SONAR-22113 Restore passing .Values.env from secret

* SONAR-22113 Restore passing .Values.env from secret * SONAR-22113 Restore passing .Values.env from secret * NO-JIRA Fix an extra space in the envs * SONAR-20266 adress reviewer comments --------- Co-authored-by: Valentin Delaye <jonesbusy@gmail.com> Co-authored-by: Carmine Vassallo <carmine.vassallo@sonarsource.com>
SonarSource · Apr 23, 2024 · b47225c · b47225c
1 parent b988698
commit b47225c
Show file tree

Hide file tree

Showing 9 changed files with 50 additions and 54 deletions.
diff --git a/charts/sonarqube-dce/CHANGELOG.md b/charts/sonarqube-dce/CHANGELOG.md
@@ -3,6 +3,7 @@ All changes to this chart will be documented in this file.
 
 ## [10.6.0]
 * Update Chart's version to 10.6.0
+* Fix the env-var templating when sourcing from secrets
 
 ## [10.5.0]
 * Upgrade SonarQube to 10.5.0

diff --git a/charts/sonarqube-dce/Chart.yaml b/charts/sonarqube-dce/Chart.yaml
@@ -29,6 +29,8 @@ annotations:
   artifacthub.io/changes: |
     - kind: changed
       description: "Update Chart's version to 10.6.0"
+    - kind: fixed
+      description: "Fix the env-var templating when sourcing from secrets"
   artifacthub.io/links: |
     - name: support
       url: https://community.sonarsource.com/

diff --git a/charts/sonarqube-dce/templates/sonarqube-application.yaml b/charts/sonarqube-dce/templates/sonarqube-application.yaml
@@ -230,10 +230,7 @@ spec:
           resources:
 {{ toYaml (default .Values.ApplicationNodes.resources .Values.resource) | indent 12 }}
           env:
-          {{- range (include "sonarqube.combined_app_env" . | fromJsonArray)  }}
-            - name: {{ .name }}
-              value: {{ .value | quote}}
-          {{- end }}
+          {{- (include "sonarqube.combined_app_env" . | fromJsonArray) | toYaml | trim | nindent 12 }}
             - name: SONAR_HELM_CHART_VERSION
               value: {{ .Chart.Version | replace "+" "_" }}
             - name: SONAR_LOG_JSONOUTPUT
@@ -268,13 +265,13 @@ spec:
                   name: {{ template "sonarqube.fullname" . }}-monitoring-passcode
                   key: SONAR_WEB_SYSTEMPASSCODE
                 {{- end }}
-            {{ if .Values.searchNodes.searchAuthentication.enabled }}
+            {{- if .Values.searchNodes.searchAuthentication.enabled }}
             - name: SONAR_CLUSTER_SEARCH_PASSWORD
               valueFrom:
                 secretKeyRef:
                   name: "{{ template "search.userPassword" . }}" 
                   key: SONAR_CLUSTER_SEARCH_PASSWORD
-            {{ end }}
+            {{- end }}
           envFrom:
             - configMapRef:
                 name: {{ template "sonarqube.fullname" . }}-jdbc-config

diff --git a/charts/sonarqube/CHANGELOG.md b/charts/sonarqube/CHANGELOG.md
@@ -3,6 +3,7 @@ All changes to this chart will be documented in this file.
 
 ## [10.6.0]
 * Update Chart's version to 10.6.0
+* Fix the env-var templating when sourcing from secrets
 
 ## [10.5.0]
 * Upgrade SonarQube to 10.5.0

diff --git a/charts/sonarqube/Chart.yaml b/charts/sonarqube/Chart.yaml
@@ -34,6 +34,8 @@ annotations:
   artifacthub.io/changes: |
     - kind: changed
       description: "Update Chart's version to 10.6.0"
+    - kind: fixed
+      description: "Fix the env-var templating when sourcing from secrets"
   artifacthub.io/containsSecurityUpdates: "false"
   artifacthub.io/images: |
     - name: sonarqube

