fix: volume-provisioner with azure disks

codefresh-io · Oct 26, 2023 · 027d9c5 · 027d9c5
1 parent 4ec93dd
commit 027d9c5
Show file tree

Hide file tree

Showing 5 changed files with 63 additions and 7 deletions.
diff --git a/charts/cf-runtime/Chart.yaml b/charts/cf-runtime/Chart.yaml
@@ -1,7 +1,7 @@
 apiVersion: v2
 description: A Helm chart for Codefresh Runner
 name: cf-runtime
-version: 6.2.3
+version: 6.2.4
 keywords:
   - codefresh
   - runner
@@ -14,8 +14,8 @@ maintainers:
     url: https://codefresh-io.github.io/
 annotations:
   artifacthub.io/changes: |
-    - kind: security
-      description: Fix security vulnerabilities in dind image
+    - kind: fixed
+      description: Fix volume-provisioner for Azure Disks
 dependencies:
   - name: cf-common
     repository: oci://quay.io/codefresh/charts

diff --git a/charts/cf-runtime/README.md b/charts/cf-runtime/README.md
@@ -1,6 +1,6 @@
 ## Codefresh Runner
 
-![Version: 6.2.3](https://img.shields.io/badge/Version-6.2.3-informational?style=flat-square)
+![Version: 6.2.4](https://img.shields.io/badge/Version-6.2.4-informational?style=flat-square)
 
 Helm chart for deploying [Codefresh Runner](https://codefresh.io/docs/docs/installation/codefresh-runner/) to Kubernetes.
 

diff --git a/charts/cf-runtime/templates/_components/volume-provisioner/_env-vars.yaml b/charts/cf-runtime/templates/_components/volume-provisioner/_env-vars.yaml
@@ -37,8 +37,9 @@ AWS_SECRET_ACCESS_KEY:
 GOOGLE_APPLICATION_CREDENTIALS: /etc/dind-volume-provisioner/credentials/google-service-account.json
 {{- end }}
 
-{{- if and .Values.mountAzureJson }}
+{{- if and .Values.storage.mountAzureJson }}
 AZURE_CREDENTIAL_FILE: /etc/kubernetes/azure.json
+CLOUDCONFIG_AZURE: /etc/kubernetes/azure.json
 {{- end }}
 
 {{- end }}
@@ -65,7 +66,7 @@ AZURE_CREDENTIAL_FILE: /etc/kubernetes/azure.json
     secretName: {{ .Values.storage.gcedisk.serviceAccountJsonSecretKeyRef.name }}
     optional: true
   {{- end }}
-  {{- if .Values.mountAzureJson }}
+  {{- if .Values.storage.mountAzureJson }}
 - name: azure-json
   hostPath:
     path: /etc/kubernetes/azure.json
@@ -79,7 +80,7 @@ AZURE_CREDENTIAL_FILE: /etc/kubernetes/azure.json
   readOnly: true
   mountPath: "/etc/dind-volume-provisioner/credentials"
   {{- end }}
-  {{- if .Values.mountAzureJson }}
+  {{- if .Values.storage.mountAzureJson }}
 - name: azure-json
   readOnly: true
   mountPath: "/etc/kubernetes/azure.json"

diff --git a/charts/cf-runtime/templates/volume-provisioner/deployment.yaml b/charts/cf-runtime/templates/volume-provisioner/deployment.yaml
@@ -1,6 +1,7 @@
 {{- $volumeProvisionerContext := deepCopy . }}
 {{- $_ := set $volumeProvisionerContext "Values" (get .Values "volumeProvisioner") }}
 {{- $_ := set $volumeProvisionerContext.Values "global" (get .Values "global") }}
+{{- $_ := set $volumeProvisionerContext.Values "storage" (get .Values "storage") }}
 
 {{- if $volumeProvisionerContext.Values.enabled }}
 {{- include "dind-volume-provisioner.resources.deployment" $volumeProvisionerContext }}

diff --git a/charts/cf-runtime/tests/volume-provisioner/volume-provisioner_test.yaml b/charts/cf-runtime/tests/volume-provisioner/volume-provisioner_test.yaml
@@ -358,3 +358,57 @@ tests:
       - hasDocuments:
           count: 0
         template: templates/volume-provisioner/storageclass.yaml
+
+  - it: Test volume-provisioner with azure disks
+    set:
+      storage.backend: azuredisk
+      storage.azuredisk.location: somewhere
+      storage.azuredisk.resourceGroup: some-rg
+      storage.mountAzureJson: true
+    asserts:
+      - contains:
+          path: spec.template.spec.containers[0].env
+          content:
+            name: AZURE_CREDENTIAL_FILE
+            value: /etc/kubernetes/azure.json
+        template: templates/volume-provisioner/deployment.yaml
+      - contains:
+          path: spec.template.spec.containers[0].env
+          content:
+            name: CLOUDCONFIG_AZURE
+            value: /etc/kubernetes/azure.json
+        template: templates/volume-provisioner/deployment.yaml
+      - contains:
+          path: spec.template.spec.containers[0].volumeMounts
+          count: 1
+          any: true
+          content:
+            name: azure-json
+            readOnly: true
+            mountPath: "/etc/kubernetes/azure.json"
+        template: templates/volume-provisioner/deployment.yaml
+      - contains:
+          path: spec.template.spec.volumes
+          count: 1
+          any: true
+          content:
+            name: azure-json
+            hostPath:
+              path: /etc/kubernetes/azure.json
+              type: File
+        template: templates/volume-provisioner/deployment.yaml
+      - hasDocuments:
+          count: 0
+        template: templates/volume-provisioner/secret.yaml
+      - equal:
+          path: parameters.volumeBackend
+          value: azuredisk
+        template: templates/volume-provisioner/storageclass.yaml
+      - equal:
+          path: parameters.location
+          value: somewhere
+        template: templates/volume-provisioner/storageclass.yaml
+      - equal:
+          path: parameters.resourceGroup
+          value: some-rg
+        template: templates/volume-provisioner/storageclass.yaml