openstack/openstack-helm
Code Issues Proposed changes

fix(horizon and neutron): adds tls to test pod

Browse Source 
This patch set puts in the missing certificates to the test-pod.
It also corrects the path of sriov_agent.ini file

Change-Id: Ice2124f92a36d545726243fff60db25fbb2ea9c0
This commit is contained in:
Tin Lam 2020-08-04 08:56:06 -05:00 committed by Gupta, Sangeet (sg774j)
parent fa91a256e1
commit 7956310ead
4 changed files with 15 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
horizon/templates/deployment.yaml
View File

@ -129,7 +129,8 @@ spec:
subPath: {{ base $policyFile }} subPath: {{ base $policyFile }}
readOnly: true readOnly: true
{{- end }} {{- end }}
{{- dict "enabled" .Values.manifests.certificates "name" .Values.secrets.tls.dashboard.dashboard.internal "path" "/etc/openstack-dashboard/certs" | include "helm-toolkit.snippets.tls_volume_mount" | indent 12 }} {{- dict "enabled" $envAll.Values.manifests.certificates "name" $envAll.Values.secrets.tls.dashboard.dashboard.internal "path" "/etc/openstack-dashboard/certs" | include "helm-toolkit.snippets.tls_volume_mount" | indent 12 }}
{{- dict "enabled" $envAll.Values.manifests.certificates "name" $envAll.Values.endpoints.oslo_db.auth.admin.secret.tls.internal "path" "/etc/mysql/certs" | include "helm-toolkit.snippets.tls_volume_mount" | indent 12 }}
{{ if $mounts_horizon.volumeMounts }}{{ toYaml $mounts_horizon.volumeMounts | indent 12 }}{{ end }} {{ if $mounts_horizon.volumeMounts }}{{ toYaml $mounts_horizon.volumeMounts | indent 12 }}{{ end }}
volumes: volumes:
- name: pod-tmp - name: pod-tmp
@ -146,6 +147,7 @@ spec:
secret: secret:
secretName: horizon-etc secretName: horizon-etc
defaultMode: 0444 defaultMode: 0444
{{- dict "enabled" .Values.manifests.certificates "name" .Values.secrets.tls.dashboard.dashboard.internal | include "helm-toolkit.snippets.tls_volume" | indent 8 }} {{- dict "enabled" $envAll.Values.manifests.certificates "name" $envAll.Values.endpoints.oslo_db.auth.admin.secret.tls.internal | include "helm-toolkit.snippets.tls_volume" | indent 8 }}
{{- dict "enabled" $envAll.Values.manifests.certificates "name" $envAll.Values.secrets.tls.dashboard.dashboard.internal | include "helm-toolkit.snippets.tls_volume" | indent 8 }}
{{ if $mounts_horizon.volumes }}{{ toYaml $mounts_horizon.volumes | indent 8 }}{{ end }} {{ if $mounts_horizon.volumes }}{{ toYaml $mounts_horizon.volumes | indent 8 }}{{ end }}
{{- end }} {{- end }}

