aboutsummaryrefslogtreecommitdiffstats
path: root/kubernetes/clamp/charts/mariadb
diff options
context:
space:
mode:
authorJulienBe <jb379x@att.com>2020-04-10 16:50:08 +0200
committerKrzysztof Opasiak <k.opasiak@samsung.com>2020-05-04 15:08:43 +0200
commit26df3202534721dc7ed6e3c2b9c4a973502cc7cd (patch)
treeefc43a6b4a46877c497b7ad9e4bc9ba62b12e2df /kubernetes/clamp/charts/mariadb
parent006318ac37142eb823db4a2074ce6c8ad1629166 (diff)
remove hardcoded MariaDB password
This aligns with other changes on OOM. You can either supply a specific password or have it generated for you based on a master password Issue-ID: CLAMP-796, OJSI-188 Change-Id: If1b80fc47cf1033e094f8a106746d1e8c556c08b Signed-off-by: JulienBe <jb379x@att.com> Co-authored-by: sebdet <sebastien.determe@intl.att.com> [small updates in common secret template usage] Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
Diffstat (limited to 'kubernetes/clamp/charts/mariadb')
-rwxr-xr-xkubernetes/clamp/charts/mariadb/resources/config/mariadb/docker-entrypoint-initdb.d/bootstrap-database.sh28
-rw-r--r--kubernetes/clamp/charts/mariadb/resources/config/mariadb/docker-entrypoint-initdb.d/bulkload/create-db.sql11
-rw-r--r--kubernetes/clamp/charts/mariadb/resources/config/mariadb/docker-entrypoint-initdb.d/create-tables.sql (renamed from kubernetes/clamp/charts/mariadb/resources/config/mariadb/docker-entrypoint-initdb.d/bulkload/create-tables.sql)0
-rw-r--r--kubernetes/clamp/charts/mariadb/templates/configmap.yaml15
-rw-r--r--kubernetes/clamp/charts/mariadb/templates/deployment.yaml21
-rw-r--r--kubernetes/clamp/charts/mariadb/templates/secrets.yaml14
-rw-r--r--kubernetes/clamp/charts/mariadb/values.yaml19
7 files changed, 25 insertions, 83 deletions
diff --git a/kubernetes/clamp/charts/mariadb/resources/config/mariadb/docker-entrypoint-initdb.d/bootstrap-database.sh b/kubernetes/clamp/charts/mariadb/resources/config/mariadb/docker-entrypoint-initdb.d/bootstrap-database.sh
deleted file mode 100755
index 2e2ad2e1af..0000000000
--- a/kubernetes/clamp/charts/mariadb/resources/config/mariadb/docker-entrypoint-initdb.d/bootstrap-database.sh
+++ /dev/null
@@ -1,28 +0,0 @@
-#!/bin/sh
-
-###
-# ============LICENSE_START=======================================================
-# ONAP CLAMP
-# ================================================================================
-# Copyright (C) 2017 AT&T Intellectual Property. All rights
-# reserved.
-# ================================================================================
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-# ============LICENSE_END============================================
-# ===================================================================
-#
-###
-
-mysql -uroot -p$MYSQL_ROOT_PASSWORD -f < /docker-entrypoint-initdb.d/bulkload/create-db.sql
-## New model creation
-mysql -uroot -p$MYSQL_ROOT_PASSWORD -f cldsdb4 < /docker-entrypoint-initdb.d/bulkload/create-tables.sql
diff --git a/kubernetes/clamp/charts/mariadb/resources/config/mariadb/docker-entrypoint-initdb.d/bulkload/create-db.sql b/kubernetes/clamp/charts/mariadb/resources/config/mariadb/docker-entrypoint-initdb.d/bulkload/create-db.sql
deleted file mode 100644
index ea4d97c1b5..0000000000
--- a/kubernetes/clamp/charts/mariadb/resources/config/mariadb/docker-entrypoint-initdb.d/bulkload/create-db.sql
+++ /dev/null
@@ -1,11 +0,0 @@
-#
-# Create CLDS database objects (tables, etc.)