diff --git a/charts/sonarqube/templates/deployment.yaml b/charts/sonarqube/templates/deployment.yaml
@@ -98,10 +98,7 @@ spec:
             - mountPath: /tmp/secrets/ca-certs
               name: ca-certs
           env:
-          {{- range (include "sonarqube.combined_env" . | fromJsonArray)  }}
-            - name: {{ .name }}
-              value: {{ .value | quote}}
-          {{- end }}
+          {{- (include "sonarqube.combined_env" . | fromJsonArray) | toYaml | trim | nindent 12 }}
       {{- end }}
       {{- if or .Values.initSysctl.enabled .Values.elasticsearch.configureNode }}
         - name: init-sysctl
@@ -120,10 +117,7 @@ spec:
             - name: init-sysctl
               mountPath: /tmp/scripts/
           env:
-          {{- range (include "sonarqube.combined_env" . | fromJsonArray)  }}
-            - name: {{ .name }}
-              value: {{ .value | quote}}
-          {{- end }}
+          {{- (include "sonarqube.combined_env" . | fromJsonArray) | toYaml | trim | nindent 12 }}
       {{- end }}
 
       {{- if or .Values.sonarProperties .Values.sonarSecretProperties .Values.sonarSecretKey (not .Values.elasticsearch.bootstrapChecks) }}
@@ -164,10 +158,7 @@ spec:
           resources:
 {{ toYaml .Values.initContainers.resources | indent 12 }}
           env:
-          {{- range (include "sonarqube.combined_env" . | fromJsonArray)  }}
-            - name: {{ .name }}
-              value: {{ .value | quote}}
-          {{- end }}  
+          {{- (include "sonarqube.combined_env" . | fromJsonArray) | toYaml | trim | nindent 12 }}
       {{- end }}
 
       {{- if .Values.prometheusExporter.enabled }}
@@ -193,10 +184,7 @@ spec:
               value: {{ default "" .Values.prometheusExporter.httpsProxy }}
             - name: no_proxy
               value: {{ default "" .Values.prometheusExporter.noProxy }}
-          {{- range (include "sonarqube.combined_env" . | fromJsonArray)  }}
-            - name: {{ .name }}
-              value: {{ .value | quote}}
-          {{- end }}
+          {{- (include "sonarqube.combined_env" . | fromJsonArray) | toYaml | trim | nindent 12 }}
       {{- end }}
       {{- if .Values.plugins.install }}
         - name: install-plugins
@@ -228,10 +216,7 @@ spec:
               value: {{ default "" .Values.plugins.httpsProxy }}
             - name: no_proxy
               value: {{ default "" .Values.plugins.noProxy }}
-          {{- range (include "sonarqube.combined_env" . | fromJsonArray)  }}
-            - name: {{ .name }}
-              value: {{ .value | quote}}
-          {{- end }}
+          {{- (include "sonarqube.combined_env" . | fromJsonArray) | toYaml | trim | nindent 12 }}
     {{- end }}
       containers:
       {{- if .Values.extraContainers }}
@@ -255,10 +240,7 @@ spec:
           resources:
 {{ toYaml (default .Values.resources .Values.resource) | indent 12 }}
           env:
-          {{- range (include "sonarqube.combined_env" . | fromJsonArray)  }}
-            - name: {{ .name }}
-              value: {{ .value | quote}}
-          {{- end }}
+          {{- (include "sonarqube.combined_env" . | fromJsonArray) | toYaml | trim | nindent 12 }}
             - name: SONAR_HELM_CHART_VERSION
               value: {{ .Chart.Version | replace "+" "_" }}
             - name: SONAR_JDBC_PASSWORD

diff --git a/charts/sonarqube/templates/sonarqube-sts.yaml b/charts/sonarqube/templates/sonarqube-sts.yaml
@@ -97,10 +97,7 @@ spec:
             - mountPath: /tmp/secrets/ca-certs
               name: ca-certs
           env:
-          {{- range (include "sonarqube.combined_env" . | fromJsonArray)  }}
-            - name: {{ .name }}
-              value: {{ .value | quote}}
-          {{- end }}
+          {{- (include "sonarqube.combined_env" . | fromJsonArray) | toYaml | trim | nindent 12 }}
       {{- end }}
       {{- if or .Values.initSysctl.enabled .Values.elasticsearch.configureNode }}
         - name: init-sysctl
@@ -119,10 +116,7 @@ spec:
             - name: init-sysctl
               mountPath: /tmp/scripts/
           env:
-          {{- range (include "sonarqube.combined_env" . | fromJsonArray)  }}
-            - name: {{ .name }}
-              value: {{ .value | quote}}
-          {{- end }}
+          {{- (include "sonarqube.combined_env" . | fromJsonArray) | toYaml | trim | nindent 12 }}
       {{- end }}
 
