Skip to content

Backport NET-581 - Added vault namespace in helm (#2841)#2929

Merged
asheshvidyut merged 1 commit intorelease/1.2.xfrom
backport-NET-581-vault-namespace-1.2.x
Sep 8, 2023
Merged

Backport NET-581 - Added vault namespace in helm (#2841)#2929
asheshvidyut merged 1 commit intorelease/1.2.xfrom
backport-NET-581-vault-namespace-1.2.x

Conversation

@asheshvidyut
Copy link
Copy Markdown
Contributor

@asheshvidyut asheshvidyut commented Sep 8, 2023

Backport

This PR is auto-generated from #2841 to be assessed for backporting due to the inclusion of the label backport/1.2.x.

🚨

Warning automatic cherry-pick of commits failed. If the first commit failed,
you will see a blank no-op commit below. If at least one commit succeeded, you
will see the cherry-picked commits up to, not including, the commit where
the merge conflict occurred.

The person who merged in the original PR is:
@absolutelightning
This person should manually cherry-pick the original PR into a new backport PR,
and close this one when the manual backport PR is merged in.

merge conflict error: unable to process merge commit: "c7342840f1e1f0ca6ec613332ae3dfdd12be19cc", automatic backport requires rebase workflow

The below text is copied from the body of the original PR.

Changes proposed in this PR:

  • Adds vaultNamespace in secretsBackend.vault in values.yaml
  • This namespace is used for Vault namespace, this introduces one more way to specify namespace other than
    "{"connect": [{ "ca_config": [{ "namespace": "value"}]}]}" in connectCA.additionalConfig
  • If vaultNamespace is present, it automatically adds annotation below to the templates.
    vault:
      agentAnnotations: |
        vault.hashicorp.com/namespace: vaultNamespace

How I've tested this PR:
a. CI
b. Updated test TestVault_VaultNamespace
Test Steps -

1. kind create cluster --name=dc1
2. kind create cluster --name=dc2
3. cd acceptance/test/vault
4. go test ./... -p 1 -timeout 2h -failfast -no-cleanup-on-failure -debug-directory=/tmp/debug -use-kind -enable-multi-cluster -kube-contexts=kind-dc1,kind-dc2  -run ^TestVault

Output -

asheshvidyut@absolutelightning-H2GX766V9T acceptance/tests (NET-581-Configure-Vault-namespaces-for-Connect-CA-via-Helm-Stanza) » go test ./... -p 1 -timeout 2h -failfast -no-cleanup-on-failure -debug-directory=/tmp/debug -use-kind -enable-multi-cluster -kube-contexts=kind-dc1,kind-dc2  -run ^TestVault
ok  	github.com/hashicorp/consul-k8s/acceptance/tests/api-gateway	0.492s [no tests to run]
ok  	github.com/hashicorp/consul-k8s/acceptance/tests/basic	0.547s [no tests to run]
ok  	github.com/hashicorp/consul-k8s/acceptance/tests/cli	0.529s [no tests to run]
ok  	github.com/hashicorp/consul-k8s/acceptance/tests/cloud	0.565s [no tests to run]
ok  	github.com/hashicorp/consul-k8s/acceptance/tests/config-entries	0.524s [no tests to run]
ok  	github.com/hashicorp/consul-k8s/acceptance/tests/connect	0.556s [no tests to run]
ok  	github.com/hashicorp/consul-k8s/acceptance/tests/consul-dns	0.543s [no tests to run]
ok  	github.com/hashicorp/consul-k8s/acceptance/tests/example	0.540s
ok  	github.com/hashicorp/consul-k8s/acceptance/tests/ingress-gateway	0.553s [no tests to run]
ok  	github.com/hashicorp/consul-k8s/acceptance/tests/metrics	0.555s [no tests to run]
ok  	github.com/hashicorp/consul-k8s/acceptance/tests/partitions	0.561s [no tests to run]
ok  	github.com/hashicorp/consul-k8s/acceptance/tests/peering	0.568s [no tests to run]
ok  	github.com/hashicorp/consul-k8s/acceptance/tests/sameness	0.552s
ok  	github.com/hashicorp/consul-k8s/acceptance/tests/snapshot-agent	0.572s [no tests to run]
ok  	github.com/hashicorp/consul-k8s/acceptance/tests/sync	0.554s [no tests to run]
ok  	github.com/hashicorp/consul-k8s/acceptance/tests/terminating-gateway	0.553s [no tests to run]
ok  	github.com/hashicorp/consul-k8s/acceptance/tests/vault	916.339s
ok  	github.com/hashicorp/consul-k8s/acceptance/tests/wan-federation	0.587s [no tests to run]