4
horizon/templates/pod-helm-tests.yaml
View File

@ -47,7 +47,7 @@ spec:
command: command:
- /tmp/selenium-test.py - /tmp/selenium-test.py
env: env:
{{- with $env := dict "ksUserSecret" .Values.secrets.identity.admin }} {{- with $env := dict "ksUserSecret" .Values.secrets.identity.admin "useCA" .Values.manifests.certificates }}
{{- include "helm-toolkit.snippets.keystone_openrc_env_vars" $env | indent 8 }} {{- include "helm-toolkit.snippets.keystone_openrc_env_vars" $env | indent 8 }}
{{- end }} {{- end }}
- name: HORIZON_URI - name: HORIZON_URI
@ -59,6 +59,7 @@ spec:
mountPath: /tmp/selenium-test.py mountPath: /tmp/selenium-test.py
subPath: selenium-test.py subPath: selenium-test.py
readOnly: true readOnly: true
{{- dict "enabled" $envAll.Values.manifests.certificates "name" .Values.secrets.tls.dashboard.dashboard.internal | include "helm-toolkit.snippets.tls_volume_mount" | indent 8 }}
{{ if $mounts_tests.volumeMounts }}{{ toYaml $mounts_tests.volumeMounts | indent 8 }}{{ end }} {{ if $mounts_tests.volumeMounts }}{{ toYaml $mounts_tests.volumeMounts | indent 8 }}{{ end }}
volumes: volumes:
- name: pod-tmp - name: pod-tmp
@ -67,5 +68,6 @@ spec:
configMap: configMap:
name: horizon-bin name: horizon-bin
defaultMode: 0555 defaultMode: 0555
{{- dict "enabled" $envAll.Values.manifests.certificates "name" .Values.secrets.tls.dashboard.dashboard.internal | include "helm-toolkit.snippets.tls_volume" | indent 4 }}
{{ if $mounts_tests.volumes }}{{ toYaml $mounts_tests.volumes | indent 4 }}{{ end }} {{ if $mounts_tests.volumes }}{{ toYaml $mounts_tests.volumes | indent 4 }}{{ end }}
{{- end }} {{- end }}

9
neutron/templates/bin/_neutron-server.sh.tpl
View File

@ -19,12 +19,17 @@ COMMAND="${@:-start}"
function start () { function start () {
{{- if .Values.manifests.certificates }} {{- if .Values.manifests.certificates }}
add_config="" add_config="neutron.conf;"
{{- if ( has "tungstenfabric" .Values.network.backend ) }}
add_config+='plugins/tungstenfabric/tf_plugin.ini;'
{{- else }}
add_config+='plugins/ml2/ml2_conf.ini;'
{{- end }}
{{- if .Values.conf.plugins.taas.taas.enabled }} {{- if .Values.conf.plugins.taas.taas.enabled }}
add_config+='taas_plugin.ini;' add_config+='taas_plugin.ini;'
{{- end }} {{- end }}
{{- if ( has "sriov" .Values.network.backend ) }} {{- if ( has "sriov" .Values.network.backend ) }}
add_config+='sriov_agent.ini;' add_config+='plugins/ml2/sriov_agent.ini;'
{{- end }} {{- end }}
{{- if .Values.conf.plugins.l2gateway }} {{- if .Values.conf.plugins.l2gateway }}
add_config+='l2gw_plugin.ini;' add_config+='l2gw_plugin.ini;'

1
neutron/templates/deployment-server.yaml
View File

@ -189,6 +189,7 @@ spec:
subPath: mpm_event.conf subPath: mpm_event.conf
readOnly: true readOnly: true
{{ end }} {{ end }}
{{- dict "enabled" .Values.manifests.certificates "name" .Values.endpoints.oslo_db.auth.admin.secret.tls.internal "path" "/etc/mysql/certs" | include "helm-toolkit.snippets.tls_volume_mount" | indent 12 }}
{{- dict "enabled" .Values.manifests.certificates "name" .Values.secrets.tls.network.server.internal "path" "/etc/neutron/certs" | include "helm-toolkit.snippets.tls_volume_mount" | indent 12 }} {{- dict "enabled" .Values.manifests.certificates "name" .Values.secrets.tls.network.server.internal "path" "/etc/neutron/certs" | include "helm-toolkit.snippets.tls_volume_mount" | indent 12 }}
{{ if $mounts_neutron_server.volumeMounts }}{{ toYaml $mounts_neutron_server.volumeMounts | indent 12 }}{{ end }} {{ if $mounts_neutron_server.volumeMounts }}{{ toYaml $mounts_neutron_server.volumeMounts | indent 12 }}{{ end }}
{{- if .Values.manifests.certificates }} {{- if .Values.manifests.certificates }}