Skip to content

Commit

Permalink
Merge branch 'release/1.1.0'
Browse files Browse the repository at this point in the history
  • Loading branch information
Tecnobutrul committed Apr 26, 2024
2 parents 030dcd3 + 9cc3980 commit 7a90975
Show file tree
Hide file tree
Showing 14 changed files with 127 additions and 102 deletions.
14 changes: 12 additions & 2 deletions .github/workflows/push_pr_main.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -39,12 +39,22 @@ jobs:
- name: Run unit tests
run: bash run_tests.sh --unit

integration-test:
name: Integration Tests
integration-tests-mariadb:
name: Integration Tests Mariadb
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4

- name: Run integration tests
run: bash run_tests.sh --integration

integration-tests-postgresql:
name: Integration Tests Postgresql
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4

- name: Run integration tests
run: bash run_tests.sh --integration -d postgresql
10 changes: 9 additions & 1 deletion .gitlab-ci.yml
Original file line number Diff line number Diff line change
Expand Up @@ -31,14 +31,22 @@ test Helm Charts:
- helm plugin install https://github.com/helm-unittest/helm-unittest
- bash run_tests.sh --unit

integration Tests Helm Charts:
integration Tests Helm Charts Mariadb:
image: ${CI_DEPENDENCY_PROXY_DIRECT_GROUP_IMAGE_PREFIX}/docker:dind
script:
- |
apk update && apk add -U curl bash
sleep 10 # Wait for docker service
bash run_tests.sh --integration
integration Tests Helm Charts Postgresql:
image: ${CI_DEPENDENCY_PROXY_DIRECT_GROUP_IMAGE_PREFIX}/docker:dind
script:
- |
apk update && apk add -U curl bash
sleep 10 # Wait for docker service
bash run_tests.sh --integration -d postgresql
publish:
stage: publish
image: ${CI_DEPENDENCY_PROXY_DIRECT_GROUP_IMAGE_PREFIX}/alpine/helm
Expand Down
12 changes: 11 additions & 1 deletion CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,17 @@
All notable changes to this project will be documented in this file.
This project adheres to [Semantic Versioning](http://semver.org/).

## [Unreleased](https://github.com/passbolt/charts-passbolt/compare/1.0.0...HEAD)
## [Unreleased](https://github.com/passbolt/charts-passbolt/compare/1.1.0...HEAD)

## [1.1.0] - 2024-04-26

### Fixed

- [#81](https://github.com/passbolt/charts-passbolt/issues/81) Install passbolt with an existing Postgresql server.

### Added

- Integration tests for passbolt with postgresql were added.

## [1.0.0] - 2024-04-25

Expand Down
2 changes: 1 addition & 1 deletion Chart.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@ type: application
# This is the chart version. This version number should be incremented each time you make changes
# to the chart and its templates, including the app version.
# Versions are expected to follow Semantic Versioning (https://semver.org/)
version: 1.0.0
version: 1.1.0

# This is the version number of the application being deployed. This version number should be
# incremented each time you make changes to the application. Versions are not expected to
Expand Down
13 changes: 7 additions & 6 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@
<img src="./.assets/helm_passbolt.png" alt="passbolt sails kubernetes" width="500"/>
</h3>

![Version: 1.0.0](https://img.shields.io/badge/Version-1.0.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 4.6.2-1-ce](https://img.shields.io/badge/AppVersion-4.6.2--1--ce-informational?style=flat-square)
![Version: 1.1.0](https://img.shields.io/badge/Version-1.1.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 4.6.2-1-ce](https://img.shields.io/badge/AppVersion-4.6.2--1--ce-informational?style=flat-square)

