From 822aee54929d1140311f8ed45658227dd1662c6c Mon Sep 17 00:00:00 2001 From: James Elliott Date: Mon, 29 Apr 2024 09:34:34 +1000 Subject: [PATCH] feat: integrated dbs and add tests (#228)" This reverts commit bbbd05d75c0cd1b2cec0e4d3bd669488d805f7e2. --- .buildkite/hooks/pre-command | 8 +++- charts/authelia/Chart.yaml | 16 +++++++- charts/authelia/README.md | 11 ++++-- charts/authelia/values.yaml | 72 +++++++++++++++++++++++++++++++++++- 4 files changed, 100 insertions(+), 7 deletions(-) diff --git a/.buildkite/hooks/pre-command b/.buildkite/hooks/pre-command index d766dea..02a1951 100755 --- a/.buildkite/hooks/pre-command +++ b/.buildkite/hooks/pre-command @@ -16,4 +16,10 @@ if [[ "${BUILDKITE_STEP_KEY}" == "upload" ]] || [[ "${BUILDKITE_STEP_KEY}" == "i mkdir -p .cr-release-packages .cr-index buildkite-agent artifact download .cr-release-packages/* .cr-release-packages -fi \ No newline at end of file +fi + +if [[ "${BUILDKITE_STEP_KEY}" == "package" ]]; then + echo "--- :testobject: Adding Bitnami Chart Repo" + + helm repo add bitnami https://charts.bitnami.com/bitnami +fi diff --git a/charts/authelia/Chart.yaml b/charts/authelia/Chart.yaml index 420f520..0b7b193 100644 --- a/charts/authelia/Chart.yaml +++ b/charts/authelia/Chart.yaml @@ -1,6 +1,6 @@ apiVersion: v2 name: authelia -version: 0.9.0-beta3 +version: 0.9.0-beta4 kubeVersion: ">= 1.13.0-0" description: Authelia is a Single Sign-On Multi-Factor portal for web apps type: application @@ -20,7 +20,19 @@ home: https://www.authelia.com sources: - https://github.com/authelia/chartrepo/tree/master/charts/authelia - https://www.github.com/authelia/authelia -dependencies: [] +dependencies: + - name: postgresql + version: ~15.1.4 + repository: https://charts.bitnami.com/bitnami + condition: storage.postgres.deploy + - name: mariadb + version: ~17.0.1 + repository: https://charts.bitnami.com/bitnami + condition: storage.mysql.deploy + - name: redis + version: ~19.0.2 + repository: https://charts.bitnami.com/bitnami + condition: session.redis.deploy maintainers: - name: james-d-elliott email: james-d-elliott@users.noreply.github.com diff --git a/charts/authelia/README.md b/charts/authelia/README.md index 219fa32..7c78c3a 100644 --- a/charts/authelia/README.md +++ b/charts/authelia/README.md @@ -4,9 +4,8 @@ not recommended at this stage for production environments without manual intervention to check the templated manifests match your desired state. -This chart uses api version 2 which is only supported by helm v3+. This is a ***standalone*** chart intended just to -deploy *Authelia* on its own. Eventually we may publish an `authelia-bundle` chart which includes `redis` and -`postgresql`. +This chart uses api version 2 which is only supported by helm v3+. This chart includes Bitnami subcharts to optionally +deploy `redis`, `postgresql` and/or `mariadb`. # Breaking Changes @@ -156,17 +155,23 @@ values.yaml is based on the *Authelia* configuration. See the | configMap.authentication_backend.ldap.enabled | Enables LDAP auth when generating the config | true | | configMap.authentication_backend.file.enabled | Enables file auth when generating the config | false | | configMap.session.redis.enabled | Enables redis session storage when generating the config | true | +| configMap.session.redis.deploy | Deploy a redis instance | false | | configMap.session.redis.enabledSecret | Forces redis password auth using a secret if true | false | | configMap.session.redis.high_availability.enabled | Enables redis sentinel when generating the config | false | | configMap.session.redis.high_availability.enabledSecret | Forces sentinel password auth using a secret if true | false | | configMap.storage.local.enabled | Enables the SQLite3 storage