From f1f945b51303ad1ace8c2268b0a0f39bcb549d0b Mon Sep 17 00:00:00 2001 From: Krzysztof Opasiak Date: Tue, 4 Feb 2020 21:16:50 +0100 Subject: [COMMON] Use common secret template in postgres Use common secret template for storing DB credentials Issue-ID: OOM-2250 Signed-off-by: Krzysztof Opasiak Change-Id: Ic640bba21a368cf3dd7d3a712abd13907b86a217 --- kubernetes/common/postgres/templates/_deployment.tpl | 17 ++++------------- kubernetes/common/postgres/templates/secrets.yaml | 17 +---------------- 2 files changed, 5 insertions(+), 29 deletions(-) (limited to 'kubernetes/common/postgres/templates') diff --git a/kubernetes/common/postgres/templates/_deployment.tpl b/kubernetes/common/postgres/templates/_deployment.tpl index 9766cb3fca..3777c1b2e4 100644 --- a/kubernetes/common/postgres/templates/_deployment.tpl +++ b/kubernetes/common/postgres/templates/_deployment.tpl @@ -88,24 +88,15 @@ spec: - name: PG_PRIMARY_PORT value: "{{ $dot.Values.service.internalPort }}" - name: PG_PRIMARY_PASSWORD - valueFrom: - secretKeyRef: - name: {{ template "common.fullname" $dot }} - key: pg-primary-password + {{- include "common.secret.envFromSecret" (dict "global" $dot "uid" (include "common.postgres.secret.primaryPasswordUID" .) "key" "password") | indent 10 }} - name: PG_USER - value: "{{ $dot.Values.config.pgUserName }}" + {{- include "common.secret.envFromSecret" (dict "global" $dot "uid" (include "common.postgres.secret.userCredentialsUID" .) "key" "login") | indent 10 }} - name: PG_PASSWORD - valueFrom: - secretKeyRef: - name: {{ template "common.fullname" $dot }} - key: pg-user-password + {{- include "common.secret.envFromSecret" (dict "global" $dot "uid" (include "common.postgres.secret.userCredentialsUID" .) "key" "password") | indent 10 }} - name: PG_DATABASE value: "{{ $dot.Values.config.pgDatabase }}" - name: PG_ROOT_PASSWORD - valueFrom: - secretKeyRef: - name: {{ template "common.fullname" $dot }} - key: pg-root-password + {{- include "common.secret.envFromSecret" (dict "global" $dot "uid" (include "common.postgres.secret.rootPassUID" .) "key" "password") | indent 10 }} volumeMounts: - name: pool-hba-conf mountPath: /pgconf/pool_hba.conf diff --git a/kubernetes/common/postgres/templates/secrets.yaml b/kubernetes/common/postgres/templates/secrets.yaml index db1bc5bb15..4c68015528 100644 --- a/kubernetes/common/postgres/templates/secrets.yaml +++ b/kubernetes/common/postgres/templates/secrets.yaml @@ -13,19 +13,4 @@ # # See the License for the specific language governing permissions and # # limitations under the License. */}} -apiVersion: v1 -kind: Secret -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.fullname" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -type: Opaque -data: - pg-primary-password: {{ .Values.config.pgPrimaryPassword | b64enc | quote }} - pg-user-password: {{ .Values.config.pgUserPassword | b64enc | quote }} - pg-root-password: {{ .Values.config.pgRootPassword | b64enc | quote }} - +{{ include "common.secret" . }} -- cgit 1.2.3-korg