Passbolt is an open source, security first password manager with strong focus on
collaboration.
Expand Down Expand Up @@ -246,11 +246,12 @@ Syntax: run_tests.sh [options]
run_tests.sh with no arguments will run all of the available tests.
options:
-h|--help Show this message.
-l|--lint Run helm lint.
-u|--unit Run helm unittest tests.
-i|--integration Run integration tests.
-no-clean Skip cleaning step.
-h|--help Show this message.
-l|--lint Run helm lint.
-u|--unit Run helm unittest tests.
-i|--integration Run integration tests.
-d|--database [option] Database to run integration tests with [mariadb|postgresql]."
-no-clean Skip cleaning step.
```

Expand Down
11 changes: 6 additions & 5 deletions README.md.gotmpl
Original file line number Diff line number Diff line change
Expand Up @@ -115,11 +115,12 @@ Syntax: run_tests.sh [options]
run_tests.sh with no arguments will run all of the available tests.

options:
-h|--help Show this message.
-l|--lint Run helm lint.
-u|--unit Run helm unittest tests.
-i|--integration Run integration tests.
-no-clean Skip cleaning step.
-h|--help Show this message.
-l|--lint Run helm lint.
-u|--unit Run helm unittest tests.
-i|--integration Run integration tests.
-d|--database [option] Database to run integration tests with [mariadb|postgresql]."
-no-clean Skip cleaning step.

```

Expand Down
78 changes: 3 additions & 75 deletions RELEASE_NOTES.md
Original file line number Diff line number Diff line change
@@ -1,76 +1,4 @@
Announcing the immediate availability of passbolt's helm chart 1.0.0.
This is a major release that introduces some breaking changes contributed
by the community.
Announcing the immediate availability of passbolt's helm chart 1.1.0.

Thanks to all the community members that helped us to improve this chart
and reach version 1.0.0!! :tada:

@chris968
@jouve
@Kuruyia

Following there is a list of breaking changes and possible migration paths
from previous chart versions. Please keep in mind that we can't cover all
possible scenarios.

If you are having issues upgrading from older chart versions please let us
known by opening an issue in Github

# TL;DR

List of breaking changes:

- Global `tls` value has been removed in favour of `ingress.tls` and `app.tls`
- `ingress.tls[].secretName` has been removed in favour of `ingress.tls[].existingSecret`
- `extraVolumes` and `extraVolumeMounts` values are now a list instead of a string.
- Expose the HTTP port in the service. `service.port`, `service.name` and
`service.targetPort` have been removed in favour of `service.ports`
in order to expose configurable http and https ports.

# Ingress and TLS related changes

Global `tls` value has been removed to allow users to have different TLS
certificates injected on ingress objects and passbolt containers.
Ingress TLS is now managed with `ingress.tls` value, while passbolt TLS
is managed with `app.tls` field in the values file.

## Migrate from old TLS configuration

`ingress.tls[].secretName` has been removed in favour of
`ingress.tls[].existingSecret` for clarity.

## Inject same SSL certificate on ingress and service

Users that were injecting the same secret on Ingress objects and passbolt
container will have to migrate to a configuration similar to:

```yaml
ingress.tls:
- autogenerate: false
existingSecret: mySSLSecret
hosts: [yourhost.com]
```
```yaml
app.tls:
- autogenerate: false
existingSecret: mySSLSecret
```
## Inject separate certificates on ingress and service
Users who want to inject different SSL certificates on ingress objects and passbolt
containers now they have a way to do it by setting:
```yaml
ingress.tls:
- autogenerate: false
existingSecret: myIngressSSLSecret
hosts: [yourhost.com]
```
```yaml
app.tls:
- autogenerate: false
existingSecret: mypassboltSSLSecret
```
This is a minor change release that fixes a bug when forcing the passboltEnv.DATASOURCES_DEFAULT_PORT on values file
and adds the passbolt with postgresql integration tests.
22 changes: 15 additions & 7 deletions run_tests.sh
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,7 @@

set -eo pipefail

DATABASE_ENGINGE=mariadb
RUN_UNIT=false
RUN_LINT=false
RUN_INTEGRATION=false
Expand All @@ -21,10 +22,11 @@ function run_unit_tests {
}

