aboutsummaryrefslogtreecommitdiffstats
path: root/kubernetes/common/mariadb-init
diff options
context:
space:
mode:
Diffstat (limited to 'kubernetes/common/mariadb-init')
-rwxr-xr-xkubernetes/common/mariadb-init/resources/config/db_init.sh16
-rw-r--r--kubernetes/common/mariadb-init/templates/job.yaml12
2 files changed, 18 insertions, 10 deletions
diff --git a/kubernetes/common/mariadb-init/resources/config/db_init.sh b/kubernetes/common/mariadb-init/resources/config/db_init.sh
index fa4b007a5a..df7c336405 100755
--- a/kubernetes/common/mariadb-init/resources/config/db_init.sh
+++ b/kubernetes/common/mariadb-init/resources/config/db_init.sh
@@ -1,4 +1,5 @@
#!/bin/bash
+
{{/*
# Copyright © 2019 Orange
# Copyright © 2020 Samsung Electronics
@@ -20,10 +21,17 @@
set -e
while read DB ; do
- USER_VAR="MYSQL_USER_${DB^^}"
- PASS_VAR="MYSQL_PASSWORD_${DB^^}"
- USER=${!USER_VAR}
- PASS=`echo -n ${!PASS_VAR} | sed -e "s/'/''/g"`
+ USER_VAR="MYSQL_USER_$(echo $DB | tr '[:lower:]' '[:upper:]')"
+ PASS_VAR="MYSQL_PASSWORD_$(echo $DB | tr '[:lower:]' '[:upper:]')"
+{{/*
+ # USER=${!USER_VAR}
+ # PASS=`echo -n ${!PASS_VAR} | sed -e "s/'/''/g"`
+ # eval replacement of the bashism equivalents above might present a security issue here
+ # since it reads content from DB values filled by helm at the end of the script.
+ # These possible values has to be constrainted and/or limited by helm for a safe use of eval.
+*/}}
+ eval USER=\$$USER_VAR
+ PASS=$(eval echo -n \$$PASS_VAR | sed -e "s/'/''/g")
MYSQL_OPTS=( -h ${DB_HOST} -P ${DB_PORT} -uroot -p${MYSQL_ROOT_PASSWORD} )
echo "Creating database ${DB} and user ${USER}..."
diff --git a/kubernetes/common/mariadb-init/templates/job.yaml b/kubernetes/common/mariadb-init/templates/job.yaml
index ad97cd4ed6..96d1dc54a4 100644
--- a/kubernetes/common/mariadb-init/templates/job.yaml
+++ b/kubernetes/common/mariadb-init/templates/job.yaml
@@ -63,9 +63,9 @@ spec:
/db_config/db_cmd.sh{{ end }}
env:
- name: DB_HOST
- value: "{{ default .Values.global.mariadbGalera.nameOverride .Values.mariadbGalera.serviceName }}"
+ value: {{ include "common.mariadbService" . }}
- name: DB_PORT
- value: "{{ default .Values.global.mariadbGalera.servicePort .Values.mariadbGalera.servicePort }}"
+ value: {{ include "common.mariadbPort" . | quote }}
- name: MYSQL_ROOT_PASSWORD
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "root-password" "key" (default "password" .Values.global.mariadbGalera.userRootSecretKey)) | indent 10 }}
- name: {{ printf "MYSQL_USER_%s" .Values.config.mysqlDatabase | upper }}
@@ -83,10 +83,10 @@ spec:
- mountPath: /etc/localtime
name: localtime
readOnly: true
- - name: mariadb-conf
+ - name: mariadb-init
mountPath: /db_init/
{{- if or .Values.dbScriptConfigMap .Values.dbScript }}
- - name: mariadb-init
+ - name: mariadb-conf
mountPath: /db_config/
{{- end }}
resources:
@@ -104,7 +104,7 @@ spec:
hostPath:
path: /etc/localtime
{{- if or .Values.dbScriptConfigMap .Values.dbScript }}
- - name: mariadb-init
+ - name: mariadb-conf
configMap:
{{- if .Values.dbScriptConfigMap }}
name: {{ tpl .Values.dbScriptConfigMap . }}
@@ -113,7 +113,7 @@ spec:
{{- end }}
defaultMode: 0755
{{- end }}
- - name: mariadb-conf
+ - name: mariadb-init
configMap:
name: {{ include "mariadbInit.configMap" . }}
defaultMode: 0755