Skip to content

Commit ecf7530

Browse files
authored
Sort envs in templates (#2029)
* Sort environment variables in deployment.yaml for broker configuration * Workflow * Fix sorting of environment variables in deployment.yaml * Enhance environment variable sorting validation in deployment.yaml * Fix environment variable sorting validation in KEB integration tests workflow * Enforce locale setting for environment variable sorting in KEB integration tests * Fix environment variable sorting to enforce case-insensitive order in deployment.yaml * Fix environment variable sorting to ensure case-insensitive order in KEB integration tests * Fix environment variable sorting to ensure case-insensitive order in KEB integration tests * Make a mess * Fix * Enhance environment variable management in KEB templates by enforcing alphabetical order across multiple YAML files and updating variable definitions for clarity and consistency. * Enforce alphabetical order for environment variables in additional KEB YAML files * Refactor environment variable definitions in KEB templates for consistency and clarity * Refactor DATABASE_EMBEDDED environment variable handling in migrator-job.yaml for improved clarity and maintainability * Fix path in environment variable sorting checks for trial-cleanup-job.yaml, deprovision-retrigger-job.yaml, free-cleanup-job.yaml, and keb-db-job.yaml * Remove alphabetical order enforcement for environment variables in keb-db-job.yaml from integration tests * Remove enforcement of alphabetical order for environment variables in subaccount-cleanup-job.yaml * Refactor environment variable definitions in globalaccounts.yaml and subaccount-sync-deployment.yaml for improved clarity and consistency * Refactor environment variable definitions in migrator-job.yaml for improved clarity and consistency * Remove cronJobs section from values.yaml * Refactor environment variable sorting checks in KEB chart integration tests to use a dedicated script * Change file permissions for check_env_alphabetical_order.sh to make it executable * Sort
1 parent bd39f25 commit ecf7530

14 files changed

+439
-592
lines changed

.github/workflows/run-keb-chart-integration-tests-reusable.yaml

Lines changed: 28 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -36,7 +36,34 @@ jobs:
3636
run: |
3737
cd resources/keb
3838
helm template .
39-
39+
40+
- name: Enforce env alphabetical order in deployment.yaml (KEB)
41+
run: scripts/check_env_alphabetical_order.sh resources/keb/templates/deployment.yaml deployment_KEB ports
42+
43+
- name: Enforce env alphabetical order in runtime-reconciler-deployment.yaml
44+
run: scripts/check_env_alphabetical_order.sh resources/keb/templates/runtime-reconciler-deployment.yaml runtime_reconciler
45+
46+
- name: Enforce env alphabetical order in trial-cleanup-job.yaml
47+
run: scripts/check_env_alphabetical_order.sh resources/keb/templates/trial-cleanup-job.yaml trial_cleanup
48+
49+
- name: Enforce env alphabetical order in deprovision-retrigger-job.yaml
50+
run: scripts/check_env_alphabetical_order.sh resources/keb/templates/deprovision-retrigger-job.yaml deprovision_retrigger
51+
52+
- name: Enforce env alphabetical order in free-cleanup-job.yaml
53+
run: scripts/check_env_alphabetical_order.sh resources/keb/templates/free-cleanup-job.yaml free_cleanup
54+
55+
- name: Enforce env alphabetical order in service-binding-cleanup-job.yaml
56+
run: scripts/check_env_alphabetical_order.sh resources/keb/templates/service-binding-cleanup-job.yaml service_binding_cleanup
57+
58+
- name: Enforce env alphabetical order in globalaccounts.yaml
59+
run: scripts/check_env_alphabetical_order.sh resources/keb/templates/globalaccounts.yaml globalaccounts
60+
61+
- name: Enforce env alphabetical order in subaccount-sync-deployment.yaml
62+
run: scripts/check_env_alphabetical_order.sh resources/keb/templates/subaccount-sync-deployment.yaml subaccount_sync
63+
64+
- name: Enforce env alphabetical order in migrator-job.yaml
65+
run: scripts/check_env_alphabetical_order.sh resources/keb/templates/migrator-job.yaml migrator_job
66+
4067
prepare-tests:
4168
runs-on: ubuntu-latest
4269
needs: validate-keb-helm-chart

resources/keb/templates/deployment.yaml

Lines changed: 133 additions & 133 deletions
Large diffs are not rendered by default.

