Customize environment (#13)

* add extra env vars * render yaml as extra env vars instead of own function * increase verson * don't push chart.lock file * increase version number in ci file * fix redis version * fix extraenvvars --------- Co-authored-by: PT-ATA No One <[email protected]>
GDATASoftwareAG · Feb 21, 2024 · a551f79 · a551f79
1 parent ffef4c9
commit a551f79
Show file tree

Hide file tree

Showing 6 changed files with 37 additions and 36 deletions.
diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
@@ -49,7 +49,7 @@ jobs:
         with:
           name: vaas
           repository: gdatasoftwareag/charts
-          tag: 1.0.3
+          tag: 1.0.4
           path: charts/vaas
           registry: ghcr.io
           registry_username: ${{ secrets.REGISTRY_USERNAME }}

diff --git a/.gitignore b/.gitignore
@@ -3,4 +3,7 @@
 *.log
 *-locale.yaml
 *.tgz
-.fleet/
+.fleet/
+values-local.yaml
+.output/
+Chart.lock
diff --git a/charts/vaas/Chart.yaml b/charts/vaas/Chart.yaml
@@ -1,14 +1,14 @@
 apiVersion: v2
 name: vaas
-version: 1.0.3
+version: 1.0.4
 description: Deployment of a Verdict-as-a-Service on-premise instance
 maintainers:
   - name: G DATA CyberDefense AG
     email: [email protected]
 type: application
 dependencies:
   - name: redis
-    version: 18.13.0
+    version: 18.14.0
     condition: redis.enabled
     repository: https://charts.bitnami.com/bitnami
   - name: gdscan

diff --git a/charts/vaas/templates/gateway/_helpers.tpl b/charts/vaas/templates/gateway/_helpers.tpl
@@ -59,33 +59,3 @@ Selector labels
 app.kubernetes.io/name: {{ include "gateway.name" . }}
 app.kubernetes.io/instance: {{ .Release.Name }}
 {{- end }}
-
-{{/*
-Create environment variables to configure gateway container.
-*/}}
-{{- define "gateway.env" }}
-- name: Authentication__Schemes__Bearer__Authority
-  value: {{.Values.gateway.authentication.authority}} 
-- name: Authentication__Schemes__Bearer__RequireHttpsMetadata
-  value: "false"
-- name: Upload__Endpoint
-  value: {{.Values.gateway.uploadUrl}}
-- name: JwtSettings__Secret
-  value: {{ randAlphaNum 64 }}
-- name: GDScanConfiguration__Url
-  value: "http://gdscan:8080/scan/body"
-- name: RedisConfiguration__Configuration
-  value: "redis-master"
-{{- if .Values.gateway.cloudhashlookup.enabled }}
-- name: VerdictAsAService__Url
-  value: {{ .Values.gateway.options.url | quote }}
-- name: VerdictAsAService__TokenUrl
-  value: {{ .Values.gateway.options.tokenurl | quote }}
-- name: VerdictAsAService__Credentials__GrantType
-  value: {{ .Values.gateway.options.credentials.granttype | quote }}
-- name: VerdictAsAService__Credentials__ClientId
-  value: {{ .Values.gateway.options.credentials.clientid | quote }}
-- name: VerdictAsAService__Credentials__ClientSecret
-  {{ toYaml .Values.gateway.options.credentials.clientsecret }}
-{{- end }}
-{{- end }}
diff --git a/charts/vaas/templates/gateway/statefulset.yaml b/charts/vaas/templates/gateway/statefulset.yaml
@@ -36,8 +36,34 @@ spec:
           volumeMounts:
           - mountPath: /tmp
             name: gateway-tmp
-          env: 
-            {{- include "gateway.env" . | nindent 12 }}
+          env:
+            {{- if .Values.gateway.extraEnvVars }}
+            {{- toYaml .Values.gateway.extraEnvVars | nindent 12 }}
+            {{- end }}
+            - name: Authentication__Schemes__Bearer__Authority
+              value: {{.Values.gateway.authentication.authority}} 
+            - name: Authentication__Schemes__Bearer__RequireHttpsMetadata
+              value: "false"
+            - name: Upload__Endpoint
+              value: {{.Values.gateway.uploadUrl}}
+            - name: JwtSettings__Secret
+              value: {{ randAlphaNum 64 }}
+            - name: GDScanConfiguration__Url
+              value: "http://gdscan:8080/scan/body"
+            - name: RedisConfiguration__Configuration
+              value: "redis-master"
+            {{- if .Values.gateway.cloudhashlookup.enabled }}
+            - name: VerdictAsAService__Url
+              value: {{ .Values.gateway.options.url | quote }}
+            - name: VerdictAsAService__TokenUrl
+              value: {{ .Values.gateway.options.tokenurl | quote }}
+            - name: VerdictAsAService__Credentials__GrantType
+              value: {{ .Values.gateway.options.credentials.granttype | quote }}
+            - name: VerdictAsAService__Credentials__ClientId
+              value: {{ .Values.gateway.options.credentials.clientid | quote }}
+            - name: VerdictAsAService__Credentials__ClientSecret
+              {{ toYaml .Values.gateway.options.credentials.clientsecret }}
+            {{- end }}
           ports:
             - name: http
               containerPort: {{ .Values.gateway.service.http.port }}

diff --git a/charts/vaas/values.yaml b/charts/vaas/values.yaml
@@ -134,6 +134,8 @@ gateway:
   tolerations: []
   affinity: {}
 
+  extraEnvVars: []
+
   # This block is only for G DATA's internal usage.
   hashlookup:
     enabled: false