diff options
author | Krzysztof Opasiak <k.opasiak@samsung.com> | 2020-02-26 23:36:22 +0100 |
---|---|---|
committer | Krzysztof Opasiak <k.opasiak@samsung.com> | 2020-03-09 13:47:50 +0000 |
commit | a9010dbb8d78fd31f419d659532440c27ad3ee7b (patch) | |
tree | fedf8c32f18fe8f046722862cf1dd36353857ccc /kubernetes/vfc/charts/vfc-catalog | |
parent | f8a5330a6d1cfab6dd454a532c60466b5d2a8134 (diff) |
[VFC] Use common secret template for DB root password
Issue-ID: VFC-1600
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
Change-Id: I9f83c6f6eaace60c3e974218810e5943c5758c06
Diffstat (limited to 'kubernetes/vfc/charts/vfc-catalog')
-rw-r--r-- | kubernetes/vfc/charts/vfc-catalog/templates/deployment.yaml | 15 | ||||
-rw-r--r-- | kubernetes/vfc/charts/vfc-catalog/templates/secrets.yaml | 15 | ||||
-rw-r--r-- | kubernetes/vfc/charts/vfc-catalog/values.yaml | 18 |
3 files changed, 42 insertions, 6 deletions
diff --git a/kubernetes/vfc/charts/vfc-catalog/templates/deployment.yaml b/kubernetes/vfc/charts/vfc-catalog/templates/deployment.yaml index 8e5d097e40..b5246d1d92 100644 --- a/kubernetes/vfc/charts/vfc-catalog/templates/deployment.yaml +++ b/kubernetes/vfc/charts/vfc-catalog/templates/deployment.yaml @@ -37,7 +37,7 @@ spec: - /root/ready.py args: - --container-name - - vfc-mariadb + - {{ .Values.config.mariadbService }} env: - name: NAMESPACE valueFrom: @@ -49,6 +49,11 @@ spec: name: {{ include "common.name" . }}-readiness containers: - name: {{ include "common.name" . }} + command: + - sh + args: + - -c + - 'MYSQL_AUTH=root:${MYSQL_ROOT_PASSWORD} ./docker-entrypoint.sh' image: "{{ include "common.repository" . }}/{{ .Values.image }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} ports: @@ -75,9 +80,11 @@ spec: - name: MSB_ADDR value: "{{ .Values.global.config.msbServiceName }}:{{ .Values.global.config.msbPort }}" - name: MYSQL_ADDR - value: "{{ .Values.global.config.dbServiceName }}:{{ .Values.global.config.dbPort }}" - - name: MYSQL_AUTH - value: "{{ .Values.global.config.dbUser }}:{{ .Values.global.config.mariadbRootPassword }}" + value: "{{ .Values.config.mariadbService }}:{{ .Values.config.mariadbPort }}" + - name: MYSQL_ROOT_USER + value: "{{ .Values.global.config.mariadb_admin }}" + - name: MYSQL_ROOT_PASSWORD + {{- include "common.secret.envFromSecret" (dict "global" . "uid" "db-root-pass" "key" "password") | indent 14}} - name: REDIS_ADDR value: "{{ .Values.global.config.redisServiceName }}:{{ .Values.global.config.redisPort }}" volumeMounts: diff --git a/kubernetes/vfc/charts/vfc-catalog/templates/secrets.yaml b/kubernetes/vfc/charts/vfc-catalog/templates/secrets.yaml new file mode 100644 index 0000000000..d053c484be --- /dev/null +++ b/kubernetes/vfc/charts/vfc-catalog/templates/secrets.yaml @@ -0,0 +1,15 @@ +# Copyright (c) 2020 Samsung Electronics +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +{{ include "common.secret" . }} diff --git a/kubernetes/vfc/charts/vfc-catalog/values.yaml b/kubernetes/vfc/charts/vfc-catalog/values.yaml index 1a8808b358..8914d668fa 100644 --- a/kubernetes/vfc/charts/vfc-catalog/values.yaml +++ b/kubernetes/vfc/charts/vfc-catalog/values.yaml @@ -23,6 +23,16 @@ global: loggingImage: beats/filebeat:5.5.0 ################################################################# +# Secrets metaconfig +################################################################# +secrets: + - uid: "db-root-pass" + externalSecret: '{{ tpl (default "" .Values.config.mariadbRootPasswordExternalSecret) . }}' + type: password + password: '{{ .Values.config.mariadbRootPassword }}' + policy: required + +################################################################# # Application configuration defaults. ################################################################# # application image @@ -39,7 +49,11 @@ istioSidecar: true debugEnabled: false # application configuration -config: {} +config: + mariadbService: vfc-mariadb + mariadbPort: 3306 + # mariadbRootPassword: secretpassword + # mariadbRootPasswordExternalSecret: some secret # default number of instances replicaCount: 1 @@ -108,4 +122,4 @@ resources: requests: cpu: 200m memory: 500Mi - unlimited: {}
\ No newline at end of file + unlimited: {} |