Fix snpe chart syntax. (#269)

* Fix snpe chart syntax. * Bump snpe version to 1.1.6
streamnative · Aug 5, 2021 · 3652690 · 3652690
1 parent b219a0a
commit 3652690
Show file tree

Hide file tree

Showing 4 changed files with 38 additions and 32 deletions.
diff --git a/charts/sn-platform/Chart.yaml b/charts/sn-platform/Chart.yaml
@@ -21,7 +21,7 @@ apiVersion: v1
 appVersion: "1.1"
 description: StreamNative Platform Chart
 name: sn-platform
-version: 1.1.5
+version: 1.1.6
 home: https://streamnative.io
 sources:
 - https://github.com/streamnative/charts/tree/master/charts/sn-platform

diff --git a/charts/sn-platform/templates/broker/broker-cluster.yaml b/charts/sn-platform/templates/broker/broker-cluster.yaml
@@ -327,17 +327,22 @@ spec:
       # https://github.com/apache/bookkeeper/pull/2300
       bookkeeperUseV2WireProtocol: "false"
       {{- end }}
+      {{- if .Values.components.kop }}
+      {{- if .Values.auth.authentication.enabled }}
       {{- if eq .Values.auth.authentication.provider "jwt" }}
       PULSAR_PREFIX_saslAllowedMechanisms: "PLAIN"
       {{- end }}
       {{- end }}
-      {{- if and .Values.tls.enabled .Values.tls.broker.enabled }}
-      PULSAR_PREFIX_kopSslKeystoreLocation: /pulsar/broker.keystore.jks
-      PULSAR_PREFIX_kopSslTruststoreLocation: /pulsar/broker.truststore.jks
+      {{- if and .Values.tls.enabled .Values.tls.kop.enabled }}
+      PULSAR_PREFIX_kopSslKeystoreLocation: /pulsar/certs/kop/keystore.jks
+      {{- if not .Values.certs.public_issuer.enabled }}
+      PULSAR_PREFIX_kopSslTruststoreLocation: /pulsar/certs/kop/truststore.jks
+      {{- end }}
+      {{- end }}
       {{- end }}
       # Include log configuration file, If you want to configure the log level and other configuration
       # items, you can modify the configmap, and eventually it will overwrite the log4j2.yaml file under conf
-    {{ (.Files.Glob "conf/broker/log4j2.yaml").AsConfig | indent 2 }}
+{{ (.Files.Glob "conf/broker/log4j2.yaml").AsConfig | indent 6 }}
   {{- if .Values.zookeeper.customTools.restore.enable }}
   initJobPod:
     initContainers:
@@ -359,4 +364,4 @@ spec:
         configMap:
           name: "{{ template "pulsar.fullname" . }}-{{ .Values.zookeeper.customTools.restore.component }}"
   {{- end }}
-{{ (.Files.Glob "conf/broker/log4j2.yaml").AsConfig | indent 2 }}
+{{- end }}
diff --git a/charts/sn-platform/templates/broker/broker-service.yaml b/charts/sn-platform/templates/broker/broker-service.yaml
@@ -30,7 +30,9 @@ metadata:
     {{- if .Values.broker.resourcePolicy.keep }}
     "helm.sh/resource-policy": keep
     {{- end }}
+    {{- if .Values.broker.service.annotations}}
 {{ toYaml .Values.broker.service.annotations | indent 4 }}
+    {{- end}}
 spec:
   ports:
   # prometheus needs to access /metrics endpoint

