Merge branch 'master' into prevent_perist

.github/workflows/unit.yaml

@@ -35,7 +35,7 @@ jobs:
         # We should periodically check to see if another fork has taken over maintenance,
         # as the de-facto "best" fork has changed several times over the years.
         run: |
-          helm plugin install https://github.com/quintush/helm-unittest
+          helm plugin install https://github.com/quintush/helm-unittest --version v0.2.11
 
       - name: Install chart dependencies
         run: |

CHANGELOG.md

@@ -8,6 +8,8 @@
 * Add `st2canary` job as a Helm Hook that runs before install/upgrade to ensure `st2.packs.volumes` is configured correctly (if `st2.packs.volumes.enabled`). (#323) (by @cognifloyd)
 * Enable using existing `st2-auth` secret. This allows users to manage this secret outside of the Helm process. (#359) (by @bmarick)
 * Prevent duplicate init containers on helm upgrade (#375) (by @guzzijones12)
+* Fix st2 client config issue affecting addon jobs using jobs.extra_hooks (#370) (by @cars)
+
 
 ## v0.110.0
 * Switch st2 to `v3.8` as a new default stable version (#347)

README.md

@@ -250,10 +250,10 @@ For example, to use persistentVolumeClaims:
     enabled: true
     packs:
       persistentVolumeClaim:
-        claim-name: pvc-st2-packs
+        claimName: pvc-st2-packs
     virtualenvs:
       persistentVolumeClaim:
-        claim-name: pvc-st2-virtualenvs
+        claimName: pvc-st2-virtualenvs
 ```
 
 Or, for example, to use NFS:
@@ -286,7 +286,7 @@ For example, to use persistentVolumeClaims:
     ... # define packs and virtualenvs volumes as shown above
     configs:
       persistentVolumeClaim:
-        claim-name: pvc-st2-pack-configs
+        claimName: pvc-st2-pack-configs
 ```
 
 Or, for example, to use NFS:

templates/_helpers.tpl

@@ -78,6 +78,14 @@ Create the name of the stackstorm-ha st2 auth secret to use
 {{- default $name .Values.st2.existingAuthSecret -}}
 {{- end -}}
 
+{{/*
+Create the name of the stackstorm-ha st2 datastore secret to use
+*/}}
+{{- define "stackstorm-ha.secrets.st2Datastore" -}}
+{{- $name := print .Release.Name "-st2-datastore-crypto-key" -}}
+{{- default $name .Values.st2.existingDatastoreSecret -}}
+{{- end -}}
+
 
 {{/*
 Generate '-' prefix only when the variable is defined

templates/deployments.yaml

@@ -233,7 +233,7 @@ spec:
         {{- if ne "disable" (default "" .Values.st2.datastore_crypto_key) }}
         - name: st2-encryption-key-vol
           secret:
-            secretName: {{ .Release.Name }}-st2-datastore-crypto-key
+            secretName: {{ include "stackstorm-ha.secrets.st2Datastore" . }}
             items:
             - key: datastore_crypto_key
               path: datastore_key.json
@@ -588,7 +588,7 @@ spec:
         {{- if ne "disable" (default "" .Values.st2.datastore_crypto_key) }}
         - name: st2-encryption-key-vol
           secret:
-            secretName: {{ .Release.Name }}-st2-datastore-crypto-key
+            secretName: {{ include "stackstorm-ha.secrets.st2Datastore" . }}
             items:
             - key: datastore_crypto_key
               path: datastore_key.json
@@ -809,7 +809,7 @@ spec:
         {{- if ne "disable" (default "" .Values.st2.datastore_crypto_key) }}
         - name: st2-encryption-key-vol
           secret:
-            secretName: {{ .Release.Name }}-st2-datastore-crypto-key
+            secretName: {{ include "stackstorm-ha.secrets.st2Datastore" . }}
             items:
             - key: datastore_crypto_key
               path: datastore_key.json
@@ -924,7 +924,7 @@ spec:
         {{- if ne "disable" (default "" .Values.st2.datastore_crypto_key) }}
         - name: st2-encryption-key-vol
           secret:
-            secretName: {{ .Release.Name }}-st2-datastore-crypto-key
+            secretName: {{ include "stackstorm-ha.secrets.st2Datastore" . }}
             items:
             - key: datastore_crypto_key
               path: datastore_key.json
@@ -1230,7 +1230,7 @@ spec:
         {{- if ne "disable" (default "" $.Values.st2.datastore_crypto_key) }}
         - name: st2-encryption-key-vol
           secret:
-            secretName: {{ $.Release.Name }}-st2-datastore-crypto-key
+            secretName: {{ include "stackstorm-ha.secrets.st2Datastore" $ }}
             items:
             - key: datastore_crypto_key
               path: datastore_key.json
@@ -1379,7 +1379,7 @@ spec:
         {{- if ne "disable" (default "" .Values.st2.datastore_crypto_key) }}
         - name: st2-encryption-key-vol
           secret:
-            secretName: {{ .Release.Name }}-st2-datastore-crypto-key
+            secretName: {{ include "stackstorm-ha.secrets.st2Datastore" . }}
             items:
             - key: datastore_crypto_key
               path: datastore_key.json
@@ -1658,7 +1658,7 @@ spec:
         {{- if ne "disable" (default "" .Values.st2.datastore_crypto_key) }}
         - name: st2-encryption-key-vol
           secret:
-            secretName: {{ .Release.Name }}-st2-datastore-crypto-key
+            secretName: {{ include "stackstorm-ha.secrets.st2Datastore" . }}
             items:
             - key: datastore_crypto_key
               path: datastore_key.json

templates/jobs.yaml

@@ -661,7 +661,6 @@ spec:
           - '-ec'
           - |
             cat <<EOT > /root/.st2/config
-            [credentials]
             {{- tpl $.Values.jobs.st2clientConfig $ | nindent 12 }}
             EOT
       containers:

values.yaml

@@ -64,6 +64,8 @@ st2:
   #password: Ch@ngeMe
   # Name of existing ST2 Auth secret, disables creation of this secret
   # existingAuthSecret: ""
+  # Name of existing ST2 datastore secret, disables creation of this secret
+  # existingDatastoreSecret: ""
 
   # ST2 crypto key for the  K/V datastore.
   # See https://docs.stackstorm.com/datastore.html#securing-secrets-admin-only for more info.
@@ -172,7 +174,7 @@ st2:
 
         # example using persistentVolumeClaim:
         #persistentVolumeClaim:
-        #  claim-name: pvc-st2-packs
+        #  claimName: pvc-st2-packs
 
         # example using NFS:
         #nfs: