From d73224418141fb7a2bae8d083de8f6e88e493c3d Mon Sep 17 00:00:00 2001
From: Krzysztof Opasiak <k.opasiak@samsung.com>
Date: Thu, 30 Jan 2020 12:10:40 +0100
Subject: [COMMON] Use common secret template in mariadb-init

Use common secret template for all passwords that are used
inside this chart.

Issue-ID: OOM-2248
Change-Id: Ia94b87a4d0316a3d334fd492521be5a255c14b4e
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
---
 .../common/mariadb-init/templates/secret.yaml      | 39 +++++++++++++---------
 1 file changed, 23 insertions(+), 16 deletions(-)

(limited to 'kubernetes/common/mariadb-init/templates/secret.yaml')

diff --git a/kubernetes/common/mariadb-init/templates/secret.yaml b/kubernetes/common/mariadb-init/templates/secret.yaml
index f30d582110..71a89d019b 100644
--- a/kubernetes/common/mariadb-init/templates/secret.yaml
+++ b/kubernetes/common/mariadb-init/templates/secret.yaml
@@ -12,19 +12,26 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-apiVersion: v1
-kind: Secret
-metadata:
-  name: {{ include "common.fullname" . }}
-  namespace: {{ include "common.namespace" . }}
-  labels:
-    app: {{ include "common.name" . }}
-    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
-    release: {{ .Release.Name }}
-    heritage: {{ .Release.Service }}
-type: Opaque
-data:
-  db-user-password: {{ index .Values.config.userPassword | b64enc | quote }}
-{{ range $db, $dbInfos := .Values.config.mysqlAdditionalDatabases }}
-  {{ printf "db-%s-user-password" $db}}: {{ $dbInfos.password | b64enc | quote }}
-{{ end }}
+{{- define "mariadb-init._update-secrets" -}}
+  {{ range $db, $dbInfos := .Values.config.mysqlAdditionalDatabases }}
+{{ printf "- uid: %s" $db }}
+{{ printf "  type: basicAuth" }}
+    {{- if $dbInfos.externalSecret }}
+{{ printf "  externalSecret: %s" $dbInfos.externalSecret }}
+    {{- end }}
+{{ printf "  login: %s" $dbInfos.user }}
+{{ printf "  password: %s" $dbInfos.password }}
+{{ printf "  passwordPolicy: required" }}
+  {{- end -}}
+{{- end -}}
+
+{{ $global := . }}
+{{ $secretsString := .Values.secrets | toYaml | indent 2 }}
+{{ $additionalSecretsString := (include "mariadb-init._update-secrets" .) | indent 2 }}
+{{ $finalSecretsString := (cat "\nsecrets:\n" $secretsString $additionalSecretsString) | replace "   -" "  -" }}
+{{ $finalSecrets := ($finalSecretsString | fromYaml).secrets }}
+
+{{ $newValues := set $global.Values "secrets" $finalSecrets }}
+{{ $tmpGlobal := set $global "Values" $newValues }}
+
+{{ include "common.secret" $tmpGlobal }}
-- 
cgit 1.2.3-korg