diff options
author | Jack Lucas <jflos@sonoris.net> | 2021-04-05 09:49:46 -0400 |
---|---|---|
committer | Sylvain Desbureaux <sylvain.desbureaux@orange.com> | 2021-04-29 14:35:55 +0000 |
commit | cbca57d74ead1240bb74132fdf9787d6554c774a (patch) | |
tree | 36e4a451014e770cb3c7158468d8cb9be6d34a19 | |
parent | cb953b397797cf1efa1102f84aaa23371899ba90 (diff) |
[DCAEGEN2] Set env variables from secrets
Enhances the dcaegen2-services-common deployment template to
allow setting environment variables for a DCAE microservice
container from a secret
Issue-ID: DCAEGEN2-2687
Change-Id: I8452cd1f52e941c0a3ebd15eb39b1eecc97a0ded
Signed-off-by: Jack Lucas <jflos@sonoris.net>
[Fail the deployment if one of required params is not provided]
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
-rw-r--r-- | kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl | 57 |
1 files changed, 51 insertions, 6 deletions
diff --git a/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl b/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl index c03be83264..94b6ace2f2 100644 --- a/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl +++ b/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl @@ -17,6 +17,56 @@ # ============LICENSE_END========================================================= */}} {{/* +For internal use only! + +dcaegen2-services-common._ms-specific-env-vars: +This template generates a list of microservice-specific environment variables +as specified in .Values.applicationEnv. The +dcaegen2-services-common.microServiceDeployment uses this template +to add the microservice-specific environment variables to the microservice's container. +These environment variables are in addition to a standard set of environment variables +provided to all microservices. + +The template expects a single argument, pointing to the caller's global context. + +Microservice-specific environment variables can be specified in two ways: + 1. As literal string values. + 2. As values that are sourced from a secret, identified by the secret's + uid and the key within the secret that provides the value. + +The following example shows an example of each type. The example assumes +that a secret has been created using the OOM common secret mechanism, with +a secret uid "example-secret" and a key called "password". + +applicationEnv: + APPLICATION_PASSWORD: + secretUid: example-secret + key: password + APPLICATION_EXAMPLE: "An example value" + +The example would set two environment variables on the microservice's container, +one called "APPLICATION_PASSWORD" with the value set from the "password" key in +the secret with uid "example-secret", and one called "APPLICATION_EXAMPLE" set to +the the literal string "An example value". +*/}} +{{- define "dcaegen2-services-common._ms-specific-env-vars" -}} + {{- $global := . }} + {{- if .Values.applicationEnv }} + {{- range $envName, $envValue := .Values.applicationEnv }} + {{- if kindIs "string" $envValue }} +- name: {{ $envName }} + value: {{ $envValue | quote }} + {{- else }} + {{ if or (not $envValue.secretUid) (not $envValue.key) }} + {{ fail (printf "Env %s definition is not a string and does not contain secretUid or key fields" $envName) }} + {{- end }} +- name: {{ $envName }} + {{- include "common.secret.envFromSecretFast" (dict "global" $global "uid" $envValue.secretUid "key" $envValue.key) | indent 2 }} + {{- end -}} + {{- end }} + {{- end }} +{{- end -}} +{{/* dcaegen2-services-common.microserviceDeployment: This template produces a Kubernetes Deployment for a DCAE microservice. @@ -150,12 +200,7 @@ spec: fieldRef: apiVersion: v1 fieldPath: status.podIP - {{- if .Values.applicationEnv }} - {{- range $envName, $envValue := .Values.applicationEnv }} - - name: {{ $envName }} - value: {{ $envValue | quote }} - {{- end }} - {{- end }} + {{- include "dcaegen2-services-common._ms-specific-env-vars" . | nindent 8 }} {{- if .Values.service }} ports: {{ include "common.containerPorts" . | nindent 10 }} {{- end }} |