Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

.Values.extraConfiguration badly indented #37

Closed
Guss4241 opened this issue Mar 15, 2022 · 2 comments
Closed

.Values.extraConfiguration badly indented #37

Guss4241 opened this issue Mar 15, 2022 · 2 comments

Comments

@Guss4241
Copy link

Guss4241 commented Mar 15, 2022
edited
Loading

hi,

started to use your chart some week ago, anf I just comme to an issue, i'm configuring a SSO to athenticate to awx, and to achieve it I must edit the settings.py set by your config map, I have used the values varailble to do it (.Values.extraConfiguration)

as it' only a 2 indent instead of 4 indent, the template for the config map is not good.

with value:

extraConfiguration: |-
    SOCIAL_AUTH_SAML_SP_ENTITY_ID = 'https://awx-pprod.dns.ext'

it generate it:

# Source: helm-awx/charts/awx/templates/settings-configmap.yaml
apiVersion: v1
kind: ConfigMap
metadata:
  name: awx-pprod-settings
  labels:
    app.kubernetes.io/name: awx
    helm.sh/chart: awx-3.4.2
    app.kubernetes.io/instance: awx-pprod
    app.kubernetes.io/managed-by: Helm
data:
  redis.conf: |
    bind 127.0.0.1
    port 0
    unixsocket /var/run/redis/redis.sock
    unixsocketperm 777
  nginx.conf: |
    worker_processes  1;

    pid        /tmp/nginx.pid;

    events {
        worker_connections  1024;
    }

    http {
        include       /etc/nginx/mime.types;
        default_type  application/octet-stream;
        server_tokens off;

        log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                          '$status $body_bytes_sent "$http_referer" '
                          '"$http_user_agent" "$http_x_forwarded_for"';

        access_log /dev/stdout main;

        map $http_upgrade $connection_upgrade {
            default upgrade;
            ''      close;
        }

        sendfile        on;

        upstream uwsgi {
            server 127.0.0.1:8050;
        }

        upstream daphne {
            server 127.0.0.1:8051;
        }

        server {
            listen 8052 default_server;

            server_name _;
            keepalive_timeout 65;

            add_header Strict-Transport-Security max-age=15768000;
            add_header Content-Security-Policy "default-src 'self'; connect-src 'self' ws: wss:; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.pendo.io; img-src 'self' *.pendo.io data:; report-uri /csp-violation/";
            add_header X-Content-Security-Policy "default-src 'self'; connect-src 'self' ws: wss:; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.pendo.io; img-src 'self' *.pendo.io data:; report-uri /csp-violation/";
            add_header X-Frame-Options "DENY";

            location /nginx_status {
                stub_status on;
                access_log off;
                allow 127.0.0.1;
                deny all;
            }

            location /static/ {
                alias /var/lib/awx/public/static/;
            }

            location /favicon.ico { alias /var/lib/awx/public/static/favicon.ico; }

            location /websocket {
                proxy_pass http://daphne;
                proxy_http_version 1.1;
                proxy_buffering off;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_set_header X-Forwarded-Proto https;
                proxy_set_header Host $http_host;
                proxy_redirect off;
                proxy_set_header Upgrade $http_upgrade;
                proxy_set_header Connection $connection_upgrade;
            }

            location / {
                rewrite ^(.*)$http_host(.*[^/])$ $1$http_host$2/ permanent;
                uwsgi_read_timeout 120s;
                uwsgi_pass uwsgi;
                include /etc/nginx/uwsgi_params;
                proxy_set_header X-Forwarded-Port 443;
                uwsgi_param HTTP_X_FORWARDED_PORT 443;
                add_header Cache-Control "no-cache, no-store, must-revalidate";
                add_header Expires "0";
                add_header Pragma "no-cache";
            }
        }
    }
  settings.py: |
    import os
    import socket
    ADMINS = ()

