Skip to content

Commit 7135fc4

Browse files
bernielomaxbernielomax
authored
fix: secure cookie setting (#171)
1 parent 2fb23a4 commit 7135fc4

File tree

2 files changed

+224
-1
lines changed

2 files changed

+224
-1
lines changed

internal/helm/airbyte_values.go

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -77,7 +77,8 @@ func BuildAirbyteValues(ctx context.Context, opts ValuesOpts) (string, error) {
7777
}
7878

7979
if opts.InsecureCookies {
80-
vals = append(vals, "global.auth.cookieSecureSetting=false")
80+
// Boolean is a string value in the v1 Helm chart.
81+
vals = append(vals, `global.auth.cookieSecureSetting="false"`)
8182
}
8283

8384
fileVals, err := maps.FromYAMLFile(opts.ValuesFile)

internal/helm/airbyte_values_test.go

Lines changed: 222 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,222 @@
1+
package helm
2+
3+
import (
4+
"context"
5+
"path/filepath"
6+
"testing"
7+
8+
"github.com/stretchr/testify/require"
9+
"gopkg.in/yaml.v3"
10+
)
11+
12+
func TestBuildAirbyteValues(t *testing.T) {
13+
testdataDir := filepath.Join("..", "cmd", "local", "testdata")
14+
cases := []struct {
15+
name string
16+
opts ValuesOpts
17+
want string
18+
wantErr bool
19+
}{
20+
{
21+
name: "default options",
22+
opts: ValuesOpts{TelemetryUser: "test-user"},
23+
want: `airbyte-bootloader:
24+
env_vars:
25+
PLATFORM_LOG_FORMAT: json
26+
global:
27+
auth:
28+
enabled: true
29+
env_vars:
30+
AIRBYTE_INSTALLATION_ID: test-user
31+
jobs:
32+
resources:
33+
limits:
34+
cpu: "3"
35+
memory: 4Gi
36+
`,
37+
},
38+
{
39+
name: "local storage enabled",
40+
opts: ValuesOpts{TelemetryUser: "test-user", LocalStorage: true},
41+
want: `airbyte-bootloader:
42+
env_vars:
43+
PLATFORM_LOG_FORMAT: json
44+
global:
45+
auth:
46+
enabled: true
47+
env_vars:
48+
AIRBYTE_INSTALLATION_ID: test-user
49+
jobs:
50+
resources:
51+
limits:
52+
cpu: "3"
53+
memory: 4Gi
54+
storage:
55+
type: local
56+
`,
57+
},
58+
{
59+
name: "psql 1.7 enabled",
60+
opts: ValuesOpts{TelemetryUser: "test-user", EnablePsql17: true},
61+
want: `airbyte-bootloader:
62+
env_vars:
63+
PLATFORM_LOG_FORMAT: json
64+
global:
65+
auth:
66+
enabled: true
67+
env_vars:
68+
AIRBYTE_INSTALLATION_ID: test-user
69+
jobs:
70+
resources:
71+
limits:
72+
cpu: "3"
73+
memory: 4Gi
74+
postgresql:
75+
image:
76+
tag: 1.7.0-17
77+
`,
78+
},
79+
{
80+
name: "custom values file merges and overrides",
81+
opts: ValuesOpts{
82+
TelemetryUser: "test-user",
83+
ValuesFile: filepath.Join(testdataDir, "expected-default.values.yaml"),
84+
},
85+
want: `airbyte-bootloader:
86+
env_vars:
87+
PLATFORM_LOG_FORMAT: json
88+
global:
89+
auth:
90+
enabled: true
91+
env_vars:
92+
AIRBYTE_INSTALLATION_ID: test-user
93+
jobs:
94+
resources:
95+
limits:
96+
cpu: "3"
97+
memory: 4Gi
98+
storage:
99+
type: local
100+
postgresql:
101+
image:
102+
tag: 1.7.0-17
103+
`,
104+
},
105+
{
106+
name: "invalid values file returns error",
