This is an automated email from the ASF dual-hosted git repository.
rom pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/airflow.git
The following commit(s) were added to refs/heads/main by this push:
new eabe6b8dd77 [helm] Add missing `airflow.fullname` on kubernetes
objects (#52953)
eabe6b8dd77 is described below
commit eabe6b8dd77204f7c0d117c9d9ad1f4166869671
Author: Grégoire Bellon-Gervais <[email protected]>
AuthorDate: Wed Sep 17 07:45:24 2025 +0200
[helm] Add missing `airflow.fullname` on kubernetes objects (#52953)
* Add `airflow.fullname` on the missing objects
* webserver secret key must always be created
Signed-off-by: Grégoire Bellon-Gervais
<[email protected]>
* Mixed kerberos secret name and content
---------
Signed-off-by: Grégoire Bellon-Gervais
<[email protected]>
---
chart/templates/NOTES.txt | 2 +-
chart/templates/_helpers.yaml | 10 +++++-----
chart/templates/api-server/api-server-ingress.yaml | 4 ++--
chart/templates/limitrange.yaml | 2 +-
chart/templates/pgbouncer/pgbouncer-ingress.yaml | 5 +++--
chart/templates/resourcequota.yaml | 2 +-
chart/templates/secrets/fernetkey-secret.yaml | 2 +-
chart/templates/secrets/git-ssh-key-secret.yaml | 2 +-
chart/templates/secrets/jwt-secret.yaml | 3 +--
chart/templates/secrets/redis-secrets.yaml | 4 ++--
chart/templates/secrets/webserver-secret-key-secret.yaml | 2 +-
chart/templates/statsd/statsd-ingress.yaml | 5 +++--
chart/templates/triggerer/triggerer-deployment.yaml | 2 +-
chart/templates/triggerer/triggerer-kedaautoscaler.yaml | 4 ++--
.../tests/helm_tests/airflow_aux/test_basic_helm_chart.py | 8 ++++----
15 files changed, 29 insertions(+), 28 deletions(-)
diff --git a/chart/templates/NOTES.txt b/chart/templates/NOTES.txt
index 781caf76302..5e86b24980c 100644
--- a/chart/templates/NOTES.txt
+++ b/chart/templates/NOTES.txt
@@ -131,7 +131,7 @@ Default Postgres connection credentials:
You can get Fernet Key value by running the following:
- echo Fernet Key: $(kubectl get secret --namespace {{ .Release.Namespace }}
{{ .Release.Name }}-fernet-key -o jsonpath="{.data.fernet-key}" | base64
--decode)
+ echo Fernet Key: $(kubectl get secret --namespace {{ .Release.Namespace }}
{{ include "airflow.fullname" . }}-fernet-key -o jsonpath="{.data.fernet-key}"
| base64 --decode)
{{- end }}
diff --git a/chart/templates/_helpers.yaml b/chart/templates/_helpers.yaml
index 22a3a91514d..b29a84cdcbe 100644
--- a/chart/templates/_helpers.yaml
+++ b/chart/templates/_helpers.yaml
@@ -413,11 +413,11 @@ If release name contains chart name it will be used as a
full name.
{{- end }}
{{- define "fernet_key_secret" -}}
- {{- default (printf "%s-fernet-key" .Release.Name)
.Values.fernetKeySecretName }}
+ {{- default (printf "%s-fernet-key" (include "airflow.fullname" .))
.Values.fernetKeySecretName }}
{{- end }}
{{- define "jwt_secret" -}}
- {{- default (printf "%s-jwt-secret" .Release.Name) .Values.jwtSecretName }}
+ {{- default (printf "%s-jwt-secret" (include "airflow.fullname" .))
.Values.jwtSecretName }}
{{- end }}
{{- define "webserver_secret_key_secret" -}}
@@ -429,7 +429,7 @@ If release name contains chart name it will be used as a
full name.
{{- end }}
{{- define "redis_password_secret" -}}
- {{- default (printf "%s-redis-password" .Release.Name)
.Values.redis.passwordSecretName }}
+ {{- default (printf "%s-redis-password" (include "airflow.fullname" .))
