This is an automated email from the ASF dual-hosted git repository.
rom pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/airflow.git
The following commit(s) were added to refs/heads/main by this push:
new 4eb71d60ca add kerberos env to base container env, add
webserver-config volume) (#41645)
4eb71d60ca is described below
commit 4eb71d60cad8b21127ffc2861fae9da0c1425f82
Author: rom sharon <[email protected]>
AuthorDate: Wed Aug 21 18:22:30 2024 +0300
add kerberos env to base container env, add webserver-config volume)
(#41645)
---
chart/files/pod-template-file.kubernetes-helm-yaml | 11 ++++++
helm_tests/airflow_aux/test_pod_template_file.py | 39 ++++++++++++++++++++++
2 files changed, 50 insertions(+)
diff --git a/chart/files/pod-template-file.kubernetes-helm-yaml
b/chart/files/pod-template-file.kubernetes-helm-yaml
index 259f6a71b8..b5c8f01fb7 100644
--- a/chart/files/pod-template-file.kubernetes-helm-yaml
+++ b/chart/files/pod-template-file.kubernetes-helm-yaml
@@ -96,6 +96,12 @@ spec:
env:
- name: AIRFLOW__CORE__EXECUTOR
value: LocalExecutor
+ {{- if or .Values.workers.kerberosSidecar.enabled
.Values.workers.kerberosInitContainer.enabled}}
+ - name: KRB5_CONFIG
+ value: {{ .Values.kerberos.configPath | quote }}
+ - name: KRB5CCNAME
+ value: {{ include "kerberos_ccache_path" . | quote }}
+ {{- end }}
{{- include "standard_airflow_environment" . | indent 6}}
{{- include "custom_airflow_environment" . | indent 6 }}
{{- include "container_extra_envs" (list . .Values.workers.env) |
indent 6 }}
@@ -229,6 +235,11 @@ spec:
- configMap:
name: {{ include "airflow_config" . }}
name: config
+ {{- if and (or .Values.webserver.webserverConfig
.Values.webserver.webserverConfigConfigMapName) (or
.Values.workers.kerberosInitContainer.enabled
.Values.workers.kerberosSidecar.enabled)}}
+ - name: webserver-config
+ configMap:
+ name: {{ template "airflow_webserver_config_configmap_name" . }}
+ {{- end }}
{{- if .Values.volumes }}
{{- toYaml .Values.volumes | nindent 2 }}
{{- end }}
diff --git a/helm_tests/airflow_aux/test_pod_template_file.py
b/helm_tests/airflow_aux/test_pod_template_file.py
index 8d4cabeef0..8c6c8c21f9 100644
--- a/helm_tests/airflow_aux/test_pod_template_file.py
+++ b/helm_tests/airflow_aux/test_pod_template_file.py
@@ -1026,3 +1026,42 @@ class TestPodTemplateFile:
)
assert None is jmespath.search("spec.containers[0].command", docs[0])
+
+ @pytest.mark.parametrize(
+ "workers_values, kerberos_init_container",
+ [
+ ({"kerberosSidecar": {"enabled": True}}, False),
+ ({"kerberosInitContainer": {"enabled": True}}, True),
+ ],
+ )
+ def test_webserver_config_for_kerberos(self, workers_values,
kerberos_init_container):
+ docs = render_chart(
+ values={"workers": workers_values, "webserver":
{"webserverConfigConfigMapName": "config"}},
+ show_only=["templates/pod-template-file.yaml"],
+ chart_dir=self.temp_chart_dir,
+ )
+
+ kerberos_container = "spec.containers[1].volumeMounts[*].name"
+ if kerberos_init_container:
+ kerberos_container = "spec.initContainers[0].volumeMounts[*].name"
+
+ volume_mounts_names = jmespath.search(kerberos_container, docs[0])
+ print(volume_mounts_names)
+ assert "webserver-config" in volume_mounts_names
+ assert "webserver-config" in jmespath.search("spec.volumes[*].name",
docs[0])
+
+ @pytest.mark.parametrize(
+ "workers_values",
+ [{"kerberosSidecar": {"enabled": True}}, {"kerberosInitContainer":
{"enabled": True}}],
+ )
+ def test_base_contains_kerberos_env(self, workers_values):
+ docs = render_chart(
+ values={
+ "workers": workers_values,
+ },
+ show_only=["templates/pod-template-file.yaml"],
+ chart_dir=self.temp_chart_dir,
+ )
+
+ scheduler_env = jmespath.search("spec.containers[0].env[*].name",
docs[0])
+ assert set(["KRB5_CONFIG", "KRB5CCNAME"]).issubset(scheduler_env)