107+
opts: ValuesOpts{
108+
TelemetryUser: "test-user",
109+
ValuesFile: filepath.Join(testdataDir, "invalid.values.yaml"),
110+
},
111+
wantErr: true,
112+
},
113+
{
114+
name: "auth disabled",
115+
opts: ValuesOpts{TelemetryUser: "test-user", DisableAuth: true},
116+
want: `airbyte-bootloader:
117+
env_vars:
118+
PLATFORM_LOG_FORMAT: json
119+
global:
120+
env_vars:
121+
AIRBYTE_INSTALLATION_ID: test-user
122+
jobs:
123+
resources:
124+
limits:
125+
cpu: "3"
126+
memory: 4Gi
127+
`,
128+
},
129+
{
130+
name: "low resource mode",
131+
opts: ValuesOpts{TelemetryUser: "test-user", LowResourceMode: true},
132+
want: `airbyte-bootloader:
133+
env_vars:
134+
PLATFORM_LOG_FORMAT: json
135+
connector-builder-server:
136+
enabled: false
137+
global:
138+
auth:
139+
enabled: true
140+
env_vars:
141+
AIRBYTE_INSTALLATION_ID: test-user
142+
jobs:
143+
resources:
144+
limits:
145+
cpu: "3"
146+
memory: 4Gi
147+
requests:
148+
cpu: "0"
149+
memory: "0"
150+
server:
151+
env_vars:
152+
JOB_RESOURCE_VARIANT_OVERRIDE: lowresource
153+
workload-launcher:
154+
env_vars:
155+
CHECK_JOB_MAIN_CONTAINER_CPU_REQUEST: "0"
156+
CHECK_JOB_MAIN_CONTAINER_MEMORY_REQUEST: "0"
157+
DISCOVER_JOB_MAIN_CONTAINER_CPU_REQUEST: "0"
158+
DISCOVER_JOB_MAIN_CONTAINER_MEMORY_REQUEST: "0"
159+
SIDECAR_MAIN_CONTAINER_CPU_REQUEST: "0"
160+
SIDECAR_MAIN_CONTAINER_MEMORY_REQUEST: "0"
161+
SPEC_JOB_MAIN_CONTAINER_CPU_REQUEST: "0"
162+
SPEC_JOB_MAIN_CONTAINER_MEMORY_REQUEST: "0"
163+
`,
164+
},
165+
{
166+
name: "insecure cookies disabled",
167+
opts: ValuesOpts{TelemetryUser: "test-user", InsecureCookies: true},
168+
want: `airbyte-bootloader:
169+
env_vars:
170+
PLATFORM_LOG_FORMAT: json
171+
global:
172+
auth:
173+
cookieSecureSetting: '"false"'
174+
enabled: true
175+
env_vars:
176+
AIRBYTE_INSTALLATION_ID: test-user
177+
jobs:
178+
resources:
179+
limits:
180+
cpu: "3"
181+
memory: 4Gi
182+
`,
183+
},
184+
{
185+
name: "image pull secret set",
186+
opts: ValuesOpts{TelemetryUser: "test-user", ImagePullSecret: "mysecret"},
187+
want: `airbyte-bootloader:
188+
env_vars:
189+
PLATFORM_LOG_FORMAT: json
190+
global:
191+
auth:
192+
enabled: true
193+
env_vars:
194+
AIRBYTE_INSTALLATION_ID: test-user
195+
imagePullSecrets[0]:
196+
name: mysecret
197+
jobs:
198+
resources:
199+
limits:
200+
cpu: "3"
201+
memory: 4Gi
202+
`,
203+
},
204+
}
205+
206+
for _, tc := range cases {
207+
t.Run(tc.name, func(t *testing.T) {
208+
ctx := context.Background()
209+
got, err := BuildAirbyteValues(ctx, tc.opts)
210+
if tc.wantErr {
211+
require.Error(t, err)
212+
return
213+
}
214+
require.NoError(t, err)
215+
216+
var wantMap, gotMap map[string]any
217+
require.NoError(t, yaml.Unmarshal([]byte(tc.want), &wantMap), "unmarshal want yaml")
218+
require.NoError(t, yaml.Unmarshal([]byte(got), &gotMap), "unmarshal got yaml")
219+
require.Equal(t, wantMap, gotMap)
220+
})
221+
}
222+
}

0 commit comments

Comments
 (0)