summaryrefslogtreecommitdiffstats
path: root/kubernetes/vfc/charts/vfc-catalog
diff options
context:
space:
mode:
authorKrzysztof Opasiak <k.opasiak@samsung.com>2020-02-26 23:36:22 +0100
committerKrzysztof Opasiak <k.opasiak@samsung.com>2020-03-09 13:47:50 +0000
commita9010dbb8d78fd31f419d659532440c27ad3ee7b (patch)
treefedf8c32f18fe8f046722862cf1dd36353857ccc /kubernetes/vfc/charts/vfc-catalog
parentf8a5330a6d1cfab6dd454a532c60466b5d2a8134 (diff)
[VFC] Use common secret template for DB root password
Issue-ID: VFC-1600 Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com> Change-Id: I9f83c6f6eaace60c3e974218810e5943c5758c06
Diffstat (limited to 'kubernetes/vfc/charts/vfc-catalog')
-rw-r--r--kubernetes/vfc/charts/vfc-catalog/templates/deployment.yaml15
-rw-r--r--kubernetes/vfc/charts/vfc-catalog/templates/secrets.yaml15
-rw-r--r--kubernetes/vfc/charts/vfc-catalog/values.yaml18
3 files changed, 42 insertions, 6 deletions
diff --git a/kubernetes/vfc/charts/vfc-catalog/templates/deployment.yaml b/kubernetes/vfc/charts/vfc-catalog/templates/deployment.yaml
index 8e5d097e40..b5246d1d92 100644
--- a/kubernetes/vfc/charts/vfc-catalog/templates/deployment.yaml
+++ b/kubernetes/vfc/charts/vfc-catalog/templates/deployment.yaml
@@ -37,7 +37,7 @@ spec:
- /root/ready.py
args:
- --container-name
- - vfc-mariadb
+ - {{ .Values.config.mariadbService }}
env:
- name: NAMESPACE
valueFrom:
@@ -49,6 +49,11 @@ spec:
name: {{ include "common.name" . }}-readiness
containers:
- name: {{ include "common.name" . }}
+ command:
+ - sh
+ args:
+ - -c
+ - 'MYSQL_AUTH=root:${MYSQL_ROOT_PASSWORD} ./docker-entrypoint.sh'
image: "{{ include "common.repository" . }}/{{ .Values.image }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
ports:
@@ -75,9 +80,11 @@ spec:
- name: MSB_ADDR
value: "{{ .Values.global.config.msbServiceName }}:{{ .Values.global.config.msbPort }}"
- name: MYSQL_ADDR
- value: "{{ .Values.global.config.dbServiceName }}:{{ .Values.global.config.dbPort }}"
- - name: MYSQL_AUTH
- value: "{{ .Values.global.config.dbUser }}:{{ .Values.global.config.mariadbRootPassword }}"
+ value: "{{ .Values.config.mariadbService }}:{{ .Values.config.mariadbPort }}"
+ - name: MYSQL_ROOT_USER
+ value: "{{ .Values.global.config.mariadb_admin }}"
+ - name: MYSQL_ROOT_PASSWORD
+ {{- include "common.secret.envFromSecret" (dict "global" . "uid" "db-root-pass" "key" "password") | indent 14}}
- name: REDIS_ADDR
value: "{{ .Values.global.config.redisServiceName }}:{{ .Values.global.config.redisPort }}"
volumeMounts:
diff --git a/kubernetes/vfc/charts/vfc-catalog/templates/secrets.yaml b/kubernetes/vfc/charts/vfc-catalog/templates/secrets.yaml
new file mode 100644
index 0000000000..d053c484be
--- /dev/null
+++ b/kubernetes/vfc/charts/vfc-catalog/templates/secrets.yaml
@@ -0,0 +1,15 @@
+# Copyright (c) 2020 Samsung Electronics
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+{{ include "common.secret" . }}
diff --git a/kubernetes/vfc/charts/vfc-catalog/values.yaml b/kubernetes/vfc/charts/vfc-catalog/values.yaml
index 1a8808b358..8914d668fa 100644
--- a/kubernetes/vfc/charts/vfc-catalog/values.yaml
+++ b/kubernetes/vfc/charts/vfc-catalog/values.yaml
@@ -23,6 +23,16 @@ global:
loggingImage: beats/filebeat:5.5.0
#################################################################
+# Secrets metaconfig
+#################################################################
+secrets:
+ - uid: "db-root-pass"
+ externalSecret: '{{ tpl (default "" .Values.config.mariadbRootPasswordExternalSecret) . }}'
+ type: password
+ password: '{{ .Values.config.mariadbRootPassword }}'
+ policy: required
+
+#################################################################
# Application configuration defaults.
#################################################################
# application image
@@ -39,7 +49,11 @@ istioSidecar: true
debugEnabled: false
# application configuration
-config: {}
+config:
+ mariadbService: vfc-mariadb
+ mariadbPort: 3306
+ # mariadbRootPassword: secretpassword
+ # mariadbRootPasswordExternalSecret: some secret
# default number of instances
replicaCount: 1
@@ -108,4 +122,4 @@ resources:
requests:
cpu: 200m
memory: 500Mi
- unlimited: {} \ No newline at end of file
+ unlimited: {}