.Values.redis.passwordSecretName }}
{{- end }}
{{- define "airflow_metadata_secret" -}}
@@ -600,7 +600,7 @@ server_tls_key_file = /etc/pgbouncer/server.key
{{- end }}
{{- define "airflow_webserver_config_configmap_name" -}}
- {{- default (printf "%s-webserver-config" .Release.Name)
.Values.webserver.webserverConfigConfigMapName }}
+ {{- default (printf "%s-webserver-config" (include "airflow.fullname" .))
.Values.webserver.webserverConfigConfigMapName }}
{{- end }}
{{- define "airflow_webserver_config_mount" -}}
@@ -611,7 +611,7 @@ server_tls_key_file = /etc/pgbouncer/server.key
{{- end }}
{{- define "airflow_api_server_config_configmap_name" -}}
- {{- default (printf "%s-api-server-config" .Release.Name)
.Values.apiServer.apiServerConfigConfigMapName }}
+ {{- default (printf "%s-api-server-config" (include "airflow.fullname" .))
.Values.apiServer.apiServerConfigConfigMapName }}
{{- end }}
{{- define "airflow_api_server_config_mount" -}}
diff --git a/chart/templates/api-server/api-server-ingress.yaml
b/chart/templates/api-server/api-server-ingress.yaml
index c0375395c2c..c0d01a5b4a9 100644
--- a/chart/templates/api-server/api-server-ingress.yaml
+++ b/chart/templates/api-server/api-server-ingress.yaml
@@ -76,7 +76,7 @@ spec:
pathType: {{ .pathType }}
backend:
service:
- name: {{ .serviceName }}
+ name: {{ $fullname }}-api-server
port:
name: {{ .servicePort }}
{{- end }}
@@ -94,7 +94,7 @@ spec:
pathType: {{ .pathType }}
backend:
service:
- name: {{ .serviceName }}
+ name: {{ $fullname }}-api-server
port:
name: {{ .servicePort }}
{{- end }}
diff --git a/chart/templates/limitrange.yaml b/chart/templates/limitrange.yaml
index 8b9f7165e34..98d0ae869cf 100644
--- a/chart/templates/limitrange.yaml
+++ b/chart/templates/limitrange.yaml
@@ -24,7 +24,7 @@
apiVersion: v1
kind: LimitRange
metadata:
- name: {{ .Release.Name }}-limit-range
+ name: {{ include "airflow.fullname" . }}-limit-range
labels:
tier: resources
component: limitrange
diff --git a/chart/templates/pgbouncer/pgbouncer-ingress.yaml
b/chart/templates/pgbouncer/pgbouncer-ingress.yaml
index 2398d3da399..d67d1556af7 100644
--- a/chart/templates/pgbouncer/pgbouncer-ingress.yaml
+++ b/chart/templates/pgbouncer/pgbouncer-ingress.yaml
@@ -21,10 +21,11 @@
## Airflow Pgbouncer Ingress
#################################
{{- if and .Values.pgbouncer.enabled .Values.ingress.pgbouncer.enabled }}
+{{- $fullname := (include "airflow.fullname" .) }}
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
- name: {{ include "airflow.fullname" . }}-pgbouncer-ingress
+ name: {{ $fullname }}-pgbouncer-ingress
labels:
tier: airflow
component: pgbouncer-ingress
@@ -66,7 +67,7 @@ spec:
paths:
- backend:
service:
- name: {{ $.Release.Name }}-pgbouncer
+ name: {{ $fullname }}-pgbouncer
port:
name: pgb-metrics
{{- if $.Values.ingress.pgbouncer.path }}
diff --git a/chart/templates/resourcequota.yaml
b/chart/templates/resourcequota.yaml
index 6a7071f4684..cd442feaee2 100644
--- a/chart/templates/resourcequota.yaml
+++ b/chart/templates/resourcequota.yaml
@@ -24,7 +24,7 @@
apiVersion: v1
kind: ResourceQuota
metadata:
- name: {{ .Release.Name }}-resource-quota
+ name: {{ include "airflow.fullname" . }}-resource-quota
labels:
tier: resources
component: resourcequota
diff --git a/chart/templates/secrets/fernetkey-secret.yaml