provider | false | | configMap.storage.mysql.enabled | Enables the MySQL storage provider | false | +| configMap.storage.mysql.deploy | Deploy a MariaDB instance | false | | configMap.storage.postgres.enabled | Enables the PostgreSQL storage provider | true | +| configMap.storage.postgres.deploy | Deploy a PostgreSQL instance | false | | configMap.notifier.filesystem.enabled | Enables the filesystem notification provider | false | | configMap.notifier.smtp.enabled | Enables the SMTP notification provider | true | | configMap.notifier.smtp.enabledSecret | Forces smtp password auth using a secret if true | false | | configMap.identity_providers.oidc.enabled | Enables the OpenID Connect Idp | false | +If any of `configMap.session.redis.deploy`, `configMap.storage.mysql.deploy` or `configMap.storage.postgres.deploy` are +enabled, the corresponding top-level `redis`, `mariadb` or `postgresql` sections must be configured. + ## Secret The secret section defines how the secret values are added to Authelia. All values that can be a secret are forced as diff --git a/charts/authelia/values.yaml b/charts/authelia/values.yaml index e768d78..d8e5210 100644 --- a/charts/authelia/values.yaml +++ b/charts/authelia/values.yaml @@ -1160,6 +1160,7 @@ configMap: ## The redis connection details redis: enabled: false + deploy: false enabledSecret: false host: 'redis.databases.svc.cluster.local' port: 6379 @@ -1319,6 +1320,7 @@ configMap: ## mysql: enabled: false + deploy: false address: 'tcp://mysql.databases.svc.cluster.local:3306' timeout: '5 seconds' database: 'authelia' @@ -1364,6 +1366,7 @@ configMap: ## postgres: enabled: false + deploy: false address: 'tcp://postgres.databases.svc.cluster.local:5432' timeout: '5 seconds' database: 'authelia' @@ -1859,4 +1862,71 @@ persistence: size: '100Mi' selector: {} -... + +# -- Configure mariadb database subchart under this key. +# This will be deployed when storage.mysql.deploy is set to true +# Currently settings need to be manually copied from here to the storage.mysql section +# For more options see [mariadb chart documentation](https://github.com/bitnami/charts/tree/master/bitnami/mariadb) +mariadb: + architecture: standalone + auth: + database: authelia + username: authelia + password: authelia + rootPassword: authelia + primary: + resources: {} + persistence: + enabled: false + size: 1Gi + # storageClass: "" + +# -- Configure postgresql database subchart under this key. +# This will be deployed when storage.postgres.deploy is set to true +# Currently settings need to be manually copied from here to the storage.postgres section +# For more options see [postgresql chart documentation](https://github.com/bitnami/charts/tree/master/bitnami/postgresql) +postgresql: + auth: + postgresPassword: authelia + username: authelia + password: authelia + database: authelia + primary: + persistence: + enabled: false + # storageClass: "" + size: 1Gi + resources: {} + +# -- Configure redis database subchart under this key. +# This will be deployed when session.redis.deploy is set to true +# Currently settings need to be manually copied from here to the session.redis section +# For more options see [redis chart documentation](https://github.com/bitnami/charts/tree/main/bitnami/redis) +redis: + architecture: standalone + auth: + enabled: false + sentinel: true + password: "redis" + existingSecret: "" + existingSecretPasswordKey: "" + usePasswordFiles: false + master: + resources: {} + priorityClassName: "" + persistence: + enabled: false + # storageClass: "" + accessModes: + - ReadWriteOnce + size: 1Gi + replica: + replicaCount: 3 + resources: {} + priorityClassName: "" + persistence: + enabled: false + # storageClass: "" + accessModes: + - ReadWriteOnce + size: 1Gi