summaryrefslogtreecommitdiffstats
path: root/kubernetes/so/templates
diff options
context:
space:
mode:
authorKrzysztof Opasiak <k.opasiak@samsung.com>2020-03-28 02:14:37 +0100
committerKrzysztof Opasiak <k.opasiak@samsung.com>2020-03-28 02:14:37 +0100
commitc53ff54815a8d716c12395293a8c75a5b6a7fa91 (patch)
treeda614c3f8fdeb01253aae189d995122c6f3baeda /kubernetes/so/templates
parentf68b72895b2fe13a50d7a059b25b42ba37469091 (diff)
[SO] Use common secret template in so
Generate passwords for: - so_user - so_admin and distribute them to all SO subcharts. mariadb-galera root password is taken as a reference to existing secret (shared mariadb instance) or also generated if local cluster is used. Three other DB users also have generated passwords but they are not distributed outside of so-mariadb as they were never used. Issue-ID: OOM-2328 Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com> Change-Id: Ic4af5c9b12b00d2a52d2597e3fe1161d0d1a9f20
Diffstat (limited to 'kubernetes/so/templates')
-rwxr-xr-xkubernetes/so/templates/deployment.yaml20
-rw-r--r--kubernetes/so/templates/secret.yaml15
2 files changed, 19 insertions, 16 deletions
diff --git a/kubernetes/so/templates/deployment.yaml b/kubernetes/so/templates/deployment.yaml
index c0ac078039..ca6be72273 100755
--- a/kubernetes/so/templates/deployment.yaml
+++ b/kubernetes/so/templates/deployment.yaml
@@ -66,25 +66,13 @@ spec:
name: {{ include "common.release" . }}-so-db-secrets
key: mariadb.readwrite.port
- name: DB_USERNAME
- valueFrom:
- secretKeyRef:
- name: {{ include "common.release" . }}-so-db-secrets
- key: mariadb.readwrite.rolename
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-user-creds" "key" "login") | indent 10 }}
- name: DB_PASSWORD
- valueFrom:
- secretKeyRef:
- name: {{ include "common.release" . }}-so-db-secrets
- key: mariadb.readwrite.password
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-user-creds" "key" "password") | indent 10 }}
- name: DB_ADMIN_USERNAME
- valueFrom:
- secretKeyRef:
- name: {{ include "common.release" . }}-so-db-secrets
- key: mariadb.admin.rolename
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-admin-creds" "key" "login") | indent 10 }}
- name: DB_ADMIN_PASSWORD
- valueFrom:
- secretKeyRef:
- name: {{ include "common.release" . }}-so-db-secrets
- key: mariadb.admin.password
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-admin-creds" "key" "password") | indent 10 }}
{{- if eq .Values.global.security.aaf.enabled true }}
- name: TRUSTSTORE
value: /app/org.onap.so.trust.jks
diff --git a/kubernetes/so/templates/secret.yaml b/kubernetes/so/templates/secret.yaml
new file mode 100644
index 0000000000..bd7eb8ea40
--- /dev/null
+++ b/kubernetes/so/templates/secret.yaml
@@ -0,0 +1,15 @@
+# Copyright © 2020 Samsung Electronics
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+{{ include "common.secretFast" . }}