From 786429089676d500dd43ff46bf17809bb31468fa Mon Sep 17 00:00:00 2001 From: Huw Ayling-Miller Date: Wed, 15 Nov 2023 21:54:06 +0000 Subject: [PATCH] Support groups without password authentication --- charts/trino/templates/configmap-coordinator.yaml | 2 +- charts/trino/templates/deployment-coordinator.yaml | 12 +++++++----- charts/trino/templates/secret.yaml | 10 +++++----- 3 files changed, 13 insertions(+), 11 deletions(-) diff --git a/charts/trino/templates/configmap-coordinator.yaml b/charts/trino/templates/configmap-coordinator.yaml index f85ee2ed..bb8680e5 100644 --- a/charts/trino/templates/configmap-coordinator.yaml +++ b/charts/trino/templates/configmap-coordinator.yaml @@ -103,6 +103,7 @@ data: password-authenticator.properties: | password-authenticator.name=file file.password-file={{ .Values.server.config.path }}/auth/password.db + {{- end }} {{- if .Values.auth.groups }} group-provider.properties: | group-provider.name=file @@ -111,7 +112,6 @@ data: file.refresh-period={{ .Values.auth.refreshPeriod }} {{- end }} {{- end }} - {{- end }} {{ if .Values.eventListenerProperties }} event-listener.properties: | diff --git a/charts/trino/templates/deployment-coordinator.yaml b/charts/trino/templates/deployment-coordinator.yaml index 0dec6dd9..157de2d0 100644 --- a/charts/trino/templates/deployment-coordinator.yaml +++ b/charts/trino/templates/deployment-coordinator.yaml @@ -63,17 +63,19 @@ spec: configMap: name: trino-resource-groups-volume-coordinator {{- end }} - {{- if contains "PASSWORD" .Values.server.config.authenticationType }} - - name: password-volume + {{- if or .Values.auth.passwordAuth .Values.auth.groups }} + - name: file-authentication-volume secret: {{- if and .Values.auth .Values.auth.passwordAuthSecret }} secretName: {{ .Values.auth.passwordAuthSecret }} {{- else }} - secretName: trino-password-authentication + secretName: trino-file-authentication {{- end }} items: + {{- if .Values.auth.passwordAuth }} - key: password.db path: password.db + {{- end }} {{- if .Values.auth.groups }} - key: group.db path: group.db @@ -129,9 +131,9 @@ spec: - name: {{ .name }} mountPath: {{ .path }} {{- end }} - {{- if contains "PASSWORD" .Values.server.config.authenticationType }} + {{- if or .Values.auth.passwordAuth .Values.auth.groups }} - mountPath: {{ .Values.server.config.path }}/auth - name: password-volume + name: file-authentication-volume {{- end }} {{- with .Values.coordinator.additionalVolumeMounts }} {{- . | toYaml | nindent 12 }} diff --git a/charts/trino/templates/secret.yaml b/charts/trino/templates/secret.yaml index ad52d39e..754353a5 100644 --- a/charts/trino/templates/secret.yaml +++ b/charts/trino/templates/secret.yaml @@ -1,19 +1,19 @@ -{{- if contains "PASSWORD" .Values.server.config.authenticationType }} -{{- if .Values.auth.passwordAuth -}} +{{- if or .Values.auth.passwordAuth .Values.auth.groups }} apiVersion: v1 kind: Secret metadata: {{- if and .Values.auth .Values.auth.passwordAuthSecret }} name: {{ .Values.auth.passwordAuthSecret }} {{- else }} - name: trino-password-authentication + name: trino-file-authentication {{- end }} labels: {{- include "trino.labels" . | nindent 4 }} data: +{{- if .Values.auth.passwordAuth }} password.db: {{ .Values.auth.passwordAuth | b64enc }} - {{- if .Values.auth.groups}} +{{- end }} +{{- if .Values.auth.groups}} group.db: {{ .Values.auth.groups | b64enc }} - {{- end }} {{- end }} {{- end }}