fix(did-helper): render STORE_PASS when generateKey is enabled if provided (#425)

* fix(did-helper): render STORE_PASS when generateKey is enabled if provided

* Update helm documentation

* fix(did-helper): refactor provideKeystore config renderization

* Update helm documentation

---------

Co-authored-by: Víctor Rampérez Martín <vramperez@MacBook-Air-de-Victor.local>
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>

Author: 3 people

charts/did-helper/Chart.yaml

@@ -2,5 +2,5 @@ apiVersion: v2
 name: did-helper
 description: A Helm chart for DID helper (see https://github.com/wistefan/did-helper)
 type: application
-version: 0.1.1
+version: 0.1.3
 appVersion: "0.4.2"

charts/did-helper/templates/deployment.yaml

@@ -64,7 +64,14 @@ spec:
               readOnly: true
             {{- end }}
           env:
-            {{- range $key, $value := .Values.config.server }}
+            {{- if and .Values.config.server.keystorePasswordSecretName .Values.config.server.keystorePasswordSecretKey }}
+            - name: STORE_PASS
+              valueFrom:
+                secretKeyRef:
+                  name: {{ .Values.config.server.keystorePasswordSecretName }}
+                  key: {{ .Values.config.server.keystorePasswordSecretKey }}
+            {{- end }}
+            {{- range $key, $value := omit .Values.config.server "keystorePasswordSecretName" "keystorePasswordSecretKey"}}
             - name: {{ $key | snakecase | upper }}
               valueFrom:
                 configMapKeyRef:
@@ -81,15 +88,13 @@ spec:
             {{- end }}
             {{- end }}
             {{- if .Values.config.provideKeystore.enabled }}
-            - name: KEY_TYPE
-              value: {{ .Values.config.provideKeystore.keyType }}
-            - name: KEY_ALIAS
-              value: {{ .Values.config.provideKeystore.keyAlias }}
-            - name: STORE_PASS
+            {{- range $key, $value := omit .Values.config.provideKeystore "enabled" "keystoreSecretName" "keystoreSecretKey" }}
+            - name: {{ $key | snakecase | upper }}
               valueFrom:
-                secretKeyRef:
-                  name: {{ .Values.config.provideKeystore.keystorePasswordSecretName }}
-                  key: {{ .Values.config.provideKeystore.keystorePasswordSecretKey }}
+                configMapKeyRef:
+                  name: {{ include "did-helper.fullname" $ }}-cm
+                  key: {{ $key }}
+              {{- end }}
             - name: KEYSTORE_PATH
               value: "/etc/keystore/keystore.pfx"
             {{- end }}

charts/did-helper/values.yaml

@@ -125,6 +125,14 @@ config:
     outputFormat: "json_jwk"
     # URL to retrieve the public certificate
     # certUrl: ""
+    # Name of the secret containing the keystore password. 
+    # If provideKeystore is used, this needs to be set with the corresponding secret name containing the actual keystore password
+    # If generateKey is used, this needs to be set with the secret name containing the password to be used for the created keystore
+    keystorePasswordSecretName: ""
+    # Key inside the secret containing the keystore password
+    # If provideKeystore is used, this needs to be set with the corresponding secret key containing the actual keystore password
+    # If generateKey is used, this needs to be set with the secret key containing the password to be used for the created keystore
+    keystorePasswordSecretKey: ""
   generateKey:
     enabled: true
     # Type of the key to be generated. RSA is only supported for did:jwk
@@ -145,10 +153,6 @@ config:
     keystoreSecretName: ""
     # Key inside the secret containing the keystore
     keystoreSecretKey: ""
-    # Name of the secret containing the keystore password
-    keystorePasswordSecretName: ""
-    # Key inside the secret containing the keystore password
-    keystorePasswordSecretKey: ""
     # Alias for the key inside the keystore
     keyAlias: ""
     # Type of the key provided

charts/odrl-pap/Chart.yaml

@@ -1,6 +1,6 @@
 apiVersion: v1
 name: odrl-pap
-version: 2.3.1
+version: 2.3.2
 appVersion: 1.1.2
 description: A Helm chart for running the odrl-pap on kubernetes.
 icon: https://fiware.github.io/catalogue/img/fiware.png

charts/odrl-pap/README.md

@@ -1,6 +1,6 @@
 # odrl-pap
 
-![Version: 2.3.0](https://img.shields.io/badge/Version-2.3.0-informational?style=flat-square) ![AppVersion: 1.1.0](https://img.shields.io/badge/AppVersion-1.1.0-informational?style=flat-square)
+![Version: 2.3.2](https://img.shields.io/badge/Version-2.3.2-informational?style=flat-square) ![AppVersion: 1.1.2](https://img.shields.io/badge/AppVersion-1.1.2-informational?style=flat-square)
 
 A Helm chart for running the odrl-pap on kubernetes.
 
@@ -19,7 +19,7 @@ A Helm chart for running the odrl-pap on kubernetes.
 | Key | Type | Default | Description |
 |-----|------|---------|-------------|
 | additionalMapping.enabled | bool | `false` | should an additional mapping.json be loaded |
-| additionalMapping.json | string | `"{\n  \"action\": {\n    \"odrl\": {\n      \"use\" : {\n        \"regoPackage\": \"custom.action as custom_action\",\n        \"regoMethod\": \"custom_action.is_use(helper.http_part)\"\n      }\n    }\n  }\n}\n"` | mapping.json to merged with the defaults the example would overwrite the default odrl:use to be handled by a custom rego method provided with the additional rego  |
+| additionalMapping.json | string | `"{\n  \"action\": {\n    \"odrl\": {\n      \"use\" : {\n        \"regoPackage\": \"custom.action as custom_action\",\n        \"regoMethod\": \"custom_action.is_use(helper.http_part)\"\n      }\n    }\n  }\n}\n"` | mapping.json to merged with the defaults the example would overwrite the default odrl:use to be handled by a custom rego method provided with the additional rego |
 | additionalRego.enabled | bool | `false` | should additional packages be loaded |
 | additionalRego.packages | string | `"action.rego: |\n  package odrl.action\n\n  import rego.v1\n\n  ## odrl:use\n  # checks if the given request is a usage - in constrast to the default, this example would only consider modifications a \"use\"\n  is_use(request) if {\n      methods := [\"POST\", \"PUT\", \"PATCH\"]\n      request.method in methods\n  }\n"` |  |
 | additonalEnvVars | list | `[]` | a list of additional env vars to be set, check the til docu for all available options |
@@ -43,7 +43,7 @@ A Helm chart for running the odrl-pap on kubernetes.
 | deployment.command | list | `[]` | command to be used for starting the container |
 | deployment.image.pullPolicy | string | `"IfNotPresent"` | specification of the image pull policy |
 | deployment.image.repository | string | `"quay.io/fiware/odrl-pap"` | til image name ref: https://quay.io/repository/wistefan/odrl-pap |
-| deployment.image.tag | string | `"1.1.0"` | tag of the image to be used |
+| deployment.image.tag | string | `"1.1.2"` | tag of the image to be used |
 | deployment.imagePullSecrets | list | `[]` | secrets for pulling images from a private repository ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ |
 | deployment.livenessProbe.initialDelaySeconds | int | `30` |  |
 | deployment.livenessProbe.periodSeconds | int | `10` |  |