function run_integration_tests {
local database="$1"
if [[ "$RUN_INTEGRATION" == "true" || "$RUN_ALL" == "true" ]]; then
source tests/integration/fixtures/install_dependencies.sh
installDependencies
bash tests/integration/fixtures/create-cluster-with-passbolt.sh
bash tests/integration/fixtures/create-cluster-with-passbolt.sh "$database"
"$HELM_BINARY" test --logs passbolt -n default
fi
}
Expand All @@ -43,19 +45,20 @@ function showHelp {
echo "$0 with no arguments will run all of the available tests."
echo
echo "options:"
echo "-h|--help Show this message."
echo "-l|--lint Run helm lint."
echo "-u|--unit Run helm unittest tests."
echo "-i|--integration Run integration tests."
echo "-no-clean Skip cleaning step."
echo "-h|--help Show this message."
echo "-l|--lint Run helm lint."
echo "-u|--unit Run helm unittest tests."
echo "-i|--integration Run integration tests."
echo "-d|--database [option] Database to run integration tests to [mariadb|postgresql]."
echo "-no-clean Skip cleaning step."
echo
exit 0
}

function run_all {
run_linter
run_unit_tests
run_integration_tests
run_integration_tests "$DATABASE_ENGINGE"
clean_integration_assets
}

Expand All @@ -79,6 +82,11 @@ while [[ $# -gt 0 ]]; do
RUN_INTEGRATION=true
shift
;;
-d | --database)
shift
DATABASE_ENGINGE=$1
shift
;;
--no-clean)
CLEAN_INTEGRATION_ASSETS=false
shift
Expand Down
4 changes: 2 additions & 2 deletions templates/_helpers.tpl
Original file line number Diff line number Diff line change
Expand Up @@ -93,7 +93,7 @@ Render the value of the database port
{{- else if and ( eq .Values.postgresqlDependencyEnabled true ) ( eq .Values.app.database.kind "postgresql" ) }}
{{- default 5432 .Values.passboltEnv.plain.DATASOURCES_DEFAULT_PORT | quote }}
{{- else if ( hasKey .Values.passboltEnv.plain "DATASOURCES_DEFAULT_PORT" ) -}}
{{- printf "%s" .Values.passboltEnv.plain.DATASOURCES_DEFAULT_PORT }}
{{- printf "%s" (.Values.passboltEnv.plain.DATASOURCES_DEFAULT_PORT | toString )}}
{{- else }}
{{- fail "DATASOURCES_DEFAULT_PORT can't be empty when mariadbDependencyEnabled and postgresqlDependencyEnabled are disabled"}}
{{- end }}
Expand All @@ -109,7 +109,7 @@ Show error message if the user didn't set the needed values during upgrade
{{ if and $.Release.IsUpgrade ( not $.Values.gpgExistingSecret ) (or ( not $.Values.gpgServerKeyPublic ) ( not $.Values.gpgServerKeyPrivate )) }}
{{- $secretName := printf "%s-%s-%s" (include "passbolt-library.fullname" . ) "sec" "gpg" -}}
{{- $dpName := printf "%s-%s-%s" (include "passbolt-library.fullname" . ) "depl" "srv" -}}
{{- $containerName := printf "%s-%s-%s" (include "passbolt-library.fullname" . ) "depl" "srv" -}}
{{- $containerName := "passbolt" -}}
{{- $header = printf "GPG" -}}
{{- $message = printf "%s\n%s" $message (printf " export PRIVATE_KEY=$(kubectl get secret %s --namespace %s -o jsonpath=\"{.data.%s}\")" $secretName $.Release.Namespace "serverkey_private\\.asc") -}}
{{- $message = printf "%s\n%s" $message (printf " export PUBLIC_KEY=$(kubectl get secret %s --namespace %s -o jsonpath=\"{.data.%s}\")" $secretName $.Release.Namespace "serverkey\\.asc") -}}
Expand Down
2 changes: 1 addition & 1 deletion templates/secret-env.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,6 @@ data:
{{- $database := .Values.passboltEnv.secret.DATASOURCES_DEFAULT_DATABASE }}
{{- $schema := ( default "passbolt" .Values.passboltEnv.secret.DATASOURCES_DEFAULT_SCHEMA ) }}
{{- $host := ( include "passbolt.databaseServiceName" . ) | replace "\"" "" }}
{{- $port := ( default "5432" .Values.passboltEnv.plain.DATASOURCES_DEFAULT_PORT ) }}
{{- $port := ( default "5432" .Values.passboltEnv.plain.DATASOURCES_DEFAULT_PORT) | toString }}
DATASOURCES_DEFAULT_URL: {{ printf "postgres://%s:%s@%s:%s/%s?schema=%s" $username $password $host $port $database $schema | toString | b64enc }}
{{- end -}}
3 changes: 2 additions & 1 deletion tests/integration/fixtures/create-cluster-with-passbolt.sh
Original file line number Diff line number Diff line change
Expand Up @@ -3,8 +3,9 @@

