From 3126341b9ed9218d267470d00f5a17a4d4c9ee7b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Maik=20Scha=CC=88fer?= <maik.schaefer@open-xchange.com>
Date: Thu, 14 Sep 2023 17:27:09 +0200
Subject: [PATCH] Changed: Update redis values in helm chart
---
.env.defaults | 2 ++
README.md | 4 +++-
helm/core-ui-middleware/Chart.yaml | 2 +-
helm/core-ui-middleware/templates/_helpers.tpl | 8 ++++++++
.../core-ui-middleware/templates/deployment.yaml | 16 +++++++++++++++-
.../templates/redis-secret.yaml | 10 ++++++++++
helm/core-ui-middleware/templates/updater.yaml | 16 +++++++++++++++-
helm/core-ui-middleware/values.yaml | 6 +++++-
src/redis.js | 1 +
9 files changed, 60 insertions(+), 5 deletions(-)
create mode 100644 helm/core-ui-middleware/templates/redis-secret.yaml
diff --git a/.env.defaults b/.env.defaults
index cf8181f..b80b50c 100644
--- a/.env.defaults
+++ b/.env.defaults
@@ -14,4 +14,6 @@ REDIS_SENTINEL_MASTER_ID=mymaster
REDIS_DB=0
REDIS_PREFIX=ui-middleware
REDIS_HOSTS=localhost:6379
+REDIS_USERNAME=
+REDIS_PASSWORD=
ORIGINS=*
diff --git a/README.md b/README.md
index 5e3a084..b3fc64e 100644
--- a/README.md
+++ b/README.md
@@ -43,7 +43,9 @@ It is possible to horizontally scale the UI Middleware, as more clients are fetc
| N/A (see above) | `REDIS_HOSTS` | Redis hosts as string | `"localhost:6379"` |
| `redis.db` | `REDIS_DB` | Redis DB, e.g. `"1"` | null |
| `redis.prefix` | `REDIS_PREFIX` | Redis prefix | `"ui-middleware"` |
-| `redis.password` | `REDIS_PASSWORD` | Redis password | null |
+| `redis.auth.enabled` | N/A | Generate redis auth secret | `false` |
+| `redis.username` | `REDIS_USERNAME` | Redis username | `""` |
+| `redis.password` | `REDIS_PASSWORD` | Redis password | `""` |
| `redis.sidecar.image` | N/A | Redis sidecar image | `"redis:latest"` |
| `compressFileSize` | `COMPRESS_FILE_SIZE` | Larger files will be gzipped | `600` |
| `compressFileTypes` | `COMPRESS_FILE_TYPES` | Set of compression mime types | application/javascript application/json application/x-javascript application/xml application/xml+rss text/css text/html text/javascript text/plain text/xml image/svg+xml |
diff --git a/helm/core-ui-middleware/Chart.yaml b/helm/core-ui-middleware/Chart.yaml