resources/keb/templates/deprovision-retrigger-job.yaml

Lines changed: 21 additions & 27 deletions
Original file line numberDiff line numberDiff line change
@@ -24,57 +24,51 @@ spec:
2424
containers:
2525
- image: "{{ .Values.global.images.container_registry.path }}/{{ .Values.global.images.kyma_environment_deprovision_retrigger_job.dir }}kyma-environment-deprovision-retrigger-job:{{ .Values.global.images.kyma_environment_deprovision_retrigger_job.version }}"
2626
name: deprovision-retrigger-job
27-
env:
28-
{{if eq .Values.global.database.embedded.enabled true}}
29-
- name: DATABASE_EMBEDDED
30-
value: "true"
31-
{{end}}
32-
{{if eq .Values.global.database.embedded.enabled false}}
33-
- name: DATABASE_EMBEDDED
34-
value: "false"
35-
{{end}}
36-
- name: APP_DRY_RUN
37-
value: "{{ .Values.deprovisionRetrigger.dryRun }}"
38-
- name: APP_DATABASE_SECRET_KEY
27+
env:
28+
- name: APP_BROKER_URL
29+
value: "http://{{ include "kyma-env-broker.fullname" . }}"
30+
- name: APP_DATABASE_HOST
3931
valueFrom:
4032
secretKeyRef:
41-
name: "{{ .Values.global.database.managedGCP.encryptionSecretName }}"
42-
key: secretKey
43-
optional: true
44-
- name: APP_DATABASE_USER
33+
name: kcp-postgresql
34+
key: postgresql-serviceName
35+
- name: APP_DATABASE_NAME
4536
valueFrom:
4637
secretKeyRef:
4738
name: kcp-postgresql
48-
key: postgresql-broker-username
39+
key: postgresql-broker-db-name
4940
- name: APP_DATABASE_PASSWORD
5041
valueFrom:
5142
secretKeyRef:
5243
name: kcp-postgresql
5344
key: postgresql-broker-password
54-
- name: APP_DATABASE_HOST
55-
valueFrom:
56-
secretKeyRef:
57-
name: kcp-postgresql
58-
key: postgresql-serviceName
5945
- name: APP_DATABASE_PORT
6046
valueFrom:
6147
secretKeyRef:
6248
name: kcp-postgresql
6349
key: postgresql-servicePort
64-
- name: APP_DATABASE_NAME
50+
- name: APP_DATABASE_SECRET_KEY
6551
valueFrom:
6652
secretKeyRef:
67-
name: kcp-postgresql
68-
key: postgresql-broker-db-name
53+
name: "{{ .Values.global.database.managedGCP.encryptionSecretName }}"
54+
key: secretKey
55+
optional: true
6956
- name: APP_DATABASE_SSLMODE
7057
valueFrom:
7158
secretKeyRef:
7259
name: kcp-postgresql
7360
key: postgresql-sslMode
7461
- name: APP_DATABASE_SSLROOTCERT
7562
value: /secrets/cloudsql-sslrootcert/server-ca.pem
76-
- name: APP_BROKER_URL
77-
value: "http://{{ include "kyma-env-broker.fullname" . }}"
63+
- name: APP_DATABASE_USER
64+
valueFrom:
65+
secretKeyRef:
66+
name: kcp-postgresql
67+
key: postgresql-broker-username
68+
- name: APP_DRY_RUN
69+
value: "{{ .Values.deprovisionRetrigger.dryRun }}"
70+
- name: DATABASE_EMBEDDED
71+
value: "{{ .Values.global.database.embedded.enabled }}"
7872
command:
7973
- "/bin/main"
8074
volumeMounts:

