feat(helm): redis and rabbitmq user and password not mandatory and ad…

…ding nodeselector on many components

helm/oncall/templates/_env.tpl

@@ -403,19 +403,23 @@
 
 {{- define "snippet.rabbitmq.env" }}
 - name: RABBITMQ_USERNAME
-{{- if and (not .Values.rabbitmq.enabled) .Values.externalRabbitmq.existingSecret .Values.externalRabbitmq.usernameKey (not .Values.externalRabbitmq.user) }}
+{{- if and (not .Values.rabbitmq.enabled) .Values.externalRabbitmq.existingSecret .Values.externalRabbitmq.usernameKey }}
   valueFrom:
     secretKeyRef:
       name: {{ include "snippet.rabbitmq.password.secret.name" . }}
       key: {{ .Values.externalRabbitmq.usernameKey | quote }}
-{{- else }}
-  value: {{ include "snippet.rabbitmq.user" . | quote }}
+{{- else if .Values.externalRabbitmq.user }}
+  value: {{ .Values.externalRabbitmq.user | quote }}
 {{- end }}
 - name: RABBITMQ_PASSWORD
+{{- if and (not .Values.rabbitmq.enabled) .Values.externalRabbitmq.existingSecret .Values.externalRabbitmq.passwordKey }}
   valueFrom:
     secretKeyRef:
       name: {{ include "snippet.rabbitmq.password.secret.name" . }}
       key: {{ include "snippet.rabbitmq.password.secret.key" . | quote }}
+{{- else if .Values.externalRabbitmq.password }}
+  value: {{ .Values.externalRabbitmq.password | quote }}
+{{- end }}
 - name: RABBITMQ_HOST
   value: {{ include "snippet.rabbitmq.host" . | quote }}
 - name: RABBITMQ_PORT
@@ -426,14 +430,6 @@
   value: {{ include "snippet.rabbitmq.vhost" . | quote }}
 {{- end }}
 
-{{- define "snippet.rabbitmq.user" -}}
-{{ if not .Values.rabbitmq.enabled -}}
-  {{ required "externalRabbitmq.user is required if not rabbitmq.enabled" .Values.externalRabbitmq.user }}
-{{- else -}}
-  user
-{{- end }}
-{{- end }}
-
 {{- define "snippet.rabbitmq.host" -}}
 {{ if not .Values.rabbitmq.enabled -}}
   {{ required "externalRabbitmq.host is required if not rabbitmq.enabled" .Values.externalRabbitmq.host }}

helm/oncall/templates/secrets.yaml

@@ -58,7 +58,7 @@ metadata:
   {{- end }}
 type: Opaque
 data:
-  rabbitmq-password: {{ required "externalRabbitmq.password is required if not rabbitmq.enabled and not externalRabbitmq.existingSecret" .Values.externalRabbitmq.password | b64enc | quote }}
+  rabbitmq-password: {{ .Values.externalRabbitmq.password | b64enc | quote }}
 ---
 {{- end }}
 {{- if and (.Values.externalRedis.host) (not .Values.redis.enabled) (not .Values.externalRedis.existingSecret) }}
@@ -73,7 +73,9 @@ metadata:
   {{- end }}
 type: Opaque
 data:
-  redis-password: {{ required "externalRedis.password is required if not redis.enabled and not externalRedis.existingSecret" .Values.externalRedis.password | b64enc | quote }}
+  {{- if .Values.externalRedis.password }}
+  redis-password: {{ .Values.externalRedis.password | b64enc | quote }}
+  {{- end }}
 ---
 {{- end }}
 {{- if and .Values.oncall.smtp.enabled .Values.oncall.smtp.password }}

helm/oncall/tests/rabbitmq_env_test.yaml

@@ -112,19 +112,6 @@ tests:
             name: RABBITMQ_VHOST
             value: ""
 
-  - it: rabbitmq.enabled=false -> should fail if not externalRabbitmq.existingSecret or not externalRabbitmq.password
-    templates:
-      - engine/deployment.yaml
-      - engine/job-migrate.yaml
-      - celery/deployment.yaml
-    set:
-      broker.type: rabbitmq
-      rabbitmq.enabled: false
-    asserts:
-      - failedTemplate:
-          errorMessage: externalRabbitmq.user is required if not rabbitmq.enabled
-        template: engine/job-migrate.yaml
-
   - it: rabbitmq.enabled=false -> should use internal custom values
     templates:
       - engine/deployment.yaml

helm/oncall/values.yaml

@@ -475,12 +475,19 @@ ingress:
 # Whether to install ingress controller
 ingress-nginx:
   enabled: true
+  controller:
+    ## Node labels for pod assignment
+    ## ref: https://kubernetes.io/docs/user-guide/node-selection/  
+    nodeSelector: {}    
 
 # Install cert-manager as a part of the release
 cert-manager:
   enabled: true
   # Instal CRD resources
   installCRDs: true
+  ## Node labels for pod assignment
+  ## ref: https://kubernetes.io/docs/user-guide/node-selection/  
+  nodeSelector: {}    
   webhook:
     timeoutSeconds: 30
     # cert-manager tries to use the already used port, changing to another one
@@ -503,6 +510,9 @@ database:
 # Set mariadb.enabled = false and configure externalMysql
 mariadb:
   enabled: true
+  ## Node labels for pod assignment
+  ## ref: https://kubernetes.io/docs/user-guide/node-selection/  
+  nodeSelector: {}    
   auth:
     database: oncall
     existingSecret:
@@ -578,18 +588,21 @@ externalPostgresql:
 # Set rabbitmq.enabled = false and configure externalRabbitmq
 rabbitmq:
   enabled: true
+  ## Node labels for pod assignment
+  ## ref: https://kubernetes.io/docs/user-guide/node-selection/  
+  nodeSelector: {}  
   auth:
     existingPasswordSecret:
 
 broker:
   type: rabbitmq
 
 externalRabbitmq:
-  host:
-  port:
-  user:
-  password:
-  protocol:
+  host: 
+  port: 
+  user: 
+  password: 
+  protocol: 
   vhost:
   # Use an existing secret for the rabbitmq password
   existingSecret:
@@ -602,12 +615,20 @@ externalRabbitmq:
 # It is recommended to host it separately from this release
 redis:
   enabled: true
+  master: 
+  ## Node labels for pod assignment
+  ## ref: https://kubernetes.io/docs/user-guide/node-selection/  
+    nodeSelector: {}
+  replica: 
+  ## Node labels for pod assignment
+  ## ref: https://kubernetes.io/docs/user-guide/node-selection/  
+    nodeSelector: {}    
   auth:
     existingSecret:
 
 externalRedis:
   protocol:
-  host:
+  host: 
   port:
   database:
   username:
@@ -632,6 +653,9 @@ externalRedis:
 # It is recommended to host it separately from this release
 grafana:
   enabled: true
+  ## Node labels for pod assignment
+  ## ref: https://kubernetes.io/docs/user-guide/node-selection/    
+  nodeSelector: {}  
   grafana.ini:
     server:
       domain: helm-testing-grafana