How I expect reviewers to test this PR:

Checklist:

Overview of commits

@asheshvidyut @zalimeni
NET-581 - Added vault namespace in helm (#2841)
9467a22 
* added namespace

* namespace in connect ca

* updated tests

* fix test desc

* changelog

* Update .changelog/2841.txt

Co-authored-by: Michael Zalimeni <michael.zalimeni@hashicorp.com>

* Update charts/consul/values.yaml

Co-authored-by: Michael Zalimeni <michael.zalimeni@hashicorp.com>

* removed new line added

* fix templates

* bats test

* fix double colon

* fix template

* added 2 more tests

* fixes bats tests

* fix json in api gateway

* updated bats test

* Update charts/consul/values.yaml

Co-authored-by: Michael Zalimeni <michael.zalimeni@hashicorp.com>

* fix client daemon set bats

* fix bats test

* fix bats

* api gateway fix

* fix bats

* fix clientdaemon set and api gateway controller

* fix connect inject deployment

* fix mesh gateway deployment

* added tests for partition init job

* server acl init job tests added

* fix server stateful bats

* fix sync catalog

* fix includes check

* bats test fixes

* fix connect inject

* fix yaml

* fix yaml

* fix assertions in bats

* fix client daemon set bats

* Update charts/consul/values.yaml

Co-authored-by: Michael Zalimeni <michael.zalimeni@hashicorp.com>

* Update charts/consul/templates/server-config-configmap.yaml

Co-authored-by: Michael Zalimeni <michael.zalimeni@hashicorp.com>

* change yaml

* added addional config test

* fix tests

* added more tests

* fix bats

* Update charts/consul/test/unit/server-config-configmap.bats

Co-authored-by: Michael Zalimeni <michael.zalimeni@hashicorp.com>

* Update charts/consul/test/unit/server-config-configmap.bats

Co-authored-by: Michael Zalimeni <michael.zalimeni@hashicorp.com>

* Update .changelog/2841.txt

Co-authored-by: David Yu <dyu@hashicorp.com>

* Update .changelog/2841.txt

Co-authored-by: Michael Zalimeni <michael.zalimeni@hashicorp.com>

* added dummy commit to run CI

* fix change log

* fix comment

---------

Co-authored-by: Michael Zalimeni <michael.zalimeni@hashicorp.com>
Co-authored-by: David Yu <dyu@hashicorp.com>
@asheshvidyut asheshvidyut changed the title NET-581 - Added vault namespace in helm (#2841) Backport NET-581 - Added vault namespace in helm (#2841) Sep 8, 2023
@asheshvidyut asheshvidyut added the pr/no-backport signals that a PR will not contain a backport label label Sep 8, 2023
@asheshvidyut asheshvidyut merged commit 025bfc3 into release/1.2.x Sep 8, 2023
@asheshvidyut asheshvidyut deleted the backport-NET-581-vault-namespace-1.2.x branch September 8, 2023 11:35
@asheshvidyut asheshvidyut added the consul-india PRs/Issues assigned to Consul India team label Dec 27, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@Ganeshrockz Ganeshrockz Ganeshrockz approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

consul-india PRs/Issues assigned to Consul India team pr/no-backport signals that a PR will not contain a backport label

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@asheshvidyut @Ganeshrockz @srahul3