resources/keb/templates/free-cleanup-job.yaml

Lines changed: 24 additions & 30 deletions
Original file line numberDiff line numberDiff line change
@@ -25,64 +25,58 @@ spec:
2525
- image: "{{ .Values.global.images.container_registry.path }}/{{ .Values.global.images.kyma_environment_expirator_job.dir }}kyma-environment-expirator-job:{{ .Values.global.images.kyma_environment_expirator_job.version }}"
2626
name: free-cleanup-job
2727
env:
28-
{{if eq .Values.global.database.embedded.enabled true}}
29-
- name: DATABASE_EMBEDDED
30-
value: "true"
31-
{{end}}
32-
{{if eq .Values.global.database.embedded.enabled false}}
33-
- name: DATABASE_EMBEDDED
34-
value: "false"
35-
{{end}}
36-
- name: APP_DRY_RUN
37-
value: "{{ .Values.freeCleanup.dryRun }}"
38-
- name: APP_EXPIRATION_PERIOD
39-
value: "{{ .Values.freeCleanup.expirationPeriod }}"
40-
- name: APP_DATABASE_SECRET_KEY
28+
- name: APP_BROKER_URL
29+
value: "http://{{ include "kyma-env-broker.fullname" . }}"
30+
- name: APP_DATABASE_HOST
4131
valueFrom:
4232
secretKeyRef:
43-
name: "{{ .Values.global.database.managedGCP.encryptionSecretName }}"
44-
key: secretKey
45-
optional: true
46-
- name: APP_DATABASE_USER
33+
name: kcp-postgresql
34+
key: postgresql-serviceName
35+
- name: APP_DATABASE_NAME
4736
valueFrom:
4837
secretKeyRef:
4938
name: kcp-postgresql
50-
key: postgresql-broker-username
39+
key: postgresql-broker-db-name
5140
- name: APP_DATABASE_PASSWORD
5241
valueFrom:
5342
secretKeyRef:
5443
name: kcp-postgresql
5544
key: postgresql-broker-password
56-
- name: APP_DATABASE_HOST
57-
valueFrom:
58-
secretKeyRef:
59-
name: kcp-postgresql
60-
key: postgresql-serviceName
6145
- name: APP_DATABASE_PORT
6246
valueFrom:
6347
secretKeyRef:
6448
name: kcp-postgresql
6549
key: postgresql-servicePort
66-
- name: APP_DATABASE_NAME
50+
- name: APP_DATABASE_SECRET_KEY
6751
valueFrom:
6852
secretKeyRef:
69-
name: kcp-postgresql
70-
key: postgresql-broker-db-name
53+
name: "{{ .Values.global.database.managedGCP.encryptionSecretName }}"
54+
key: secretKey
55+
optional: true
7156
- name: APP_DATABASE_SSLMODE
7257
valueFrom:
7358
secretKeyRef:
7459
name: kcp-postgresql
7560
key: postgresql-sslMode
7661
- name: APP_DATABASE_SSLROOTCERT
7762
value: /secrets/cloudsql-sslrootcert/server-ca.pem
78-
- name: APP_BROKER_URL
79-
value: "http://{{ include "kyma-env-broker.fullname" . }}"
63+
- name: APP_DATABASE_USER
64+
valueFrom:
65+
secretKeyRef:
66+
name: kcp-postgresql
67+
key: postgresql-broker-username
68+
- name: APP_DRY_RUN
69+
value: "{{ .Values.freeCleanup.dryRun }}"
70+
- name: APP_EXPIRATION_PERIOD
71+
value: "{{ .Values.freeCleanup.expirationPeriod }}"
72+
- name: APP_PLAN_ID
73+
value: "b1a5764e-2ea1-4f95-94c0-2b4538b37b55"
8074
- name: APP_TEST_RUN
8175
value: "{{ .Values.freeCleanup.testRun }}"
8276
- name: APP_TEST_SUBACCOUNT_ID
8377
value: "{{ .Values.freeCleanup.testSubaccountID }}"
84-
- name: APP_PLAN_ID
85-
value: "b1a5764e-2ea1-4f95-94c0-2b4538b37b55"
78+
- name: DATABASE_EMBEDDED
79+
value: "{{ .Values.global.database.embedded.enabled }}"
8680
command:
8781
- "/bin/main"
8882
volumeMounts:

