Skip to content

Commit

Permalink
feat(helm-teleport-cluster): allow to override enterprise license name
Browse files Browse the repository at this point in the history
Signed-off-by: Guntis Karulis <[email protected]>
  • Loading branch information
guntiskarulis committed Nov 8, 2024
1 parent 4fbfd7a commit 52126e2
Show file tree
Hide file tree
Showing 7 changed files with 53 additions and 3 deletions.
16 changes: 16 additions & 0 deletions docs/pages/reference/helm-reference/teleport-cluster.mdx
Original file line number Diff line number Diff line change
Expand Up @@ -616,6 +616,22 @@ $ kubectl --namespace teleport create secret generic license --from-file=/path/t
enterprise: true
```

### `licenseSecretName`

| Type | Default value |
|----------|----------------|
| `string` | `license` |

`licenseSecretName` controls Kubernetes secret name for the Enterprise license.

By using this value you will update the Kubernetes volume specification to mount Secret based volume to the container using custom name.

`values.yaml` example:

```yaml
licenseSecretName: enterprise-license
```

## `installCRDs`

| Type | Default value |
Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
clusterName: helm-lint
enterprise: true
licenseSecretName: enterprise-license

Original file line number Diff line number Diff line change
Expand Up @@ -266,7 +266,7 @@ spec:
{{- if $auth.enterprise }}
- name: license
secret:
secretName: "license"
secretName: {{ $auth.licenseSecretName | quote }}
{{- end }}
{{- if and ($auth.gcp.credentialSecretName) (eq $auth.chartMode "gcp") }}
- name: gcp-credentials
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -84,7 +84,7 @@ spec:
{{- if .Values.enterprise }}
- name: license
secret:
secretName: "license"
secretName: {{ $auth.licenseSecretName | quote }}
{{- end }}
{{- if and (.Values.gcp.credentialSecretName) (eq .Values.chartMode "gcp") }}
- name: gcp-credentials
Expand Down
24 changes: 24 additions & 0 deletions examples/chart/teleport-cluster/tests/auth_deployment_test.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -215,6 +215,30 @@ tests:
secret:
secretName: license

- it: should use enterprise image and mount license with custom secret name when enterprise is set in values
template: auth/deployment.yaml
set:
clusterName: helm-lint.example.com
enterprise: true
licenseSecretName: enterprise-license
teleportVersionOverride: 12.2.1
asserts:
- equal:
path: spec.template.spec.containers[0].image
value: public.ecr.aws/gravitational/teleport-ent-distroless:12.2.1
- contains:
path: spec.template.spec.containers[0].volumeMounts
content:
mountPath: /var/lib/license
name: "license"
readOnly: true
- contains:
path: spec.template.spec.volumes
content:
name: license
secret:
secretName: enterprise-license

- it: should use OSS image and not mount license when enterprise is not set in values
template: auth/deployment.yaml
set:
Expand Down
5 changes: 5 additions & 0 deletions examples/chart/teleport-cluster/values.schema.json
Original file line number Diff line number Diff line change
Expand Up @@ -286,6 +286,11 @@
"type": "boolean",
"default": false
},
"licenseSecretName": {
"$id": "#/properties/licenseSecretName",
"type": "string",
"default": "license"
},
"installCRDs": {
"$id": "#/properties/installCRDs",
"type": "boolean"
Expand Down
3 changes: 2 additions & 1 deletion examples/chart/teleport-cluster/values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -245,7 +245,8 @@ acmeURI: ""
# You will need to download your Enterprise license from the Teleport dashboard and create a secret to use this:
# kubectl -n ${TELEPORT_NAMESPACE?} create secret generic license --from-file=/path/to/downloaded/license.pem
enterprise: false

# Override default Enterprise license name
licenseSecretName: "license"
# CRDs are installed by default when the operator is enabled. This manual override allows to disable CRD installation
# when deploying multiple releases in the same cluster.
# installCRDs:
Expand Down

0 comments on commit 52126e2

Please sign in to comment.