diff options
author | Krzysztof Opasiak <k.opasiak@samsung.com> | 2020-01-22 00:06:32 +0100 |
---|---|---|
committer | Krzysztof Opasiak <k.opasiak@samsung.com> | 2020-02-01 00:10:01 +0100 |
commit | a789c1a7432d58d37269fb40ce719000181a3c2b (patch) | |
tree | 36e6f60556a57de3f94c00f98b9fa526b242d98b /kubernetes/common | |
parent | fd6676f06becc509961d8a9a06b60168e4884349 (diff) |
[COMMON] Provide convenience templates for mariadb secrets
Usage of plain strings is very fragile especially when you try
to change them. That's why instead of depending on strings let's
just define a few convenience templates to be used in projects
that use mariadb-galera chart.
Issue-ID: OOM-2249
Change-Id: Ib867d34090b06a15ea3898a9524f5e3d04a656c0
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
Diffstat (limited to 'kubernetes/common')
5 files changed, 45 insertions, 8 deletions
diff --git a/kubernetes/common/common/templates/_mariadb.tpl b/kubernetes/common/common/templates/_mariadb.tpl index d4af1807fa..df0e6b41c9 100644 --- a/kubernetes/common/common/templates/_mariadb.tpl +++ b/kubernetes/common/common/templates/_mariadb.tpl @@ -15,6 +15,43 @@ */}} {{/* + UID of mariadb root password +*/}} +{{- define "common.mariadb.secret.rootPassUID" -}} + {{- printf "db-root-password" }} +{{- end -}} + +{{/* + Name of mariadb secret +*/}} +{{- define "common.mariadb.secret._secretName" -}} + {{- $global := .dot }} + {{- $chartName := tpl .chartName $global -}} + {{- include "common.secret.genName" (dict "global" $global "uid" (include .uidTemplate $global) "chartName" $chartName) }} +{{- end -}} + +{{/* + Name of mariadb root password secret +*/}} +{{- define "common.mariadb.secret.rootPassSecretName" -}} + {{- include "common.mariadb.secret._secretName" (set . "uidTemplate" "common.mariadb.secret.rootPassUID") }} +{{- end -}} + +{{/* + UID of mariadb user credentials +*/}} +{{- define "common.mariadb.secret.userCredentialsUID" -}} + {{- printf "db-user-credentials" }} +{{- end -}} + +{{/* + Name of mariadb user credentials secret +*/}} +{{- define "common.mariadb.secret.userCredentialsSecretName" -}} + {{- include "common.mariadb.secret._secretName" (set . "uidTemplate" "common.mariadb.secret.userCredentialsUID") }} +{{- end -}} + +{{/* Choose the name of the mariadb service to use. */}} {{- define "common.mariadbService" -}} diff --git a/kubernetes/common/mariadb-galera/templates/backup/cronjob.yaml b/kubernetes/common/mariadb-galera/templates/backup/cronjob.yaml index 69a8490760..c9e2ffe85c 100644 --- a/kubernetes/common/mariadb-galera/templates/backup/cronjob.yaml +++ b/kubernetes/common/mariadb-galera/templates/backup/cronjob.yaml @@ -86,7 +86,7 @@ spec: echo "Backup Successful!!!" env: - name: DB_PASS - {{- include "common.secret.envFromSecret" (dict "global" . "uid" "db-root-password" "key" "password") | indent 14}} + {{- include "common.secret.envFromSecret" (dict "global" . "uid" (include "common.mariadb.secret.rootPassUID" .) "key" "password") | indent 14}} volumeMounts: - name: backup-dir mountPath: /backup @@ -96,7 +96,7 @@ spec: imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} env: - name: MYSQL_ROOT_PASSWORD - {{- include "common.secret.envFromSecret" (dict "global" . "uid" "db-root-password" "key" "password") | indent 14}} + {{- include "common.secret.envFromSecret" (dict "global" . "uid" (include "common.mariadb.secret.rootPassUID" .) "key" "password") | indent 14}} command: - /bin/bash - -c diff --git a/kubernetes/common/mariadb-galera/templates/statefulset.yaml b/kubernetes/common/mariadb-galera/templates/statefulset.yaml index 496f242d94..a6260fae54 100644 --- a/kubernetes/common/mariadb-galera/templates/statefulset.yaml +++ b/kubernetes/common/mariadb-galera/templates/statefulset.yaml @@ -61,13 +61,13 @@ spec: apiVersion: v1 fieldPath: metadata.namespace - name: MYSQL_USER - {{- include "common.secret.envFromSecret" (dict "global" . "uid" "db-user-credentials" "key" "login") | indent 14}} + {{- include "common.secret.envFromSecret" (dict "global" . "uid" (include "common.mariadb.secret.userCredentialsUID" .) "key" "login") | indent 14}} - name: MYSQL_PASSWORD - {{- include "common.secret.envFromSecret" (dict "global" . "uid" "db-user-credentials" "key" "password") | indent 14}} + {{- include "common.secret.envFromSecret" (dict "global" . "uid" (include "common.mariadb.secret.userCredentialsUID" .) "key" "password") | indent 14}} - name: MYSQL_DATABASE value: {{ default "" .Values.config.mysqlDatabase | quote }} - name: MYSQL_ROOT_PASSWORD - {{- include "common.secret.envFromSecret" (dict "global" . "uid" "db-root-password" "key" "password") | indent 14}} + {{- include "common.secret.envFromSecret" (dict "global" . "uid" (include "common.mariadb.secret.rootPassUID" .) "key" "password") | indent 14}} ports: - containerPort: {{ .Values.service.internalPort }} name: {{ .Values.service.portName }} diff --git a/kubernetes/common/mariadb-galera/values.yaml b/kubernetes/common/mariadb-galera/values.yaml index a6dd1ca359..1dcc88c3b5 100644 --- a/kubernetes/common/mariadb-galera/values.yaml +++ b/kubernetes/common/mariadb-galera/values.yaml @@ -17,11 +17,11 @@ # Secrets metaconfig ################################################################# secrets: - - uid: "db-root-password" + - uid: '{{ include "common.mariadb.secret.rootPassUID" . }}' type: password externalSecret: '{{ tpl (default "" .Values.config.mariadbRootPasswordExternalSecret) . }}' password: '{{ .Values.config.mariadbRootPassword }}' - - uid: "db-user-credentials" + - uid: '{{ include "common.mariadb.secret.userCredentialsUID" . }}' type: basicAuth externalSecret: '{{ tpl (default "" .Values.config.userCredentialsExternalSecret) . }}' login: '{{ .Values.config.userName }}' diff --git a/kubernetes/common/mariadb-init/templates/_mariadb.tpl b/kubernetes/common/mariadb-init/templates/_mariadb.tpl index 64c15ed862..af9a4f5f02 100644 --- a/kubernetes/common/mariadb-init/templates/_mariadb.tpl +++ b/kubernetes/common/mariadb-init/templates/_mariadb.tpl @@ -18,5 +18,5 @@ Choose the name of the mariadb secret to use. */}} {{- define "mariadbInit.mariadbClusterSecret" -}} - {{- printf "%s-%s-db-root-password" (include "common.release" .) (default "mariadb-galera" .Values.global.mariadbGalera.nameOverride) -}} + {{- include "common.mariadb.secret.rootPassSecretName" (dict "dot" . "chartName" (default "mariadb-galera" .Values.global.mariadbGalera.nameOverride)) -}} {{- end -}} |