-#
-#
-CREATE DATABASE `cldsdb4`;
-USE `cldsdb4`;
-DROP USER 'clds';
-CREATE USER 'clds';
-GRANT ALL on cldsdb4.* to 'clds' identified by 'sidnnd83K' with GRANT OPTION;
-FLUSH PRIVILEGES;
-
diff --git a/kubernetes/clamp/charts/mariadb/resources/config/mariadb/docker-entrypoint-initdb.d/bulkload/create-tables.sql b/kubernetes/clamp/charts/mariadb/resources/config/mariadb/docker-entrypoint-initdb.d/create-tables.sql
index 1f153bce04..1f153bce04 100644
--- a/kubernetes/clamp/charts/mariadb/resources/config/mariadb/docker-entrypoint-initdb.d/bulkload/create-tables.sql
+++ b/kubernetes/clamp/charts/mariadb/resources/config/mariadb/docker-entrypoint-initdb.d/create-tables.sql
diff --git a/kubernetes/clamp/charts/mariadb/templates/configmap.yaml b/kubernetes/clamp/charts/mariadb/templates/configmap.yaml
index 705c38fa19..522c5f9bf8 100644
--- a/kubernetes/clamp/charts/mariadb/templates/configmap.yaml
+++ b/kubernetes/clamp/charts/mariadb/templates/configmap.yaml
@@ -17,19 +17,6 @@
apiVersion: v1
kind: ConfigMap
metadata:
- name: clamp-entrypoint-initdb-configmap
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
-data:
-{{ tpl (.Files.Glob "resources/config/mariadb/docker-entrypoint-initdb.d/*").AsConfig . | indent 2 }}
----
-apiVersion: v1
-kind: ConfigMap
-metadata:
name: clamp-entrypoint-bulkload-configmap
namespace: {{ include "common.namespace" . }}
labels:
@@ -38,7 +25,7 @@ metadata:
release: {{ include "common.release" . }}
heritage: {{ .Release.Service }}
data:
-{{ tpl (.Files.Glob "resources/config/mariadb/docker-entrypoint-initdb.d/bulkload/*").AsConfig . | indent 2 }}
+{{ tpl (.Files.Glob "resources/config/mariadb/docker-entrypoint-initdb.d/*").AsConfig . | indent 2 }}
---
apiVersion: v1
kind: ConfigMap
diff --git a/kubernetes/clamp/charts/mariadb/templates/deployment.yaml b/kubernetes/clamp/charts/mariadb/templates/deployment.yaml
index be46f89433..7d22930b6a 100644
--- a/kubernetes/clamp/charts/mariadb/templates/deployment.yaml
+++ b/kubernetes/clamp/charts/mariadb/templates/deployment.yaml
@@ -52,19 +52,19 @@ spec:
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
env:
- - name: MYSQL_ROOT_PASSWORD
- valueFrom:
- secretKeyRef:
- name: {{ template "common.fullname" . }}
- key: db-root-password
+ - name: MYSQL_USER
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "login") | indent 12 }}
+ - name: MYSQL_PASSWORD
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "password") | indent 12 }}
+ - name: MYSQL_ROOT_PASSWORD
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-root-pass" "key" "password") | indent 12 }}
+ - name: MYSQL_DATABASE
+ value: {{ tpl .Values.db.databaseName .}}
volumeMounts:
- - mountPath: /docker-entrypoint-initdb.d/bootstrap-database.sh
- name: docker-entrypoint-initdb
- subPath: bootstrap-database.sh
- mountPath: /etc/localtime
name: localtime
readOnly: true
- - mountPath: /docker-entrypoint-initdb.d/bulkload/
+ - mountPath: /docker-entrypoint-initdb.d/
name: docker-entrypoint-bulkload
- mountPath: /etc/mysql/conf.d/conf1/
name: clamp-mariadb-conf
@@ -88,9 +88,6 @@ spec:
{{- else }}
emptyDir: {}
{{- end }}
- - name: docker-entrypoint-initdb
- configMap:
- name: clamp-entrypoint-initdb-configmap
- name: docker-entrypoint-bulkload
configMap:
name: clamp-entrypoint-bulkload-configmap
diff --git a/kubernetes/clamp/charts/mariadb/templates/secrets.yaml b/kubernetes/clamp/charts/mariadb/templates/secrets.yaml
index 8f3a21752d..57f88ce32d 100644
--- a/kubernetes/clamp/charts/mariadb/templates/secrets.yaml
+++ b/kubernetes/clamp/charts/mariadb/templates/secrets.yaml
@@ -13,16 +13,4 @@
# See the License for the specific language governing permissions and
# limitations under the License.
-apiVersion: v1
-kind: Secret
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
-type: Opaque
-data:
- db-root-password: {{ .Values.config.mysqlPassword | b64enc | quote }}
+{{ include "common.secretFast" . }}
diff --git a/kubernetes/clamp/charts/mariadb/values.yaml b/kubernetes/clamp/charts/mariadb/values.yaml
index 8bf6100563..df651dd9ea 100644
--- a/kubernetes/clamp/charts/mariadb/values.yaml
+++ b/kubernetes/clamp/charts/mariadb/values.yaml
@@ -20,18 +20,27 @@ global: # global defaults
nodePortPrefix: 302
persistence: {}
-
# application image
repository: nexus3.onap.org:10001
image: mariadb:10.3.12
pullPolicy: Always
flavor: small
-
#################################################################
-# Application configuration defaults.
+# Secrets metaconfig
#################################################################
-config:
- mysqlPassword: strong_pitchou
+secrets:
+ - uid: db-root-pass
+ type: password
+ externalSecret: '{{ tpl (default "" .Values.db.rootCredsExternalSecret) . }}'
+ password: '{{ .Values.db.rootPass }}'
+ - uid: db-secret
+ type: basicAuth
+ externalSecret: '{{ tpl (default "" .Values.db.userCredsExternalSecret) . }}'
+ login: '{{ .Values.db.user }}'
+ password: '{{ .Values.db.password }}'
+
+# Application configuration
+db: {}
# default number of instances
replicaCount: 1