Helm Chart Fixes for Env variables and volumes (#35)

* Helm Chart Fixes for Env variables and volumes The opensearch-dashboards chart failed to render correctly when utilizing the extraEnvs flag, caused by incorrect indentation. The opensearch chart failed to render when utlizing the secrets for the security config, this was due to them being in the env section. This pull request reqolves both issues, verified via running helm template with the minumal values files included here: ```yaml envFrom: - secretRef: name: kibana-secrets extraEnvs: - name: TENANT_ID valueFrom: secretKeyRef: name: kibana-secrets key: tenantID ``` ```yaml securityConfig: enabled: true configSecret: "security-config" internalUsersSecret: "internal-users-config" rolesMappingSecret: "roles-mapping-config" rolesSecret: "roles-config" ``` Signed-off-by: Harrison Goscenski <[email protected]> * Updating paths in sts to be dynamic Updating the paths specified in the sts for opensearch to utilize .Values.opensearchHome to allow for dynamic paths, with a default of `/usr/share/opensearch` which should be sufficient for most users. Signed-off-by: Harrison Goscenski <[email protected]>
opensearch-project · Aug 24, 2021 · fe831db · fe831db · cybernagle · Aug 25, 2021
1 parent 4f8fbb3
commit fe831db
Show file tree

Hide file tree

Showing 3 changed files with 14 additions and 12 deletions.
diff --git a/Helm/opensearch-dashboards/templates/deployment.yaml b/Helm/opensearch-dashboards/templates/deployment.yaml
@@ -117,7 +117,7 @@ spec:
               key: cookie
             {{- end }}
 {{- if .Values.extraEnvs }}
-{{ toYaml .Values.extraEnvs | indent 10 }}
+{{ toYaml .Values.extraEnvs | indent 8 }}
 {{- end }}
 {{- if .Values.envFrom }}
         envFrom:

diff --git a/Helm/opensearch/templates/statefulset.yaml b/Helm/opensearch/templates/statefulset.yaml
@@ -149,7 +149,7 @@ spec:
         - name: config
           configMap:
             name: {{ template "opensearch.uname" . }}-config
-        {{- end }}      
+        {{- end }}
         {{- if and .Values.securityConfig.config.securityConfigSecret .Values.securityConfig.config.data }}
         - name: security-config
           secret:
@@ -238,7 +238,7 @@ spec:
             echo "$PASSWORD" | opensearch-keystore add -x bootstrap.password
           fi
 
-          cp -a /usr/share/opensearch/config/opensearch.keystore /tmp/keystore/
+          cp -a {{ .Values.opensearchHome }}/config/opensearch.keystore /tmp/keystore/
         env: {{ toYaml .Values.extraEnvs | nindent 10 }}
         envFrom: {{ toYaml .Values.envFrom | nindent 10 }}
         resources: {{ toYaml .Values.initResources | nindent 10 }}
@@ -315,7 +315,12 @@ spec:
         volumeMounts:
           {{- if .Values.persistence.enabled }}
           - name: "{{ template "opensearch.uname" . }}"
-            mountPath: /usr/share/opensearch/data
+            mountPath: {{ .Values.opensearchHome }}/data
+          {{- end }}
+          {{- if .Values.keystore }}
+          - name: keystore
+            mountPath: {{ .Values.opensearchHome }}/config/opensearch.keystore
+            subPath: opensearch.keystore
           {{- end }}
           {{- if .Values.securityConfig.enabled }}
           {{- if .Values.securityConfig.actionGroupsSecret }}
@@ -353,11 +358,7 @@ spec:
             name: security-config
           {{- end }}
           {{- end }}
-{{ if .Values.keystore }}
-          - name: keystore
-            mountPath: /usr/share/opensearch/config/opensearch.keystore
-            subPath: opensearch.keystore
-{{ end }}
+
           {{- range .Values.secretMounts }}
           - name: {{ .name }}
             mountPath: {{ .path }}
@@ -367,7 +368,7 @@ spec:
           {{- end }}
           {{- range $path, $config := .Values.config }}
           - name: config
-            mountPath: /usr/share/opensearch/config/{{ $path }}
+            mountPath: {{ .Values.opensearchHome }}/config/{{ $path }}
             subPath: {{ $path }}
           {{- end -}}
         {{- if .Values.extraVolumeMounts }}

diff --git a/Helm/opensearch/values.yaml b/Helm/opensearch/values.yaml
@@ -20,7 +20,8 @@ minimumMasterNodes: 1
 majorVersion: ""
 
 
-# Allows you to add any config files in /usr/share/opensearch/config/
+# Allows you to add any config files in {{ .Values.configPath }}/config
+opensearchHome: /usr/share/opensearch
 # such as opensearch.yml and log4j2.properties
 config:
   opensearch.yml:
@@ -65,7 +66,7 @@ config:
           enabled: true
           indices: [".opendistro-alerting-config", ".opendistro-alerting-alert*", ".opendistro-anomaly-results*", ".opendistro-anomaly-detector*", ".opendistro-anomaly-checkpoints", ".opendistro-anomaly-detection-state", ".opendistro-reports-*", ".opendistro-notifications-*", ".opendistro-notebooks", ".opendistro-asynchronous-search-response*"]
     ######## End OpenSearch Security Demo Configuration ########
-  # log4j2.properties: 
+  # log4j2.properties:
 
 # Extra environment variables to append to this nodeGroup
 # This will be appended to the current 'env:' key. You can use any of the kubernetes env