summaryrefslogtreecommitdiffstats
path: root/kubernetes
diff options
context:
space:
mode:
authorKrzysztof Opasiak <k.opasiak@samsung.com>2020-03-13 15:34:38 +0000
committerGerrit Code Review <gerrit@onap.org>2020-03-13 15:34:38 +0000
commit49a383dfd9078a83660b1727c6cc8ef6a9646b44 (patch)
treebafb94eeb5492325b95476f27ae56fefb8123849 /kubernetes
parent52b046a351ce1551a338c1f9862366f45cf4929f (diff)
parent17547340d42db38a0bca7bca934b01964991301b (diff)
Merge "[COMMON] Allow special characters in postgress passwords"
Diffstat (limited to 'kubernetes')
-rw-r--r--kubernetes/common/postgres/configs/setup.sql40
-rw-r--r--kubernetes/common/postgres/templates/_deployment.tpl40
-rw-r--r--kubernetes/common/postgres/values.yaml3
3 files changed, 80 insertions, 3 deletions
diff --git a/kubernetes/common/postgres/configs/setup.sql b/kubernetes/common/postgres/configs/setup.sql
new file mode 100644
index 0000000000..f60b473242
--- /dev/null
+++ b/kubernetes/common/postgres/configs/setup.sql
@@ -0,0 +1,40 @@
+--- System Setup
+SET application_name="container_setup";
+
+CREATE EXTENSION IF NOT EXISTS pg_stat_statements;
+CREATE EXTENSION IF NOT EXISTS pgaudit;
+
+ALTER USER postgres PASSWORD '${PG_ROOT_PASSWORD}';
+
+CREATE USER ${PG_PRIMARY_USER} WITH REPLICATION;
+ALTER USER ${PG_PRIMARY_USER} PASSWORD '${PG_PRIMARY_PASSWORD}';
+
+CREATE USER "${PG_USER}" LOGIN;
+ALTER USER "${PG_USER}" PASSWORD '${PG_PASSWORD}';
+
+CREATE DATABASE ${PG_DATABASE};
+GRANT ALL PRIVILEGES ON DATABASE ${PG_DATABASE} TO "${PG_USER}";
+
+CREATE TABLE IF NOT EXISTS primarytable (key varchar(20), value varchar(20));
+GRANT ALL ON primarytable TO ${PG_PRIMARY_USER};
+
+--- PG_DATABASE Setup
+
+\c ${PG_DATABASE}
+
+CREATE EXTENSION IF NOT EXISTS pg_stat_statements;
+CREATE EXTENSION IF NOT EXISTS pgaudit;
+
+--- Verify permissions via PG_USER
+
+\c ${PG_DATABASE} "${PG_USER}";
+
+CREATE SCHEMA IF NOT EXISTS "${PG_USER}";
+
+CREATE TABLE IF NOT EXISTS "${PG_USER}".testtable (
+ name varchar(30) PRIMARY KEY,
+ value varchar(50) NOT NULL,
+ updatedt timestamp NOT NULL
+);
+
+INSERT INTO "${PG_USER}".testtable (name, value, updatedt) VALUES ('CPU', '256', now());
diff --git a/kubernetes/common/postgres/templates/_deployment.tpl b/kubernetes/common/postgres/templates/_deployment.tpl
index 3777c1b2e4..361e64847e 100644
--- a/kubernetes/common/postgres/templates/_deployment.tpl
+++ b/kubernetes/common/postgres/templates/_deployment.tpl
@@ -40,6 +40,34 @@ spec:
name: "{{ index $dot.Values "container" "name" $pgMode }}"
spec:
initContainers:
+ - command:
+ - sh
+ args:
+ - -c
+ - "cd /config-input && for PFILE in `ls -1 .`; do envsubst <${PFILE} >/config/${PFILE}; done"
+ env:
+ - name: PG_PRIMARY_USER
+ value: primaryuser
+ - name: PG_PRIMARY_PASSWORD
+ {{- include "common.secret.envFromSecret" (dict "global" $dot "uid" (include "common.postgres.secret.primaryPasswordUID" .) "key" "password") | indent 10 }}
+ - name: PG_USER
+ {{- include "common.secret.envFromSecret" (dict "global" $dot "uid" (include "common.postgres.secret.userCredentialsUID" .) "key" "login") | indent 10 }}
+ - name: PG_PASSWORD
+ {{- include "common.secret.envFromSecret" (dict "global" $dot "uid" (include "common.postgres.secret.userCredentialsUID" .) "key" "password") | indent 10 }}
+ - name: PG_DATABASE
+ value: "{{ $dot.Values.config.pgDatabase }}"
+ - name: PG_ROOT_PASSWORD
+ {{- include "common.secret.envFromSecret" (dict "global" $dot "uid" (include "common.postgres.secret.rootPassUID" .) "key" "password") | indent 10 }}
+ volumeMounts:
+ - mountPath: /config-input/setup.sql
+ name: config
+ subPath: setup.sql
+ - mountPath: /config
+ name: pgconf
+ image: "{{ $dot.Values.global.envsubstImage }}"
+ imagePullPolicy: {{ $dot.Values.global.pullPolicy | default $dot.Values.pullPolicy }}
+ name: {{ include "common.name" $dot }}-update-config
+
- name: init-sysctl
command:
- /bin/sh
@@ -98,9 +126,12 @@ spec:
- name: PG_ROOT_PASSWORD
{{- include "common.secret.envFromSecret" (dict "global" $dot "uid" (include "common.postgres.secret.rootPassUID" .) "key" "password") | indent 10 }}
volumeMounts:
- - name: pool-hba-conf
+ - name: config
mountPath: /pgconf/pool_hba.conf
subPath: pool_hba.conf
+ - name: pgconf
+ mountPath: /pgconf/setup.sql
+ subPath: setup.sql
- mountPath: /pgdata
name: {{ include "common.fullname" $dot }}-data
- mountPath: /backup
@@ -129,7 +160,10 @@ spec:
{{- else }}
emptyDir: {}
{{ end }}
- - name: pool-hba-conf
+ - name: config
configMap:
name: {{ include "common.fullname" $dot }}
-{{- end -}} \ No newline at end of file
+ - name: pgconf
+ emptyDir:
+ medium: Memory
+{{- end -}}
diff --git a/kubernetes/common/postgres/values.yaml b/kubernetes/common/postgres/values.yaml
index 7aff189ba9..10f9405de6 100644
--- a/kubernetes/common/postgres/values.yaml
+++ b/kubernetes/common/postgres/values.yaml
@@ -21,6 +21,9 @@ global:
readinessRepository: oomk8s
readinessImage: readiness-check:2.0.0
+ # envsusbt
+ envsubstImage: dibi/envsubst
+
#################################################################
# Secrets metaconfig
#################################################################