b/chart/templates/secrets/fernetkey-secret.yaml
index 0127fb097b0..0c1f2dc7123 100644
--- a/chart/templates/secrets/fernetkey-secret.yaml
+++ b/chart/templates/secrets/fernetkey-secret.yaml
@@ -26,7 +26,7 @@
apiVersion: v1
kind: Secret
metadata:
- name: {{ .Release.Name }}-fernet-key
+ name: {{ include "airflow.fullname" . }}-fernet-key
labels:
tier: airflow
release: {{ .Release.Name }}
diff --git a/chart/templates/secrets/git-ssh-key-secret.yaml
b/chart/templates/secrets/git-ssh-key-secret.yaml
index 6121b9b6fc4..db626fa9f7d 100644
--- a/chart/templates/secrets/git-ssh-key-secret.yaml
+++ b/chart/templates/secrets/git-ssh-key-secret.yaml
@@ -21,6 +21,7 @@
apiVersion: v1
kind: Secret
metadata:
+ name: {{ template "git_sync_ssh_key" . }}
labels:
tier: airflow
release: {{ .Release.Name }}
@@ -29,7 +30,6 @@ metadata:
{{- with .Values.labels }}
{{- toYaml . | nindent 4 }}
{{- end }}
- name: {{ template "git_sync_ssh_key" . }}
data:
gitSshKey: {{ .Values.dags.gitSync.sshKey | b64enc | quote }}
{{- end }}
diff --git a/chart/templates/secrets/jwt-secret.yaml
b/chart/templates/secrets/jwt-secret.yaml
index 314e40c4d40..d0448c58051 100644
--- a/chart/templates/secrets/jwt-secret.yaml
+++ b/chart/templates/secrets/jwt-secret.yaml
@@ -22,7 +22,6 @@
############################################
{{- if semverCompare ">=3.0.0" .Values.airflowVersion }}
{{- if not .Values.jwtSecretName }}
-{{ $generated_secret_key := (randAlphaNum 32 | b64enc) }}
apiVersion: v1
kind: Secret
metadata:
@@ -42,6 +41,6 @@ metadata:
{{- end }}
type: Opaque
data:
- jwt-secret: {{ (default $generated_secret_key .Values.jwtSecret) | b64enc |
quote }}
+ jwt-secret: {{ (.Values.jwtSecret) | default (randAlphaNum 32) | b64enc |
quote }}
{{- end }}
{{- end }}
diff --git a/chart/templates/secrets/redis-secrets.yaml
b/chart/templates/secrets/redis-secrets.yaml
index c6fef22a8b3..793b5e2e20a 100644
--- a/chart/templates/secrets/redis-secrets.yaml
+++ b/chart/templates/secrets/redis-secrets.yaml
@@ -33,7 +33,7 @@
apiVersion: v1
kind: Secret
metadata:
- name: {{ .Release.Name }}-redis-password
+ name: {{ include "airflow.fullname" . }}-redis-password
labels:
tier: airflow
component: redis
@@ -62,7 +62,7 @@ data:
apiVersion: v1
kind: Secret
metadata:
- name: {{ .Release.Name }}-broker-url
+ name: {{ include "airflow.fullname" . }}-broker-url
labels:
tier: airflow
component: redis
diff --git a/chart/templates/secrets/webserver-secret-key-secret.yaml
b/chart/templates/secrets/webserver-secret-key-secret.yaml
index e7803c4d840..79b0d989cd1 100644
--- a/chart/templates/secrets/webserver-secret-key-secret.yaml
+++ b/chart/templates/secrets/webserver-secret-key-secret.yaml
@@ -20,7 +20,7 @@
############################################
## Airflow Webserver Flask Secret Key Secret
############################################
-{{- if and (semverCompare "<3.0.0" .Values.airflowVersion)
.Values.webserver.enabled (not .Values.webserverSecretKeySecretName) }}
+{{- if and (semverCompare "<3.0.0" .Values.airflowVersion) (not
.Values.webserverSecretKeySecretName) }}
apiVersion: v1
kind: Secret
metadata:
diff --git a/chart/templates/statsd/statsd-ingress.yaml
b/chart/templates/statsd/statsd-ingress.yaml
index 846cfcd54a2..c01792643c4 100644
--- a/chart/templates/statsd/statsd-ingress.yaml
