diff options
| author |   Krzysztof Opasiak <k.opasiak@samsung.com> | 2020-01-31 23:28:25 +0100 |
|---|---|---|
| committer | Krzysztof Opasiak <k.opasiak@samsung.com> | 2020-02-02 11:22:12 +0100 |
| commit | 894aafb845ca5169fa47fcff9fe8fe29c9e4a208 (patch) | |
| tree | 4a99c7a8c400c5e5832e70921083a91bd7aaca58 /kubernetes/modeling/charts/modeling-etsicatalog/templates/deployment.yaml | |
| parent | 43893f5e389b648063d88977ae5fba9364df85c3 (diff) | |
[Modeling] Use common secret template for mariadb root password
Remove hardcoded root password from the modeling chart.
Because of huge number of issues in modeling docker image
(see onap-discuss for details) I don't want to touch it.
That's why I just made an awful hack to concatenate DB
username and password before the entrypoint script.
Please keep in mind that this eliminates only hardcoded
root password but there is plenty of other credentials that
are boiled into container image (DB, SDC, VCF-REDIS(!) etc).
Issue-ID: OOM-2286
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
Change-Id: Id85a03ec7f55885b606179d10e8b6528c6cb6947
Diffstat (limited to 'kubernetes/modeling/charts/modeling-etsicatalog/templates/deployment.yaml')
| -rw-r--r-- | kubernetes/modeling/charts/modeling-etsicatalog/templates/deployment.yaml | 21 |
1 files changed, 13 insertions, 8 deletions
diff --git a/kubernetes/modeling/charts/modeling-etsicatalog/templates/deployment.yaml b/kubernetes/modeling/charts/modeling-etsicatalog/templates/deployment.yaml index d8790e7d5b..a2e03b8bf6 100644 --- a/kubernetes/modeling/charts/modeling-etsicatalog/templates/deployment.yaml +++ b/kubernetes/modeling/charts/modeling-etsicatalog/templates/deployment.yaml @@ -49,6 +49,11 @@ spec: name: {{ include "common.name" . }}-readiness containers: - name: {{ include "common.name" . }} + command: + - bash + args: + - -c + - 'MYSQL_AUTH=root:${MYSQL_ROOT_PASSWORD} ./docker-entrypoint.sh' image: "{{ include "common.repository" . }}/{{ .Values.image }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} ports: @@ -68,14 +73,14 @@ spec: initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} env: - - name: MSB_ADDR - value: "{{ .Values.global.config.msbServiceName }}:{{ .Values.global.config.msbPort }}" - - name: MYSQL_ADDR - value: "{{ .Values.config.dbServiceName }}:{{ .Values.config.dbPort }}" - - name: MYSQL_AUTH - value: "{{ .Values.config.dbUser }}:{{ index .Values "mariadb-galera" "config" "mariadbRootPassword" }}" - - name: REDIS_ADDR - value: "{{ .Values.global.config.redisServiceName }}:{{ .Values.global.config.redisPort }}" + - name: MSB_ADDR + value: "{{ .Values.global.config.msbServiceName }}:{{ .Values.global.config.msbPort }}" + - name: MYSQL_ADDR + value: {{ (index .Values "mariadb-galera" "service" "name") }}:{{ (index .Values "mariadb-galera" "service" "internalPort") }} + - name: MYSQL_ROOT_PASSWORD + {{- include "common.secret.envFromSecret" (dict "global" . "uid" "db-root-pass" "key" "password") | indent 12}} + - name: REDIS_ADDR + value: "{{ .Values.global.config.redisServiceName }}:{{ .Values.global.config.redisPort }}" volumeMounts: - name: {{ include "common.fullname" . }}-etsicatalog mountPath: /service/modeling/etsicatalog/static |