resources/keb/templates/globalaccounts.yaml

Lines changed: 28 additions & 29 deletions
Original file line numberDiff line numberDiff line change
@@ -30,61 +30,60 @@ spec:
3030
image: "{{ .Values.global.images.container_registry.path }}/{{ .Values.global.images.kyma_environment_broker.dir }}{{ .Values.globalaccounts.name -}}:{{ .Values.global.images.kyma_environment_globalaccounts.version }}"
3131
imagePullPolicy: Always
3232
env:
33-
- name: GLOBALACCOUNTS_DRY_RUN
34-
value: {{ .Values.globalaccounts.dryRun | quote }}
35-
- name: GLOBALACCOUNTS_DATABASE_SECRET_KEY
36-
valueFrom:
37-
secretKeyRef:
38-
name: kcp-storage-client-secret
39-
key: secretKey
40-
optional: true
41-
- name: GLOBALACCOUNTS_DATABASE_USER
33+
- name: GLOBALACCOUNTS_AUTH_URL
34+
value: {{ .Values.cis.accounts.authURL | required "please specify .Values.cis.accounts.authURL" | quote }}
35+
- name: GLOBALACCOUNTS_CLIENT_ID
4236
valueFrom:
4337
secretKeyRef:
44-
key: postgresql-broker-username
45-
name: kcp-postgresql
46-
- name: GLOBALACCOUNTS_DATABASE_PASSWORD
38+
name: {{ .Values.cis.accounts.secretName | required "please specify .Values.cis.accounts.secretName" | quote }}
39+
key: id
40+
- name: GLOBALACCOUNTS_CLIENT_SECRET
4741
valueFrom:
4842
secretKeyRef:
49-
key: postgresql-broker-password
50-
name: kcp-postgresql
43+
name: {{ .Values.cis.accounts.secretName | required "please specify .Values.cis.accounts.secretName" | quote }}
44+
key: secret
5145
- name: GLOBALACCOUNTS_DATABASE_HOST
5246
valueFrom:
5347
secretKeyRef:
5448
key: postgresql-serviceName
5549
name: kcp-postgresql
56-
- name: GLOBALACCOUNTS_DATABASE_PORT
50+
- name: GLOBALACCOUNTS_DATABASE_NAME
5751
valueFrom:
5852
secretKeyRef:
59-
key: postgresql-servicePort
53+
key: postgresql-broker-db-name
6054
name: kcp-postgresql
61-
- name: GLOBALACCOUNTS_DATABASE_NAME
55+
- name: GLOBALACCOUNTS_DATABASE_PASSWORD
6256
valueFrom:
6357
secretKeyRef:
64-
key: postgresql-broker-db-name
58+
key: postgresql-broker-password
6559
name: kcp-postgresql
66-
- name: GLOBALACCOUNTS_CLIENT_ID
60+
- name: GLOBALACCOUNTS_DATABASE_PORT
6761
valueFrom:
6862
secretKeyRef:
69-
name: {{ .Values.cis.accounts.secretName | required "please specify .Values.cis.accounts.secretName" | quote }}
70-
key: id
71-
- name: GLOBALACCOUNTS_CLIENT_SECRET
63+
key: postgresql-servicePort
64+
name: kcp-postgresql
65+
- name: GLOBALACCOUNTS_DATABASE_SECRET_KEY
7266
valueFrom:
7367
secretKeyRef:
74-
name: {{ .Values.cis.accounts.secretName | required "please specify .Values.cis.accounts.secretName" | quote }}
75-
key: secret
76-
- name: GLOBALACCOUNTS_AUTH_URL
77-
value: {{ .Values.cis.accounts.authURL | required "please specify .Values.cis.accounts.authURL" | quote }}
78-
- name: GLOBALACCOUNTS_SERVICE_URL
79-
value: {{ .Values.cis.accounts.serviceURL | required "please specify .Values.cis.accounts.serviceURL" | quote }}
68+
name: kcp-storage-client-secret
69+
key: secretKey
70+
optional: true
8071
- name: GLOBALACCOUNTS_DATABASE_SSLMODE
8172
valueFrom:
8273
secretKeyRef:
8374
key: postgresql-sslMode
8475
name: kcp-postgresql
8576
- name: GLOBALACCOUNTS_DATABASE_SSLROOTCERT
8677
value: /secrets/cloudsql-sslrootcert/server-ca.pem
87-
78+
- name: GLOBALACCOUNTS_DATABASE_USER
79+
valueFrom:
80+
secretKeyRef:
81+
key: postgresql-broker-username
82+
name: kcp-postgresql
83+
- name: GLOBALACCOUNTS_DRY_RUN
84+
value: {{ .Values.globalaccounts.dryRun | quote }}
85+
- name: GLOBALACCOUNTS_SERVICE_URL
86+
value: {{ .Values.cis.accounts.serviceURL | required "please specify .Values.cis.accounts.serviceURL" | quote }}
8887
{{- if and (eq .Values.global.database.embedded.enabled false) (eq .Values.global.database.cloudsqlproxy.enabled false)}}
8988
volumeMounts:
9089
- name: cloudsql-sslrootcert

0 commit comments

Comments
 (0)