Skip to content

Commit

Permalink
Merge branch 'main' into bug/servicemonitor-tlsconfig
Browse files Browse the repository at this point in the history
  • Loading branch information
pierluigilenoci authored Apr 30, 2024
2 parents 79cbaf0 + c1921fe commit c992aa9
Show file tree
Hide file tree
Showing 5 changed files with 92 additions and 9 deletions.
2 changes: 1 addition & 1 deletion helm/oauth2-proxy/Chart.yaml
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
name: oauth2-proxy
version: 7.4.2
version: 7.5.1
apiVersion: v2
appVersion: 7.6.0
home: https://oauth2-proxy.github.io/oauth2-proxy/
Expand Down
52 changes: 52 additions & 0 deletions helm/oauth2-proxy/scripts/check-redis.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,52 @@
#!/bin/sh

RETRY_INTERVAL=5 # Interval between retries in seconds
elapsed=0 # Elapsed time

check_redis() {
host=$1
port=$2
while [ $elapsed -lt $TOTAL_RETRY_TIME ]; do
echo "Checking Redis at $host:$port... Elapsed time: ${elapsed}s"
if nc -z -w1 $TIMEOUT $host $port > /dev/null 2>&1; then
echo "Redis is up at $host:$port!"
return 0
else
echo "Redis is down at $host:$port. Retrying in $RETRY_INTERVAL seconds."
sleep $RETRY_INTERVAL
elapsed=$((elapsed + RETRY_INTERVAL))
fi
done
echo "Failed to connect to Redis at $host:$port after $TOTAL_RETRY_TIME seconds."
return 1
}

# For parsing and checking connections
parse_and_check() {
url=$1
clean_url=${url#redis://}
host=$(echo $clean_url | cut -d':' -f1)
port=$(echo $clean_url | cut -d':' -f2)
check_redis $host $port
}

# Main
if [ "$OAUTH2_PROXY_REDIS_USE_CLUSTER" = "true" ]; then
echo "Checking Redis in cluster mode..."
echo "$OAUTH2_PROXY_REDIS_CLUSTER_CONNECTION_URLS" | tr ',' '\n' | while read -r addr; do
parse_and_check $addr || exit 1
done
elif [ "$OAUTH2_PROXY_REDIS_USE_SENTINEL" = "true" ]; then
echo "Checking Redis in sentinel mode..."
echo "$OAUTH2_PROXY_REDIS_SENTINEL_CONNECTION_URLS" | tr ',' '\n' | while read -r addr; do
parse_and_check $addr || exit 1
done
elif [ -n "$OAUTH2_PROXY_REDIS_CONNECTION_URL" ]; then
echo "Checking standalone Redis..."
parse_and_check "$OAUTH2_PROXY_REDIS_CONNECTION_URL" || exit 1
else
echo "Redis configuration not specified."
exit 1
fi

echo "Redis check completed."
13 changes: 13 additions & 0 deletions helm/oauth2-proxy/templates/configmap-wait-for-redis.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
{{- if and .Values.redis.enabled .Values.initContainers.waitForRedis.enabled }}
apiVersion: v1
kind: ConfigMap
metadata:
labels:
app: {{ template "oauth2-proxy.name" . }}
{{- include "oauth2-proxy.labels" . | indent 4 }}
name: {{ template "oauth2-proxy.fullname" . }}-wait-for-redis
namespace: {{ template "oauth2-proxy.namespace" $ }}
data:
check-redis.sh: |
{{ .Files.Get "scripts/check-redis.sh" | indent 4 }}
{{- end }}
31 changes: 24 additions & 7 deletions helm/oauth2-proxy/templates/deployment.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -62,20 +62,32 @@ spec:
{{- if and .Values.redis.enabled .Values.initContainers.waitForRedis.enabled }}
initContainers:
- name: wait-for-redis
image: "{{ .Values.initContainers.waitForRedis.image.repository }}:{{ include "kubectl.version" . }}"
image: "{{ .Values.initContainers.waitForRedis.image.repository }}:{{ .Values.initContainers.waitForRedis.image.tag }}"
imagePullPolicy: {{ .Values.initContainers.waitForRedis.image.pullPolicy }}
args:
- wait
- pod/{{ include "oauth2-proxy.redis.fullname" . }}-master-0
- --for=condition=ready
- --timeout={{ .Values.initContainers.waitForRedis.timeout }}s
command: ["/bin/sh", "-c", "/scripts/check-redis.sh"]
env:
- name: TOTAL_RETRY_TIME
value: "{{ .Values.initContainers.waitForRedis.timeout }}"
{{- if eq (default "" .Values.sessionStorage.redis.clientType) "standalone" }}
- name: OAUTH2_PROXY_REDIS_CONNECTION_URL
value: {{ include "oauth2-proxy.redis.StandaloneUrl" . }}
{{- else if eq (default "" .Values.sessionStorage.redis.clientType) "cluster" }}
- name: OAUTH2_PROXY_REDIS_CLUSTER_CONNECTION_URLS
value: {{ .Values.sessionStorage.redis.cluster.connectionUrls }}
{{- else if eq (default "" .Values.sessionStorage.redis.clientType) "sentinel" }}
- name: OAUTH2_PROXY_REDIS_SENTINEL_CONNECTION_URLS
value: {{ .Values.sessionStorage.redis.sentinel.connectionUrls }}
{{- end }}
{{- if .Values.initContainers.waitForRedis.securityContext.enabled }}
{{- $securityContext := unset .Values.initContainers.waitForRedis.securityContext "enabled" }}
securityContext:
{{- toYaml $securityContext | nindent 10 }}
{{- end }}
resources:
{{- toYaml .Values.initContainers.waitForRedis.resources | nindent 10 }}
volumeMounts:
- name: redis-script
mountPath: /scripts
{{- end }}
{{- if .Values.terminationGracePeriodSeconds }}
terminationGracePeriodSeconds: {{ .Values.terminationGracePeriodSeconds }}
Expand Down Expand Up @@ -319,7 +331,12 @@ spec:
secretName: {{ template "oauth2-proxy.fullname" . }}-accesslist
{{- end }}
{{- end }}

{{- if and .Values.redis.enabled .Values.initContainers.waitForRedis.enabled }}
- name: redis-script
configMap:
name: {{ template "oauth2-proxy.fullname" . }}-wait-for-redis
defaultMode: 0775
{{- end }}
{{- if or .Values.config.existingConfig .Values.config.configFile }}
- configMap:
defaultMode: 420
Expand Down
3 changes: 2 additions & 1 deletion helm/oauth2-proxy/values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -279,7 +279,8 @@ initContainers:
waitForRedis:
enabled: true
image:
repository: "docker.io/bitnami/kubectl"
repository: "alpine"
tag: "latest"
pullPolicy: "IfNotPresent"
# uses the kubernetes version of the cluster
# the chart is deployed on, if not set
Expand Down

0 comments on commit c992aa9

Please sign in to comment.