index 51c966e..fe4cfe9 100644
--- a/helm/core-ui-middleware/Chart.yaml
+++ b/helm/core-ui-middleware/Chart.yaml
@@ -15,7 +15,7 @@ type: application
# This is the chart version. This version number should be incremented each time you make changes
# to the chart and its templates, including the app version.
# Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 2.0.1
+version: 2.1.0
# This is the version number of the application being deployed. This version number should be
# incremented each time you make changes to the application. Versions are not expected to
diff --git a/helm/core-ui-middleware/templates/_helpers.tpl b/helm/core-ui-middleware/templates/_helpers.tpl
index bb0eb98..26a5e60 100644
--- a/helm/core-ui-middleware/templates/_helpers.tpl
+++ b/helm/core-ui-middleware/templates/_helpers.tpl
@@ -60,3 +60,11 @@ Create the name of the service account to use
{{- default "default" .Values.serviceAccount.name }}
{{- end }}
{{- end }}
+
+{{- define "core-ui-middleware.redisSecret" -}}
+{{- if .Values.overrides.redisSecret -}}
+{{- .Values.overrides.redisSecret -}}
+{{- else -}}
+{{- printf "%s-%s" .Release.Name "core-ui-middleware-redis" | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+{{- end -}}
diff --git a/helm/core-ui-middleware/templates/deployment.yaml b/helm/core-ui-middleware/templates/deployment.yaml
index 422818d..8b5d0b7 100644
--- a/helm/core-ui-middleware/templates/deployment.yaml
+++ b/helm/core-ui-middleware/templates/deployment.yaml
@@ -41,8 +41,22 @@ spec:
value: "{{ .Values.redis.hosts | join "," }}"
- name: REDIS_DB
value: "{{ .Values.redis.db | int }}"
+ {{- if eq .Values.redis.mode "sentinel" }}
+ - name: REDIS_SENTINEL_MASTER_ID
+ value: {{ .Values.redis.sentinelMasterId | quote }}
+ {{- end }}
+ {{- if .Values.redis.auth.enabled }}
+ - name: REDIS_USERNAME
+ valueFrom:
+ secretKeyRef:
+ name: {{ include "core-ui-middleware.redisSecret" . }}
+ key: username
- name: REDIS_PASSWORD
- value: "{{ .Values.redis.password }}"
+ valueFrom:
+ secretKeyRef:
+ name: {{ include "core-ui-middleware.redisSecret" . }}
+ key: password
+ {{- end }}
- name: REDIS_PREFIX
value: "{{ .Values.redis.prefix }}"
ports:
diff --git a/helm/core-ui-middleware/templates/redis-secret.yaml b/helm/core-ui-middleware/templates/redis-secret.yaml
new file mode 100644
index 0000000..749fdb4
--- /dev/null
+++ b/helm/core-ui-middleware/templates/redis-secret.yaml
@@ -0,0 +1,10 @@
+{{- if .Values.redis.auth.enabled -}}
+apiVersion: v1
+kind: Secret
+metadata:
+ name: {{ include "core-ui-middleware.redisSecret" . }}
+type: Opaque
+data:
+ username: {{ .Values.redis.auth.username | b64enc | quote }}
+ password: {{ .Values.redis.auth.password | b64enc | quote }}
+{{- end -}}
diff --git a/helm/core-ui-middleware/templates/updater.yaml b/helm/core-ui-middleware/templates/updater.yaml
index dab7502..3d42e62 100644
--- a/helm/core-ui-middleware/templates/updater.yaml
+++ b/helm/core-ui-middleware/templates/updater.yaml
@@ -41,8 +41,22 @@ spec:
value: "{{ .Values.redis.hosts | join "," }}"
- name: REDIS_DB
value: "{{ .Values.redis.db | int }}"
+ {{- if eq .Values.redis.mode "sentinel" }}
+ - name: REDIS_SENTINEL_MASTER_ID
+ value: {{ .Values.redis.sentinelMasterId | quote }}
+ {{- end }}
+ {{- if .Values.redis.auth.enabled }}
+ - name: REDIS_USERNAME
+ valueFrom:
+ secretKeyRef:
+ name: {{ include "core-ui-middleware.redisSecret" . }}
+ key: username
- name: REDIS_PASSWORD
- value: "{{ .Values.redis.password }}"
+ valueFrom:
+ secretKeyRef:
+ name: {{ include "core-ui-middleware.redisSecret" . }}
+ key: password
+ {{- end }}
- name: REDIS_PREFIX
value: "{{ .Values.redis.prefix }}"
ports:
diff --git a/helm/core-ui-middleware/values.yaml b/helm/core-ui-middleware/values.yaml
index e7ecf74..620cdb1 100644
--- a/helm/core-ui-middleware/values.yaml
+++ b/helm/core-ui-middleware/values.yaml
@@ -120,7 +120,11 @@ redis:
hosts:
- localhost:6379
db: 0
- password: null
+ sentinelMasterId: "mymaster"
+ auth:
+ enabled: false
+ username: ""
+ password: ""
prefix: ui-middleware
# This is only used for development. A sidecar container is started in the pod.
# Note: This does not scale!
diff --git a/src/redis.js b/src/redis.js
index 66f8b46..1899d91 100644
--- a/src/redis.js
+++ b/src/redis.js
@@ -32,6 +32,7 @@ const hosts = (process.env.REDIS_HOSTS || '').split(',').map(host => {
export function createClient (id, options = commonQueueOptions) {
options = {
+ username: process.env.REDIS_USERNAME,
db: Number(process.env.REDIS_DB),
password: process.env.REDIS_PASSWORD,
...options
--
GitLab