HPCC-32273 Ensure all secret categories are present in the values schema

Signed-off-by: Gavin Halliday <[email protected]>
hpcc-systems · Jul 24, 2024 · 39e33a1 · 39e33a1
1 parent 466476f
commit 39e33a1
Show file tree

Hide file tree

Showing 2 changed files with 22 additions and 16 deletions.
diff --git a/helm/hpcc/templates/issuers.yaml b/helm/hpcc/templates/issuers.yaml
@@ -136,7 +136,7 @@ spec:
    {{- range $k, $v := .Values.certificates.issuers }}
 {{- include "hpcc.addIssuer" (dict "root" $ "issuerKeyName" $k "me" $v ) }}
    {{- end }}
-   {{- $categories := list "system" "storage" "esp" "codeSign" "codeVerify" "authn" "eclUser" "ecl" "git" "jfrog" -}}
+   {{- $categories := list "authn" "codeSign" "codeVerify" "ecl" "eclUser" "esp" "git" "jfrog" "storage" "system" -}}
    {{- range $category := $categories }}
     {{ include "hpcc.addVaultClientCertificate" (dict "root" $ "category" $category) }}
    {{- end }}

diff --git a/helm/hpcc/values.schema.json b/helm/hpcc/values.schema.json
@@ -69,10 +69,13 @@
         "timeout": {
           "type": "integer"
         },
-        "storage": {
+        "authn": {
           "$ref": "#/definitions/secrets"
         },
-        "authn": {
+        "codeSign": {
+          "$ref": "#/definitions/secrets"
+        },
+        "codeVerify": {
           "$ref": "#/definitions/secrets"
         },
         "ecl": {
@@ -81,20 +84,19 @@
         "eclUser": {
           "$ref": "#/definitions/secrets"
         },
-        "codeSign": {
+        "esp": {
           "$ref": "#/definitions/secrets"
         },
-        "codeVerify": {
+        "git": {
           "$ref": "#/definitions/secrets"
         },
-        "git": {
+        "jfrog": {
           "$ref": "#/definitions/secrets"
         },
-        "system": {
+        "storage": {
           "$ref": "#/definitions/secrets"
-        }
-        ,
-        "esp": {
+        },
+        "system": {
           "$ref": "#/definitions/secrets"
         }
       },
@@ -107,13 +109,13 @@
         "timeout": {
           "type": "integer"
         },
-        "storage": {
+        "authn": {
           "$ref": "#/definitions/vaultCategory"
         },
-        "authn": {
+        "codeSign": {
           "$ref": "#/definitions/vaultCategory"
         },
-        "esp": {
+        "codeVerify": {
           "$ref": "#/definitions/vaultCategory"
         },
         "ecl": {
@@ -122,16 +124,20 @@
         "eclUser": {
           "$ref": "#/definitions/vaultCategory"
         },
-        "codeSign": {
+        "esp": {
           "$ref": "#/definitions/vaultCategory"
         },
-        "codeVerify": {
+        "git": {
           "$ref": "#/definitions/vaultCategory"
         },
-        "git": {
+        "jfrog": {
+          "$ref": "#/definitions/vaultCategory"
+        },
+        "storage": {
           "$ref": "#/definitions/vaultCategory"
         }
       },
+      "$comment": "The system secrets are used for vault configuration so cannot themselves be defined in a vault",
       "additionalProperties": false
     },
     "bundles": {