @@ -11,4 +11,4 @@ stateStore: root: risingwave authentication: useServiceAccount: false - credentials: dummy \ No newline at end of file + credentials: dummy diff --git a/examples/state-stores/hdfs.values.yaml b/examples/state-stores/hdfs.values.yaml index eaa8315..cd70eaf 100644 --- a/examples/state-stores/hdfs.values.yaml +++ b/examples/state-stores/hdfs.values.yaml @@ -8,4 +8,4 @@ stateStore: hdfs: enabled: true nameNode: hadoop-hdfs-master:9000 - root: risingwave \ No newline at end of file + root: risingwave diff --git a/examples/state-stores/oss.values.yaml b/examples/state-stores/oss.values.yaml index a5ab047..8085634 100644 --- a/examples/state-stores/oss.values.yaml +++ b/examples/state-stores/oss.values.yaml @@ -14,4 +14,4 @@ stateStore: authentication: useServiceAccount: false accessKey: ak - secretAccessKey: sk \ No newline at end of file + secretAccessKey: sk diff --git a/examples/state-stores/s3-compatible.values.yaml b/examples/state-stores/s3-compatible.values.yaml index 3b841c9..2c1e03b 100644 --- a/examples/state-stores/s3-compatible.values.yaml +++ b/examples/state-stores/s3-compatible.values.yaml @@ -13,4 +13,4 @@ stateStore: authentication: useServiceAccount: false accessKey: ak - secretAccessKey: sk \ No newline at end of file + secretAccessKey: sk diff --git a/examples/state-stores/s3.values.yaml b/examples/state-stores/s3.values.yaml index 09dd048..bf67d25 100644 --- a/examples/state-stores/s3.values.yaml +++ b/examples/state-stores/s3.values.yaml @@ -12,4 +12,4 @@ stateStore: authentication: useServiceAccount: false accessKey: ak - secretAccessKey: sk \ No newline at end of file + secretAccessKey: sk diff --git a/plugins/risingwave/pause.values.yaml b/plugins/risingwave/pause.values.yaml index c55e454..089752c 100644 --- a/plugins/risingwave/pause.values.yaml +++ b/plugins/risingwave/pause.values.yaml @@ -11,4 +11,4 @@ computeComponent: replicas: 0 compactorComponent: - replicas: 0 \ No newline at end of file + replicas: 0 diff --git a/plugins/risingwave/plugin.yaml b/plugins/risingwave/plugin.yaml index 317891a..68cd5b4 100644 --- a/plugins/risingwave/plugin.yaml +++ b/plugins/risingwave/plugin.yaml @@ -3,4 +3,4 @@ version: "0.1.0" usage: "operate risingwave releases" description: "operate risingwave releases" ignoreFlags: false -command: $HELM_PLUGIN_DIR/risingwave.sh \ No newline at end of file +command: $HELM_PLUGIN_DIR/risingwave.sh diff --git a/scripts/sanitize.sh b/scripts/sanitize.sh new file mode 100755 index 0000000..30fef20 --- /dev/null +++ b/scripts/sanitize.sh @@ -0,0 +1,3 @@ +#!/usr/bin/env bash + +git ls-files -z | while IFS= read -rd '' f; do if file --mime-encoding "$f" | grep -qv binary; then tail -c1 < "$f" | read -r _ || echo >> "$f"; fi; done