From d67492e508c00597f3d22e4fa5422d365fee7c0d Mon Sep 17 00:00:00 2001
From: Krzysztof Opasiak <k.opasiak@samsung.com>
Date: Fri, 21 Feb 2020 00:38:56 +0100
Subject: [SDNC] Use common secret template in dmaap-listener

Whole SDNC strongly depends on the assumption that it is using a
common mariadb-galera instance and that root password is secret
password. Also user and password to sdnc DB is hardcoded.

Let's start working on removing this assumption and component by
component add support for local and shared mariadb instance without
hardcoding any passwords to the database.

In this patch all passwords are still hardcoded in the helm chart to
not break other parts of SDNC. Those values will be removed in a final patch.

Issue-ID: OOM-2309
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
Change-Id: I3280f9d7ff4933d4e50b94ca248676ed9aa6688d
---
 .../dmaap-listener/templates/deployment.yaml       | 30 ++++++++++++++++++++--
 1 file changed, 28 insertions(+), 2 deletions(-)

(limited to 'kubernetes/sdnc/charts/dmaap-listener/templates')

diff --git a/kubernetes/sdnc/charts/dmaap-listener/templates/deployment.yaml b/kubernetes/sdnc/charts/dmaap-listener/templates/deployment.yaml
index 7d8178b7b5..7ef5ca4998 100644
--- a/kubernetes/sdnc/charts/dmaap-listener/templates/deployment.yaml
+++ b/kubernetes/sdnc/charts/dmaap-listener/templates/deployment.yaml
@@ -31,11 +31,34 @@ spec:
         release: {{ include "common.release" . }}
     spec:
       initContainers:
+      - command:
+        - sh
+        args:
+        - -c
+        - "cd /config-input && for PFILE in `ls -1 .`; do envsubst <${PFILE} >/config/${PFILE}; done"
+        env:
+        - name: SDNC_DB_USER
+          {{- include "common.secret.envFromSecret" (dict "global" . "uid" "db-secret" "key" "login") | indent 10 }}
+        - name: SDNC_DB_PASSWORD
+          {{- include "common.secret.envFromSecret" (dict "global" . "uid" "db-secret" "key" "password") | indent 10 }}
+        - name: ODL_USER
+          {{- include "common.secret.envFromSecret" (dict "global" . "uid" "odl-creds" "key" "login") | indent 10 }}
+        - name: ODL_PASSWORD
+          {{- include "common.secret.envFromSecret" (dict "global" . "uid" "odl-creds" "key" "password") | indent 10 }}
+        volumeMounts:
+        - mountPath: /config-input
+          name: config-input
+        - mountPath: /config
+          name: properties
+        image: "{{ .Values.global.envsubstImage }}"
+        imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+        name: {{ include "common.name" . }}-update-config
+
       - command:
         - /root/ready.py
         args:
         - --container-name
-        - {{ .Values.config.mariadbGalera.chartName }}
+        - {{ include "common.mariadbService" . }}
         - --container-name
         - {{ .Values.config.sdncChartName }}
         - --container-name
@@ -91,9 +114,12 @@ spec:
         - name: localtime
           hostPath:
             path: /etc/localtime
-        - name: properties
+        - name: config-input
           configMap:
             name: {{ include "common.fullname" . }}
             defaultMode: 0644
+        - name: properties
+          emptyDir:
+            medium: Memory
       imagePullSecrets:
       - name: "{{ include "common.namespace" . }}-docker-registry-key"
-- 
cgit 1.2.3-korg