diff --git a/charts/sn-platform/templates/proxy/proxy-cluster.yaml b/charts/sn-platform/templates/proxy/proxy-cluster.yaml
@@ -177,62 +177,61 @@ spec:
       tlsTrustCertsFilePath: "/etc/tls/pulsar-proxy-tls/ca.crt"
       {{- end }}
       {{- end }}
-{{ (.Files.Glob "conf/proxy/log4j2.yaml").AsConfig | indent 4 }}
-
+{{ (.Files.Glob "conf/proxy/log4j2.yaml").AsConfig | indent 6 }}
       # Proxy settings
-      clusterName: { { template "pulsar.cluster" . } }
+      clusterName: {{ template "pulsar.cluster" . }}
       httpNumThreads: "8"
       statusFilePath: "{{ template "pulsar.home" . }}/status"
       # prometheus needs to access /metrics endpoint
       webServicePort: "{{ .Values.proxy.ports.http }}"
-      { { - if or (not .Values.tls.enabled) (not .Values.tls.proxy.enabled) } }
+      {{- if or (not .Values.tls.enabled) (not .Values.tls.proxy.enabled) }}
       servicePort: "{{ .Values.proxy.ports.pulsar }}"
-      { { - end } }
-      { { - if and .Values.tls.enabled .Values.tls.proxy.enabled } }
+      {{- end }}
+      {{- if and .Values.tls.enabled .Values.tls.proxy.enabled }}
       tlsEnabledInProxy: "true"
       servicePortTls: "{{ .Values.proxy.ports.pulsarssl }}"
       webServicePortTls: "{{ .Values.proxy.ports.https }}"
       tlsCertificateFilePath: "/pulsar/certs/proxy/tls.crt"
       tlsKeyFilePath: "/pulsar/certs/proxy/tls.key"
-      { { - if .Values.tls.proxy.untrustedCa } }
+      {{- if .Values.tls.proxy.untrustedCa }}
       tlsTrustCertsFilePath: "/pulsar/certs/ca/ca.crt"
-      { { - end } }
-      { { - end } }
-      { { - if and .Values.tls.enabled .Values.tls.broker.enabled } }
+      {{- end }}
+      {{- end }}
+      {{- if and .Values.tls.enabled .Values.tls.broker.enabled }}
       # if broker enables TLS, configure proxy to talk to broker using TLS
-      brokerServiceURLTLS: { { template "pulsar.proxy.broker.service.url.tls" . } }
-      brokerWebServiceURLTLS: { { template "pulsar.proxy.web.service.url.tls" . } }
+      brokerServiceURLTLS: {{ template "pulsar.proxy.broker.service.url.tls" . }}
+      brokerWebServiceURLTLS: {{ template "pulsar.proxy.web.service.url.tls" . }}
       tlsEnabledWithBroker: "true"
       tlsCertRefreshCheckDurationSec: "300"
       brokerClientTrustCertsFilePath: "/pulsar/certs/broker/ca.crt"
-      { { - end } }
-      { { - if not (and .Values.tls.enabled .Values.tls.broker.enabled) } }
-      brokerServiceURL: { { template "pulsar.proxy.broker.service.url" . } }
-      brokerWebServiceURL: { { template "pulsar.proxy.web.service.url" . } }
-      { { - end } }
+      {{- end }}
+      {{- if not (and .Values.tls.enabled .Values.tls.broker.enabled) }}
+      brokerServiceURL: {{ template "pulsar.proxy.broker.service.url" . }}
+      brokerWebServiceURL: {{ template "pulsar.proxy.web.service.url" . }}
+      {{- end }}
 
         # Authentication Settings
-      { { - if .Values.auth.authentication.enabled } }
+      {{- if .Values.auth.authentication.enabled }}
       authenticationEnabled: "true"
       forwardAuthorizationCredentials: "true"
-      { { - if .Values.auth.authorization.enabled } }
+      {{- if .Values.auth.authorization.enabled }}
       # disable authorization on proxy and forward authorization credentials to broker
       authorizationEnabled: "false"
       forwardAuthorizationCredentials: "true"
       # superUserRoles: {{ .Values.auth.superUsers.broker }},{{ .Values.auth.superUsers.proxy }},{{ .Values.auth.superUsers.websocket }},{{ .Values.auth.superUsers.client }},{{ .Values.auth.superUsers.streamnative_console }}
-      { { - end } }
-      { { - if and (eq .Values.auth.authentication.provider "jwt") (not .Values.auth.vault.enabled) } }
+      {{- end }}
+      {{- if and (eq .Values.auth.authentication.provider "jwt") (not .Values.auth.vault.enabled) }}
       # token authentication configuration
       authenticationProviders: "org.apache.pulsar.broker.authentication.AuthenticationProviderToken"
       brokerClientAuthenticationParameters: "file:///pulsar/tokens/proxy/token"
       brokerClientAuthenticationPlugin: "org.apache.pulsar.client.impl.auth.AuthenticationToken"
-      { { - if .Values.auth.authentication.jwt.usingSecretKey } }
+      {{- if .Values.auth.authentication.jwt.usingSecretKey }}
       tokenSecretKey: "file:///pulsar/keys/token/secret.key"
-      { { - else } }
+      {{- else }}
       tokenPublicKey: "file:///pulsar/keys/token/public.key"
-      { { - end } }
-      { { - end } }
-      { { - end } }
+      {{- end }}
+      {{- end }}
+      {{- end }}
   dnsNames: []
   issuerRef:
     name: ""