set -eo pipefail

DATABASE_ENGINE="${1:-mariadb}"
KIND_CLUSTER_CONFIG_FILE="tests/integration/fixtures/kind-config.yaml"
HELM_TESTING_VALUES="tests/integration/fixtures/testing.yaml"
HELM_TESTING_VALUES="tests/integration/fixtures/testing-$DATABASE_ENGINE.yaml"
KIND_CLUSTER_NAME="charts-passbolt-integration"
K8S_LOCAL_TLS_SECRET="local-tls-secret"
SSL_KEY_PATH="/tmp/ssl.key"
Expand Down
File renamed without changes.
39 changes: 39 additions & 0 deletions tests/integration/fixtures/testing-postgresql.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,39 @@
postgresqlDependencyEnabled: true
mariadbDependencyEnabled: false
postgresql:
auth:
# -- Configure postgresql auth username
username: CHANGEME
# -- Configure postgresql auth password
password: CHANGEME
# -- Configure postgresql auth database
database: passbolt
# -- Enable integration tests
integrationTests:
enabled: true
certificatesSecret: mkcert-ca
debug: false
ingress:
# -- Enable passbolt ingress
enabled: true
# -- Configure passbolt ingress annotations
annotations:
nginx.ingress.kubernetes.io/backend-protocol: HTTPS
# -- Configure passbolt ingress hosts
hosts:
# @ignored
- host: "passbolt.local"
paths:
- path: /
port: https
pathType: ImplementationSpecific
tls:
- existingSecret: "local-tls-secret"
hosts:
- passbolt.local
app:
database:
kind: postgresql
tls:
autogenerate: false
existingSecret: "local-tls-secret"
19 changes: 19 additions & 0 deletions tests/secret_env_postgresql_support_test.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -53,3 +53,22 @@ tests:
path: data.DATASOURCES_DEFAULT_URL
value: "postgres://passboltUsername:pass@passboltHost:1234/passboltDatabase?schema=passboltSchema"
decodeBase64: true

- it: should contain the DATASOURCES_DEFAULT_URL with given schema, host and port as integer
templates:
- secret-env.yaml
set:
app.database.kind: "postgresql"
mariadbDependencyEnabled: false
postgresqlDependencyEnabled: true
passboltEnv.secret.DATASOURCES_DEFAULT_PASSWORD: pass
passboltEnv.secret.DATASOURCES_DEFAULT_DATABASE: passboltDatabase
passboltEnv.secret.DATASOURCES_DEFAULT_USERNAME: passboltUsername
passboltEnv.secret.DATASOURCES_DEFAULT_SCHEMA: passboltSchema
passboltEnv.plain.DATASOURCES_DEFAULT_HOST: "passboltHost"
passboltEnv.plain.DATASOURCES_DEFAULT_PORT: 1234
asserts:
- equal:
path: data.DATASOURCES_DEFAULT_URL
value: "postgres://passboltUsername:pass@passboltHost:1234/passboltDatabase?schema=passboltSchema"
decodeBase64: true

0 comments on commit 7a90975

Please sign in to comment.