       {{- if or .Values.sonarProperties .Values.sonarSecretProperties .Values.sonarSecretKey (not .Values.elasticsearch.bootstrapChecks) }}
@@ -163,10 +157,7 @@ spec:
           resources:
 {{ toYaml .Values.initContainers.resources | indent 12 }}
           env:
-          {{- range (include "sonarqube.combined_env" . | fromJsonArray)  }}
-            - name: {{ .name }}
-              value: {{ .value | quote}}
-          {{- end }}
+          {{- (include "sonarqube.combined_env" . | fromJsonArray) | toYaml | trim | nindent 12 }}
       {{- end }}
 
       {{- if .Values.prometheusExporter.enabled }}
@@ -192,10 +183,7 @@ spec:
               value: {{ default "" .Values.prometheusExporter.httpsProxy }}
             - name: no_proxy
               value: {{ default "" .Values.prometheusExporter.noProxy }}
-          {{- range (include "sonarqube.combined_env" . | fromJsonArray)  }}
-            - name: {{ .name }}
-              value: {{ .value | quote}}
-          {{- end }}
+          {{- (include "sonarqube.combined_env" . | fromJsonArray) | toYaml | trim | nindent 12 }}
       {{- end }}
       {{- if and .Values.persistence.enabled .Values.initFs.enabled }}
         - name: init-fs
@@ -272,10 +260,7 @@ spec:
               value: {{ default "" .Values.plugins.httpsProxy }}
             - name: no_proxy
               value: {{ default "" .Values.plugins.noProxy }}
-          {{- range (include "sonarqube.combined_env" . | fromJsonArray)  }}
-            - name: {{ .name }}
-              value: {{ .value | quote}}
-          {{- end }}
+          {{- (include "sonarqube.combined_env" . | fromJsonArray) | toYaml | trim | nindent 12 }}
       {{- end }}
       containers:
       {{- if .Values.extraContainers }}
@@ -299,10 +284,7 @@ spec:
           resources:
 {{ toYaml (default .Values.resources .Values.resource) | indent 12 }}
           env:
-          {{- range (include "sonarqube.combined_env" . | fromJsonArray)  }}
-            - name: {{ .name }}
-              value: {{ .value | quote}}
-          {{- end }}
+          {{- (include "sonarqube.combined_env" . | fromJsonArray) | toYaml | trim | nindent 12 }}
             - name: SONAR_HELM_CHART_VERSION
               value: {{ .Chart.Version | replace "+" "_" }}
             - name: SONAR_JDBC_PASSWORD

diff --git a/tests/unit-compatibility-test/sonarqube-dce/duplicated-env-values.yaml b/tests/unit-compatibility-test/sonarqube-dce/duplicated-env-values.yaml
@@ -0,0 +1,15 @@
+ApplicationNodes:
+  env:
+  - name: SONAR_WEB_CONTEXT
+    value: some/context
+  - name: SONAR_CE_JAVAOPTS
+    value: -Xms2G -Xmx2G -DsomeOption=some/Value
+  - name: SONAR_WEB_JAVAOPTS
+    value: -Xmx1g
+  - name: FOOBAR
+    valueFrom:
+      secretKeyRef:
+        name: "sonarqube-ldap"
+        key: BARFOO
+prometheusExporter:
+    enabled: true
diff --git a/tests/unit-compatibility-test/sonarqube/duplicated-env-values.yaml b/tests/unit-compatibility-test/sonarqube/duplicated-env-values.yaml
@@ -0,0 +1,14 @@
+env:
+  - name: SONAR_WEB_CONTEXT
+    value: some/context
+  - name: SONAR_CE_JAVAOPTS
+    value: -Xms2G -Xmx2G -DsomeOption=some/Value
+  - name: SONAR_WEB_JAVAOPTS
+    value: -Xmx1g
+  - name: FOOBAR
+    valueFrom:
+      secretKeyRef:
+        name: "sonarqube-ldap"
+        key: BARFOO
+prometheusExporter:
+    enabled: true