+++ b/chart/templates/statsd/statsd-ingress.yaml
@@ -21,10 +21,11 @@
## Airflow Statsd Ingress
#################################
{{- if and .Values.statsd.enabled .Values.ingress.statsd.enabled }}
+{{- $fullname := (include "airflow.fullname" .) }}
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
- name: {{ include "airflow.fullname" . }}-statsd-ingress
+ name: {{ $fullname }}-statsd-ingress
labels:
tier: airflow
component: statsd-ingress
@@ -66,7 +67,7 @@ spec:
paths:
- backend:
service:
- name: {{ $.Release.Name }}-statsd
+ name: {{ $fullname }}-statsd
port:
name: statsd-scrape
{{- if $.Values.ingress.statsd.path }}
diff --git a/chart/templates/triggerer/triggerer-deployment.yaml
b/chart/templates/triggerer/triggerer-deployment.yaml
index 56a353a942c..de6d2403121 100644
--- a/chart/templates/triggerer/triggerer-deployment.yaml
+++ b/chart/templates/triggerer/triggerer-deployment.yaml
@@ -54,7 +54,7 @@ metadata:
{{- end }}
spec:
{{- if $persistence }}
- serviceName: {{ .Release.Name }}-triggerer
+ serviceName: {{ include "airflow.fullname" . }}-triggerer
{{- end }}
{{- if not $keda }}
replicas: {{ .Values.triggerer.replicas }}
diff --git a/chart/templates/triggerer/triggerer-kedaautoscaler.yaml
b/chart/templates/triggerer/triggerer-kedaautoscaler.yaml
index 4eda2858f02..aa84b975fec 100644
--- a/chart/templates/triggerer/triggerer-kedaautoscaler.yaml
+++ b/chart/templates/triggerer/triggerer-kedaautoscaler.yaml
@@ -25,7 +25,7 @@
apiVersion: keda.sh/v1alpha1
kind: ScaledObject
metadata:
- name: {{ .Release.Name }}-triggerer
+ name: {{ include "airflow.fullname" . }}-triggerer
labels:
tier: airflow
component: triggerer-horizontalpodautoscaler
@@ -39,7 +39,7 @@ metadata:
spec:
scaleTargetRef:
kind: {{ ternary "StatefulSet" "Deployment"
.Values.triggerer.persistence.enabled }}
- name: {{ .Release.Name }}-triggerer
+ name: {{ include "airflow.fullname" . }}-triggerer
envSourceContainerName: triggerer
pollingInterval: {{ .Values.triggerer.keda.pollingInterval }}
cooldownPeriod: {{ .Values.triggerer.keda.cooldownPeriod }}
diff --git a/helm-tests/tests/helm_tests/airflow_aux/test_basic_helm_chart.py
b/helm-tests/tests/helm_tests/airflow_aux/test_basic_helm_chart.py
index 66251377e6a..27e224c1623 100644
--- a/helm-tests/tests/helm_tests/airflow_aux/test_basic_helm_chart.py
+++ b/helm-tests/tests/helm_tests/airflow_aux/test_basic_helm_chart.py
@@ -36,9 +36,9 @@ OBJECTS_STD_NAMING = {
("ServiceAccount", "test-basic-airflow-triggerer"),
("ServiceAccount", "test-basic-airflow-worker"),
("Secret", "test-basic-airflow-metadata"),
- ("Secret", "test-basic-broker-url"),
- ("Secret", "test-basic-fernet-key"),
- ("Secret", "test-basic-redis-password"),
+ ("Secret", "test-basic-airflow-broker-url"),
+ ("Secret", "test-basic-airflow-fernet-key"),
+ ("Secret", "test-basic-airflow-redis-password"),
("Secret", "test-basic-postgresql"),
("ConfigMap", "test-basic-airflow-config"),
("ConfigMap", "test-basic-airflow-statsd"),
@@ -71,7 +71,7 @@ DEFAULT_OBJECTS_STD_NAMING = OBJECTS_STD_NAMING.union(
("ServiceAccount", "test-basic-airflow-api-server"),
("ServiceAccount", "test-basic-airflow-dag-processor"),
("Secret", "test-basic-airflow-api-secret-key"),
- ("Secret", "test-basic-jwt-secret"),
+ ("Secret", "test-basic-airflow-jwt-secret"),
}
)
