diff --git a/CHANGELOG.md b/CHANGELOG.md index 70cb3c4..18a8758 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -9,6 +9,10 @@ and this project adheres to [Semantic Versioning](https://semver.org/). ### Fixed +- **netbird**: Bump Initium from 2.0.0 to 2.1.0 to fix a regression in + database creation on blank PostgreSQL/MySQL instances. +- **e2e**: PostgreSQL and MySQL e2e tests no longer pre-create the `netbird` + database, so Initium's `create_if_missing` path is properly exercised. - **netbird**: Fix seed spec connection strings failing when the database password contains URL-special characters (`@`, `%`, `:`, etc.). Seed specs now use Initium v2's structured connection config instead of diff --git a/charts/netbird/Chart.yaml b/charts/netbird/Chart.yaml index 31bef78..1abf0cd 100644 --- a/charts/netbird/Chart.yaml +++ b/charts/netbird/Chart.yaml @@ -30,7 +30,5 @@ annotations: - name: Initium url: https://github.com/KitStream/initium artifacthub.io/changes: | - - kind: changed - description: Bump appVersion from 0.66.3 to 0.66.4 - kind: fixed - description: Use structured connection config for seed specs + description: Bump initium from 2.0.0 to 2.1.0 to fix regression diff --git a/charts/netbird/ci/e2e-values-mysql.yaml b/charts/netbird/ci/e2e-values-mysql.yaml index 07689fc..4905ce5 100644 --- a/charts/netbird/ci/e2e-values-mysql.yaml +++ b/charts/netbird/ci/e2e-values-mysql.yaml @@ -2,12 +2,15 @@ # # The e2e script deploys mysql via a simple Deployment + Service # and creates the password secret before chart install. +# The MySQL instance starts WITHOUT a "netbird" database so that +# Initium's create_if_missing path is exercised. We connect as +# root since MYSQL_USER is not created without MYSQL_DATABASE. database: type: mysql host: "mysql.netbird-e2e.svc.cluster.local" port: 3306 - user: netbird + user: root name: netbird passwordSecret: secretName: netbird-db-password diff --git a/charts/netbird/ci/e2e-values-postgres.yaml b/charts/netbird/ci/e2e-values-postgres.yaml index ea66559..fec386c 100644 --- a/charts/netbird/ci/e2e-values-postgres.yaml +++ b/charts/netbird/ci/e2e-values-postgres.yaml @@ -2,6 +2,8 @@ # # The e2e script deploys postgres via a simple Deployment + Service # and creates the password secret before chart install. +# The PostgreSQL instance starts WITHOUT a "netbird" database so +# that Initium's create_if_missing path is exercised. database: type: postgresql diff --git a/charts/netbird/tests/pat-seed-job_test.yaml b/charts/netbird/tests/pat-seed-job_test.yaml index baf44b6..0374c26 100644 --- a/charts/netbird/tests/pat-seed-job_test.yaml +++ b/charts/netbird/tests/pat-seed-job_test.yaml @@ -119,7 +119,7 @@ tests: value: wait-server - equal: path: spec.template.spec.initContainers[0].image - value: "ghcr.io/kitstream/initium:2.0.0" + value: "ghcr.io/kitstream/initium:2.1.0" - contains: path: spec.template.spec.initContainers[0].args content: "tcp://RELEASE-NAME-netbird-server:80" @@ -158,7 +158,7 @@ tests: value: db-seed - equal: path: spec.template.spec.initContainers[1].image - value: "ghcr.io/kitstream/initium:2.0.0" + value: "ghcr.io/kitstream/initium:2.1.0" - it: should inject PAT_TOKEN into db-seed init container set: diff --git a/charts/netbird/tests/server-deployment_test.yaml b/charts/netbird/tests/server-deployment_test.yaml index 466500c..bfa87c0 100644 --- a/charts/netbird/tests/server-deployment_test.yaml +++ b/charts/netbird/tests/server-deployment_test.yaml @@ -144,7 +144,7 @@ tests: value: config-init - equal: path: spec.template.spec.initContainers[0].image - value: "ghcr.io/kitstream/initium:2.0.0" + value: "ghcr.io/kitstream/initium:2.1.0" - it: should have only config-init for sqlite without pat asserts: @@ -386,7 +386,7 @@ tests: asserts: - equal: path: spec.template.spec.initContainers[1].image - value: "ghcr.io/kitstream/initium:2.0.0" + value: "ghcr.io/kitstream/initium:2.1.0" - it: should run seed command with --sidecar flag in pat-seed sidecar set: diff --git a/charts/netbird/values.yaml b/charts/netbird/values.yaml index 8ebb293..12e96fd 100644 --- a/charts/netbird/values.yaml +++ b/charts/netbird/values.yaml @@ -280,7 +280,7 @@ server: # -- Init container image repository. repository: ghcr.io/kitstream/initium # -- Init container image tag. - tag: "2.0.0" + tag: "2.1.0" # -- Component-level image pull secrets. imagePullSecrets: [] diff --git a/ci/scripts/e2e.sh b/ci/scripts/e2e.sh index c135cc8..60b1e73 100755 --- a/ci/scripts/e2e.sh +++ b/ci/scripts/e2e.sh @@ -36,6 +36,9 @@ kubectl create namespace "$NAMESPACE" --dry-run=client -o yaml | kubectl apply - # ── Deploy database (if needed) ─────────────────────────────────────── deploy_postgres() { log "Deploying PostgreSQL..." + # NOTE: POSTGRES_DB is intentionally omitted so the "netbird" database does + # NOT exist on startup. Initium's create_if_missing must create it — this + # is the production-like path we want to exercise in e2e tests. kubectl -n "$NAMESPACE" apply -f - <<'EOF' apiVersion: v1 kind: Secret @@ -43,7 +46,6 @@ metadata: name: postgres-credentials type: Opaque stringData: - POSTGRES_DB: netbird POSTGRES_USER: netbird POSTGRES_PASSWORD: "test%40pass" --- @@ -97,6 +99,10 @@ EOF deploy_mysql() { log "Deploying MySQL..." + # NOTE: MYSQL_DATABASE is intentionally omitted so the "netbird" database + # does NOT exist on startup. Initium's create_if_missing must create it. + # Without MYSQL_DATABASE the image won't create MYSQL_USER either, so the + # chart connects as root (see e2e-values-mysql.yaml). kubectl -n "$NAMESPACE" apply -f - <<'EOF' apiVersion: v1 kind: Secret @@ -104,9 +110,6 @@ metadata: name: mysql-credentials type: Opaque stringData: - MYSQL_DATABASE: netbird - MYSQL_USER: netbird - MYSQL_PASSWORD: "test%40pass" MYSQL_ROOT_PASSWORD: rootpassword --- apiVersion: v1 @@ -155,7 +158,7 @@ EOF # Create the password secret for netbird kubectl -n "$NAMESPACE" create secret generic netbird-db-password \ - --from-literal=password='test%40pass' + --from-literal=password='rootpassword' } # ── Generate PAT for testing ───────────────────────────────────────────