    AWX_PROOT_ENABLED = False

    IS_K8S = True

    # Automatically deprovision pods that go offline
    AWX_AUTO_DEPROVISION_INSTANCES = True

    # SYSTEM_TASK_ABS_CPU =
    # SYSTEM_TASK_ABS_MEM =

    # Autoprovisioning should replace this
    CLUSTER_HOST_ID = socket.gethostname()
    SYSTEM_UUID = os.environ.get('MY_POD_UID', '00000000-0000-0000-0000-000000000000')

    SESSION_COOKIE_SECURE = False
    CSRF_COOKIE_SECURE = False

    REMOTE_HOST_HEADERS = ['HTTP_X_FORWARDED_FOR']

    def get_secret():
        if os.environ.get('SECRET_KEY'):
            return os.environ['SECRET_KEY']
        else:
            return open('/etc/tower/SECRET_KEY', 'rb').read().strip()

    STATIC_ROOT = '/var/lib/awx/public/static'
    PROJECTS_ROOT = '/var/lib/awx/projects'
    JOBOUTPUT_ROOT = '/var/lib/awx/job_status'
    SECRET_KEY = get_secret()
    ALLOWED_HOSTS = ['*']
    INTERNAL_API_URL = 'http://127.0.0.1:8052'
    SERVER_EMAIL = 'root@localhost'
    DEFAULT_FROM_EMAIL = 'webmaster@localhost'
    EMAIL_SUBJECT_PREFIX = '[AWX] '
    EMAIL_HOST = 'localhost'
    EMAIL_PORT = 25
    EMAIL_HOST_USER = ''
    EMAIL_HOST_PASSWORD = ''
    EMAIL_USE_TLS = False

    LOGGING['handlers']['console'] = {
        '()': 'logging.StreamHandler',
        'level': 'DEBUG',
        'formatter': 'simple'
    }

    LOGGING['loggers']['django.request']['handlers'] = ['console']
    LOGGING['loggers']['rest_framework.request']['handlers'] = ['console']
    LOGGING['loggers']['awx']['handlers'] = ['console', 'external_logger']
    LOGGING['loggers']['awx.main.commands.run_callback_receiver']['handlers'] = ['console']
    LOGGING['loggers']['awx.main.tasks']['handlers'] = ['console', 'external_logger']
    LOGGING['loggers']['awx.main.scheduler']['handlers'] = ['console', 'external_logger']
    LOGGING['loggers']['django_auth_ldap']['handlers'] = ['console']
    LOGGING['loggers']['social']['handlers'] = ['console']
    LOGGING['loggers']['system_tracking_migrations']['handlers'] = ['console']
    LOGGING['loggers']['rbac_migrations']['handlers'] = ['console']
    LOGGING['handlers']['callback_receiver'] = {'class': 'logging.NullHandler'}
    LOGGING['handlers']['task_system'] = {'class': 'logging.NullHandler'}
    LOGGING['handlers']['tower_warnings'] = {'class': 'logging.NullHandler'}
    LOGGING['handlers']['rbac_migrations'] = {'class': 'logging.NullHandler'}
    LOGGING['handlers']['system_tracking_migrations'] = {'class': 'logging.NullHandler'}
    LOGGING['handlers']['management_playbooks'] = {'class': 'logging.NullHandler'}

    DJANGO_REDIS_IGNORE_EXCEPTIONS = True

    USE_X_FORWARDED_PORT = True

    BROADCAST_WEBSOCKET_PORT = 8052
    BROADCAST_WEBSOCKET_PROTOCOL = 'http'

    AWX_ANSIBLE_COLLECTIONS_PATHS = '/var/lib/awx/vendor/awx_ansible_collections'


  SOCIAL_AUTH_SAML_SP_ENTITY_ID = 'https://awx-pprod.dns.ext'

may be i'm wrong with the use of this Value variable.
@jbielick
Copy link
Member

Thank you for the details. I've fixed this indentation issue in v3.4.3 which is publishing right now.

@Guss4241
Copy link
Author

thanks a lot for this really fast reaction

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@jbielick @Guss4241