diff --git a/Chart.yaml b/Chart.yaml index 38b28ec..9dfb758 100644 --- a/Chart.yaml +++ b/Chart.yaml @@ -4,7 +4,7 @@ type: application # Chart version is set automatically as part of the release process version: 0.0.0 -appVersion: 2.4.3 +appVersion: 2.4.5 dependencies: - name: postgresql diff --git a/templates/console/_helpers.tpl b/templates/console/_helpers.tpl index 0daddda..9656e19 100644 --- a/templates/console/_helpers.tpl +++ b/templates/console/_helpers.tpl @@ -61,6 +61,24 @@ app.kubernetes.io/component: console value: {{ . | quote }} {{- end }} +{{- if .rotorAuthKeyFrom }} +- name: ROTOR_AUTH_KEY + valueFrom: + {{- toYaml .rotorAuthKeyFrom | nindent 4 }} +{{- else }} +{{- if and (not .rotorAuthKey) $.Values.rotor.enabled $.Values.tokenGenerator.enabled }} +- name: ROTOR_AUTH_KEY + valueFrom: + secretKeyRef: + name: {{ include "jitsu.fullname" $ }}-tokens + key: rotorAuthToken +{{- end }} +{{- with .rotorAuthKey }} +- name: ROTOR_AUTH_KEY + value: {{ . | quote }} +{{- end }} +{{- end }} + {{- if and (not .ingestHost) (not $.Values.config.ingestHost) $.Values.ingest.enabled }} - name: INGEST_HOST value: {{ $.Values.ingest.config.dataDomain | default (printf "%s-ingest" (include "jitsu.fullname" $)) | quote }} diff --git a/templates/ingest/_helpers.tpl b/templates/ingest/_helpers.tpl index ffb75b4..c5c98b6 100644 --- a/templates/ingest/_helpers.tpl +++ b/templates/ingest/_helpers.tpl @@ -162,6 +162,24 @@ app.kubernetes.io/component: ingest value: {{ . | quote }} {{- end }} +{{- if .rotorAuthKeyFrom }} +- name: INGEST_ROTOR_AUTH_KEY + valueFrom: + {{- toYaml .rotorAuthKeyFrom | nindent 4 }} +{{- else }} +{{- if and (not .rotorAuthKey) $.Values.rotor.enabled $.Values.tokenGenerator.enabled }} +- name: INGEST_ROTOR_AUTH_KEY + valueFrom: + secretKeyRef: + name: {{ include "jitsu.fullname" $ }}-tokens + key: rotorAuthToken +{{- end }} +{{- with .rotorAuthKey }} +- name: INGEST_ROTOR_AUTH_KEY + value: {{ . | quote }} +{{- end }} +{{- end }} + {{- with .eventsLogMaxSize }} - name: INGEST_EVENTS_LOG_MAX_SIZE value: {{ . | quote }} diff --git a/templates/rotor/_helpers.tpl b/templates/rotor/_helpers.tpl index cc773db..f3214aa 100644 --- a/templates/rotor/_helpers.tpl +++ b/templates/rotor/_helpers.tpl @@ -37,6 +37,42 @@ app.kubernetes.io/component: rotor value: {{ . | quote }} {{- end }} +{{- if .authTokensFrom }} +- name: ROTOR_AUTH_TOKENS + valueFrom: + {{- toYaml .authTokensFrom | nindent 4 }} +{{- else }} +{{- if and (not .authTokens) $.Values.tokenGenerator.enabled }} +- name: ROTOR_AUTH_TOKENS + valueFrom: + secretKeyRef: + name: {{ include "jitsu.fullname" $ }}-tokens + key: rotorAuthTokens +{{- end }} +{{- with .authTokens}} +- name: ROTOR_AUTH_TOKENS + value: {{ . | quote }} +{{- end }} +{{- end }} + +{{- if .tokenSecretFrom }} +- name: ROTOR_TOKEN_SECRET + valueFrom: + {{- toYaml .tokenSecretFrom | nindent 4 }} +{{- else }} +{{- if and (not .tokenSecret) $.Values.tokenGenerator.enabled }} +- name: ROTOR_TOKEN_SECRET + valueFrom: + secretKeyRef: + name: {{ include "jitsu.fullname" $ }}-tokens + key: rotorTokenSecret +{{- end }} +{{- with .tokenSecret }} +- name: ROTOR_TOKEN_SECRET + value: {{ . | quote }} +{{- end }} +{{- end }} + {{- if .repositoryAuthTokenFrom }} - name: REPOSITORY_AUTH_TOKEN valueFrom: diff --git a/templates/token-generator/job.yaml b/templates/token-generator/job.yaml index 30fc3e7..d4a2207 100644 --- a/templates/token-generator/job.yaml +++ b/templates/token-generator/job.yaml @@ -69,29 +69,29 @@ spec: secret="$3" echo -n "$token$salt$secret" | sha512sum | awk '{print $1}' | tr -d '\n' } - base64_hash_token() { - hex_hash_token "$@" | xxd -r -p | base64 -w 0 | tr -d '=' - } globalHashSecret=$(random_string $SECRET_LENGTH) ingestTokenSecret=$(random_string $SECRET_LENGTH) bulkerTokenSecret=$(random_string $SECRET_LENGTH) syncctlTokenSecret=$(random_string $SECRET_LENGTH) + rotorTokenSecret=$(random_string $SECRET_LENGTH) consoleAuthToken=$(random_string $TOKEN_LENGTH) ingestAuthToken=$(random_string $TOKEN_LENGTH) bulkerAuthToken=$(random_string $TOKEN_LENGTH) syncctlAuthToken=$(random_string $TOKEN_LENGTH) + rotorAuthToken=$(random_string $TOKEN_LENGTH) consoleAuthTokenSalt=$(random_string $SALT_LENGTH) ingestAuthTokenSalt=$(random_string $SALT_LENGTH) bulkerAuthTokenSalt=$(random_string $SALT_LENGTH) syncctlAuthTokenSalt=$(random_string $SALT_LENGTH) + rotorAuthTokenSalt=$(random_string $SALT_LENGTH) - ingestAuthTokens="$ingestAuthTokenSalt.$(base64_hash_token $ingestAuthToken $ingestAuthTokenSalt $ingestTokenSecret)" - bulkerAuthTokens="$bulkerAuthTokenSalt.$(base64_hash_token $bulkerAuthToken $bulkerAuthTokenSalt $bulkerTokenSecret)" - syncctlAuthTokens="$syncctlAuthTokenSalt.$(base64_hash_token $syncctlAuthToken $syncctlAuthTokenSalt $syncctlTokenSecret)" - + ingestAuthTokens="$ingestAuthTokenSalt.$(hex_hash_token $ingestAuthToken $ingestAuthTokenSalt $ingestTokenSecret)" + bulkerAuthTokens="$bulkerAuthTokenSalt.$(hex_hash_token $bulkerAuthToken $bulkerAuthTokenSalt $bulkerTokenSecret)" + syncctlAuthTokens="$syncctlAuthTokenSalt.$(hex_hash_token $syncctlAuthToken $syncctlAuthTokenSalt $syncctlTokenSecret)" consoleAuthTokens="$consoleAuthTokenSalt.$(hex_hash_token $consoleAuthToken $consoleAuthTokenSalt $globalHashSecret)" + rotorAuthTokens="$rotorAuthTokenSalt.$(hex_hash_token $rotorAuthToken $rotorAuthTokenSalt $globalHashSecret)" kubectl apply -f- <