diff --git a/src/main/helm/templates/_helpers.tpl b/src/main/helm/templates/_helpers.tpl
index 35797e518111a96685b6f6af018c73ac614727df..53a775b626703177f6bc12b46b269ccfefc6f601 100644
--- a/src/main/helm/templates/_helpers.tpl
+++ b/src/main/helm/templates/_helpers.tpl
@@ -57,6 +57,14 @@ app.kubernetes.io/namespace: {{ include "app.namespace" . }}
{{ printf "dns:///%s.%s:9000" ( coalesce .Values.usermanagerName "user-manager" ) .Release.Namespace }}
{{- end -}}
+{{- define "app.zufiNamespace" -}}
+{{ printf "%s" ( required "zufiManager.namespace must be set if zufiManager server is enabled" (.Values.zufiManager).namespace ) }}
+{{- end -}}
+
+{{- define "app.grpc_client_zufi-server_address" -}}
+{{ printf "dns:///%s.%s:9090" .Values.zufiManager.serverName (include "app.zufiNamespace" . ) }}
+{{- end -}}
+
{{- define "app.spring_cloud_config_administration_address" -}}
{{ printf "http://%s.%s:8080" ( coalesce .Values.administrationName "administration" ) .Release.Namespace }}
{{- end -}}
diff --git a/src/main/helm/templates/deployment.yaml b/src/main/helm/templates/deployment.yaml
index 585408d9e599665f5ac4777b117051c601ebeaec..7cfecb33d7d6dbfe55906ca218de7ceced1171b6 100644
--- a/src/main/helm/templates/deployment.yaml
+++ b/src/main/helm/templates/deployment.yaml
@@ -111,10 +111,12 @@ spec:
value: {{ ((.Values.ozgcloud).xdomea).behoerdenschluesselVersion | quote }}
- name: ozgcloud_administration_address
value: {{ include "app.spring_cloud_config_administration_address" . }}
+{{- if ((.Values.ozgcloud).feature).collaborationEnabled }}
- name: grpc_client_zufi-manager_address
- value: {{ .Values.zufiManager.address }}
+ value: {{ include "app.grpc_client_zufi-server_address" . }}
- name: grpc_client_zufi-manager_negotiationType
value: {{ (.Values.zufiManager).grpcClientNegotiationType | default "TLS" }}
+{{- end }}
{{- if ((.Values.ozgcloud).feature).collaborationEnabled }}
- name: ozgcloud_feature_collaborationEnabled
value: {{ ((.Values.ozgcloud).feature).collaborationEnabled | quote }}
diff --git a/src/main/helm/templates/network_policy.yaml b/src/main/helm/templates/network_policy.yaml
index fe9816c1f6700cc2b82b051eaa6c9741fd51a725..8f558946e49035324a0068b99aab7ac8f296f632 100644
--- a/src/main/helm/templates/network_policy.yaml
+++ b/src/main/helm/templates/network_policy.yaml
@@ -32,10 +32,10 @@ spec:
- to:
- namespaceSelector:
matchLabels:
- kubernetes.io/metadata.name: {{ required "zufiManager.namespace must be set if zufiManager server is enabled" (.Values.zufiManager).namespace }}
+ kubernetes.io/metadata.name: {{ include "app.zufiNamespace" . }}
podSelector:
matchLabels:
- component: zufi-server
+ component: {{ .Values.zufiManager.serverName }}
ports:
- port: 9090
protocol: TCP
diff --git a/src/main/helm/values.yaml b/src/main/helm/values.yaml
index 1a13c1ebe2980adc97be000d735850ee5d59b900..f096912a363c18e1a932ffcc91401255a5366b6a 100644
--- a/src/main/helm/values.yaml
+++ b/src/main/helm/values.yaml
@@ -32,7 +32,7 @@ replicaCount: 2 # [default: 2]
usermanagerName: user-manager
zufiManager:
- address: zufi-server.zufi:9090
+ serverName: zufi-server
# env:
# overrideSpringProfiles: "oc,prod"
diff --git a/src/test/helm-linter-values.yaml b/src/test/helm-linter-values.yaml
index 18f72b2662390d78c5e547e1f7b90d403f8edf7d..dfedd1cef582ee212952e2aad0956276987cf067 100644
--- a/src/test/helm-linter-values.yaml
+++ b/src/test/helm-linter-values.yaml
@@ -39,4 +39,4 @@ sso:
imagePullSecret: image-pull-secret
zufiManager:
- address: https://url.url
\ No newline at end of file
+ namespace: namespace
diff --git a/src/test/helm/deployment_collaboration_env_test.yaml b/src/test/helm/deployment_collaboration_env_test.yaml
index 4cb772d0ee55c2dc51d332ecf415bc1526e2b8b2..3ff97ead8c9484c7b448c2f6b8b176c7f0f04620 100644
--- a/src/test/helm/deployment_collaboration_env_test.yaml
+++ b/src/test/helm/deployment_collaboration_env_test.yaml
@@ -14,18 +14,30 @@ set:
serverUrl: https://sso.company.local
imagePullSecret: image-pull-secret
tests:
- - it: should have set zufi server address
+ - it: should set zufi server address
set:
zufiManager:
- address: url://url.url
+ namespace: namespace
+ ozgcloud:
+ feature:
+ collaborationEnabled: true
asserts:
- contains:
path: spec.template.spec.containers[0].env
content:
name: grpc_client_zufi-manager_address
- value: url://url.url
+ value: dns:///zufi-server.namespace:9090
+ - it: should not set zufi server address
+ asserts:
+ - notContains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: grpc_client_zufi-manager_address
+ any: true
- it: should enable collaboration
set:
+ zufiManager:
+ namespace: namespace
ozgcloud:
feature:
collaborationEnabled: true
@@ -36,10 +48,6 @@ tests:
name: ozgcloud_feature_collaborationEnabled
value: "true"
- it: should not enable collaboration
- set:
- ozgcloud:
- feature:
- collaborationEnabled: false
asserts:
- notContains:
path: spec.template.spec.containers[0].env
@@ -49,7 +57,11 @@ tests:
- it: should set negotiation type
set:
zufiManager:
+ namespace: namespace
grpcClientNegotiationType: PLAINTEXT
+ ozgcloud:
+ feature:
+ collaborationEnabled: true
asserts:
- contains:
path: spec.template.spec.containers[0].env
@@ -58,9 +70,21 @@ tests:
value: PLAINTEXT
- it: negotiation type is TLS in standard
set:
+ zufiManager:
+ namespace: namespace
+ ozgcloud:
+ feature:
+ collaborationEnabled: true
asserts:
- contains:
path: spec.template.spec.containers[0].env
content:
name: grpc_client_zufi-manager_negotiationType
- value: TLS
\ No newline at end of file
+ value: TLS
+ - it: should not set negotiation type
+ asserts:
+ - notContains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: grpc_client_zufi-manager_negotiationType
+ any: true