diff --git a/templates/_utils.tpl b/templates/_utils.tpl index 170fe35..6f2cbf4 100644 --- a/templates/_utils.tpl +++ b/templates/_utils.tpl @@ -14,4 +14,20 @@ helm.sh/chart: {{ printf "%s-%s" .Chart.Name .Chart.Version | quote }} {{ include "cmak.selectorLabels" . }} {{- end -}} - +{{ define "cmak.consumerProperties" }} +{{ $default_props := dict "key.deserializer" "org.apache.kafka.common.serialization.ByteArrayDeserializer" "value.deserializer" "org.apache.kafka.common.serialization.ByteArrayDeserializer" -}} +{{ $consumer_propes := merge .Values.ui.consumerProperties $default_props -}} +{{- range $key, $val := $consumer_propes }} +{{ $key }}={{ $val -}} +{{- end }} +{{ if .Values.ui.consumerPropertiesSsl }} +{{- with .Values.ui.consumerPropertiesSsl -}} +ssl.truststore.location=/conf/ssl/truststore +ssl.truststore.type={{ .truststore.type }} +ssl.truststore.password= {{ .truststore.password }} +ssl.keystore.location=/conf/ssl/keystore +ssl.keystore.type={{ .keystore.type }} +ssl.keystore.password={{ .keystore.password }} +{{- end -}} +{{- end -}} +{{- end -}} diff --git a/templates/configmap.yaml b/templates/configmap.yaml index 94104fe..662abdc 100644 --- a/templates/configmap.yaml +++ b/templates/configmap.yaml @@ -8,3 +8,14 @@ data: clusters.yaml: |- {{- pick .Values "cmak" | toYaml | nindent 4 }} +{{ if .Values.ui.consumerProperties }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "cmak.name" . }}-consumer-properties + labels: {{ include "cmak.labels" . | nindent 4 }} +data: + consumer.properties: |- + {{- include "cmak.consumerProperties" . | nindent 4 }} +{{- end }} \ No newline at end of file diff --git a/templates/deployment.yaml b/templates/deployment.yaml index f39149f..96ea420 100644 --- a/templates/deployment.yaml +++ b/templates/deployment.yaml @@ -1,3 +1,4 @@ +{{- $nm := include "cmak.name" . -}} apiVersion: apps/v1 kind: Deployment metadata: @@ -13,6 +14,19 @@ spec: labels: {{- include "cmak.labels" . | nindent 8 }} spec: + {{- if or .Values.ui.consumerProperties .Values.ui.consumerPropertiesSsl }} + volumes: + {{- if .Values.ui.consumerProperties }} + - name: {{ $nm }}-consumer-properties + configMap: + name: {{ $nm }}-consumer-properties + {{- end -}} + {{ if .Values.ui.consumerPropertiesSsl }} + - name: {{ $nm }}-ssl + secret: + secretName: {{ include "cmak.name" . }}-ssl + {{- end -}} + {{- end }} containers: - name: zk image: {{ printf "%s/zookeeper:%s" .Values.imageRegistry .Values.zk.version | quote }} @@ -54,6 +68,11 @@ spec: {{- range .Values.ui.extraArgs }} - {{ . | quote }} {{- end }} + {{ if .Values.ui.consumerProperties }} + env: + - name: CONSUMER_PROPERTIES_FILE + value: /conf/consumer.properties + {{- end }} readinessProbe: httpGet: path: /api/health @@ -70,6 +89,18 @@ spec: initialDelaySeconds: 45 timeoutSeconds: 15 periodSeconds: 30 + {{- if or .Values.ui.consumerProperties .Values.ui.consumerPropertiesSsl }} + volumeMounts: + {{- if .Values.ui.consumerProperties }} + - name: {{ $nm }}-consumer-properties + mountPath: /conf/consumer.properties + subPath: consumer.properties + {{- end -}} + {{ if .Values.ui.consumerPropertiesSsl }} + - name: {{ $nm }}-ssl + mountPath: "/conf/ssl" + {{- end -}} + {{- end }} {{- if or (.Values.ui.resources.limits | empty | not) (.Values.ui.resources.requests | empty | not) }} resources: {{- with .Values.ui.resources.requests }} diff --git a/templates/secret.yaml b/templates/secret.yaml new file mode 100644 index 0000000..e9078e3 --- /dev/null +++ b/templates/secret.yaml @@ -0,0 +1,14 @@ +{{ if .Values.ui.consumerPropertiesSsl }} +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "cmak.name" . }}-ssl + labels: + {{- include "cmak.labels" . | nindent 4 }} +type: Opaque +data: + {{- with .Values.ui.consumerPropertiesSsl }} + truststore: {{ .truststore.value }} + keystore: {{ .keystore.value }} + {{- end -}} +{{- end -}} \ No newline at end of file diff --git a/test/linter/test.sh b/test/linter/test.sh index 9838adc..d39e937 100755 --- a/test/linter/test.sh +++ b/test/linter/test.sh @@ -2,4 +2,5 @@ helm lint . --strict helm lint . --strict -f test/linter/values-lint.yaml +helm lint . --strict -f test/linter/values-ssl.yaml helm dep up test/linter/subchart && helm lint test/linter/subchart --strict diff --git a/test/linter/values-ssl.yaml b/test/linter/values-ssl.yaml new file mode 100644 index 0000000..cd52cc5 --- /dev/null +++ b/test/linter/values-ssl.yaml @@ -0,0 +1,14 @@ +ui: + consumerProperties: + qwe: asd + + consumerPropertiesSsl: + keystore: + type: PKCS + password: test123 + value: + truststore: + type: JKS + password: test123 + value: + diff --git a/values.schema.json b/values.schema.json index 3913955..7a1ba9a 100644 --- a/values.schema.json +++ b/values.schema.json @@ -76,6 +76,27 @@ "properties": { "secret": { "type": "string", "title": "Secret name to attach to the ingress object" } } + }, + "consumerSsl": { + "type": "object", "title": "Consumer SSL configuration", "default": null, + "properties": { + "keystore": { + "type": "object", "title": "keystore configuration", + "properties": { + "type": { "type": "string" }, + "password": { "type": "string" }, + "value": { "type": "string", "description": "base64 encoded keystore" } + } + }, + "truststore": { + "type": "object", "title": "truststore configuration", + "properties": { + "type": { "type": "string" }, + "password": { "type": "string" }, + "value": { "type": "string", "description": "base64 encoded truststore" } + } + } + } } }, @@ -110,14 +131,16 @@ "clusters": { "type": "array", "title": "list of configured clusters", "items": { "$ref": "#/definitions/clusterConfig" } - } + } } }, "ui": { "type": "object", "title": "ui container k8s settings", "properties": { "extraArgs": { "type": "array", "title": "extra cmd line arguments", "items": { "type": "string" }, "default": [] }, - "resources": { "$ref": "#/definitions/resources" } + "resources": { "$ref": "#/definitions/resources" }, + "consumerProperties": { "type": "object", "title": "provide key value base pairs for consumer properties according to java docs", "default": {} }, + "consumerPropertiesSsl": { "$ref": "#/definitions/consumerSsl" } } }, "zk": { diff --git a/values.yaml b/values.yaml index 3c70c10..12a36dc 100644 --- a/values.yaml +++ b/values.yaml @@ -66,6 +66,25 @@ ui: # cpu: 100m # memory: 128Mi + # Cosumer Properties + consumerProperties: {} + # Key value pairs of values to add into consumer properties. + # default values which will be added if not specified here: + # key.deserializer: "org.apache.kafka.common.serialization.ByteArrayDeserializer" + # value.deserializer: "org.apache.kafka.common.serialization.ByteArrayDeserializer" + + # Consumer SSL configurations + consumerPropertiesSsl: {} + # keystore: + # type: PKCS + # password: test123 + # value: + # truststore: + # type: JKS + # password: test123 + # value: + + # various settings for Zookeeper container zk: version: "3.6.1"