From a789c1a7432d58d37269fb40ce719000181a3c2b Mon Sep 17 00:00:00 2001
From: Krzysztof Opasiak <k.opasiak@samsung.com>
Date: Wed, 22 Jan 2020 00:06:32 +0100
Subject: [COMMON] Provide convenience templates for mariadb secrets

Usage of plain strings is very fragile especially when you try
to change them. That's why instead of depending on strings let's
just define a few convenience templates to be used in projects
that use mariadb-galera chart.

Issue-ID: OOM-2249
Change-Id: Ib867d34090b06a15ea3898a9524f5e3d04a656c0
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
---
 kubernetes/common/common/templates/_mariadb.tpl    | 37 ++++++++++++++++++++++
 .../mariadb-galera/templates/backup/cronjob.yaml   |  4 +--
 .../mariadb-galera/templates/statefulset.yaml      |  6 ++--
 kubernetes/common/mariadb-galera/values.yaml       |  4 +--
 .../common/mariadb-init/templates/_mariadb.tpl     |  2 +-
 5 files changed, 45 insertions(+), 8 deletions(-)

(limited to 'kubernetes')

diff --git a/kubernetes/common/common/templates/_mariadb.tpl b/kubernetes/common/common/templates/_mariadb.tpl
index d4af1807fa..df0e6b41c9 100644
--- a/kubernetes/common/common/templates/_mariadb.tpl
+++ b/kubernetes/common/common/templates/_mariadb.tpl
@@ -14,6 +14,43 @@
 # limitations under the License.
 */}}
 
+{{/*
+  UID of mariadb root password
+*/}}
+{{- define "common.mariadb.secret.rootPassUID" -}}
+  {{- printf "db-root-password" }}
+{{- end -}}
+
+{{/*
+  Name of mariadb secret
+*/}}
+{{- define "common.mariadb.secret._secretName" -}}
+  {{- $global := .dot }}
+  {{- $chartName := tpl .chartName $global -}}
+  {{- include "common.secret.genName" (dict "global" $global "uid" (include .uidTemplate $global) "chartName" $chartName) }}
+{{- end -}}
+
+{{/*
+  Name of mariadb root password secret
+*/}}
+{{- define "common.mariadb.secret.rootPassSecretName" -}}
+  {{- include "common.mariadb.secret._secretName" (set . "uidTemplate" "common.mariadb.secret.rootPassUID") }}
+{{- end -}}
+
+{{/*
+  UID of mariadb user credentials
+*/}}
+{{- define "common.mariadb.secret.userCredentialsUID" -}}
+  {{- printf "db-user-credentials" }}
+{{- end -}}
+
+{{/*
+  Name of mariadb user credentials secret
+*/}}
+{{- define "common.mariadb.secret.userCredentialsSecretName" -}}
+  {{- include "common.mariadb.secret._secretName" (set . "uidTemplate" "common.mariadb.secret.userCredentialsUID") }}
+{{- end -}}
+
 {{/*
   Choose the name of the mariadb service to use.
 */}}
diff --git a/kubernetes/common/mariadb-galera/templates/backup/cronjob.yaml b/kubernetes/common/mariadb-galera/templates/backup/cronjob.yaml
index 69a8490760..c9e2ffe85c 100644
--- a/kubernetes/common/mariadb-galera/templates/backup/cronjob.yaml
+++ b/kubernetes/common/mariadb-galera/templates/backup/cronjob.yaml
@@ -86,7 +86,7 @@ spec:
               echo "Backup Successful!!!"
             env:
             - name: DB_PASS
-              {{- include "common.secret.envFromSecret" (dict "global" . "uid" "db-root-password" "key" "password") | indent 14}}
+              {{- include "common.secret.envFromSecret" (dict "global" . "uid" (include "common.mariadb.secret.rootPassUID" .) "key" "password") | indent 14}}
             volumeMounts:
             - name: backup-dir
               mountPath: /backup
@@ -96,7 +96,7 @@ spec:
             imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
             env:
             - name: MYSQL_ROOT_PASSWORD
-              {{- include "common.secret.envFromSecret" (dict "global" . "uid" "db-root-password" "key" "password") | indent 14}}
+              {{- include "common.secret.envFromSecret" (dict "global" . "uid" (include "common.mariadb.secret.rootPassUID" .) "key" "password") | indent 14}}
             command:
             - /bin/bash
             - -c
diff --git a/kubernetes/common/mariadb-galera/templates/statefulset.yaml b/kubernetes/common/mariadb-galera/templates/statefulset.yaml
index 496f242d94..a6260fae54 100644
--- a/kubernetes/common/mariadb-galera/templates/statefulset.yaml
+++ b/kubernetes/common/mariadb-galera/templates/statefulset.yaml
@@ -61,13 +61,13 @@ spec:
                   apiVersion: v1
                   fieldPath: metadata.namespace
             - name: MYSQL_USER
-              {{- include "common.secret.envFromSecret" (dict "global" . "uid" "db-user-credentials" "key" "login") | indent 14}}
+              {{- include "common.secret.envFromSecret" (dict "global" . "uid" (include "common.mariadb.secret.userCredentialsUID" .) "key" "login") | indent 14}}
             - name: MYSQL_PASSWORD
-              {{- include "common.secret.envFromSecret" (dict "global" . "uid" "db-user-credentials" "key" "password") | indent 14}}
+              {{- include "common.secret.envFromSecret" (dict "global" . "uid" (include "common.mariadb.secret.userCredentialsUID" .) "key" "password") | indent 14}}
             - name: MYSQL_DATABASE
               value: {{ default "" .Values.config.mysqlDatabase | quote }}
             - name: MYSQL_ROOT_PASSWORD
-              {{- include "common.secret.envFromSecret" (dict "global" . "uid" "db-root-password" "key" "password") | indent 14}}
+              {{- include "common.secret.envFromSecret" (dict "global" . "uid" (include "common.mariadb.secret.rootPassUID" .) "key" "password") | indent 14}}
           ports:
           - containerPort: {{ .Values.service.internalPort }}
             name: {{ .Values.service.portName }}
diff --git a/kubernetes/common/mariadb-galera/values.yaml b/kubernetes/common/mariadb-galera/values.yaml
index a6dd1ca359..1dcc88c3b5 100644
--- a/kubernetes/common/mariadb-galera/values.yaml
+++ b/kubernetes/common/mariadb-galera/values.yaml
@@ -17,11 +17,11 @@
 # Secrets metaconfig
 #################################################################
 secrets:
-  - uid: "db-root-password"
+  - uid: '{{ include "common.mariadb.secret.rootPassUID" . }}'
     type: password
     externalSecret: '{{ tpl (default "" .Values.config.mariadbRootPasswordExternalSecret) . }}'
     password: '{{ .Values.config.mariadbRootPassword }}'
-  - uid: "db-user-credentials"
+  - uid: '{{ include "common.mariadb.secret.userCredentialsUID" . }}'
     type: basicAuth
     externalSecret: '{{ tpl (default "" .Values.config.userCredentialsExternalSecret) . }}'
     login: '{{ .Values.config.userName }}'
diff --git a/kubernetes/common/mariadb-init/templates/_mariadb.tpl b/kubernetes/common/mariadb-init/templates/_mariadb.tpl
index 64c15ed862..af9a4f5f02 100644
--- a/kubernetes/common/mariadb-init/templates/_mariadb.tpl
+++ b/kubernetes/common/mariadb-init/templates/_mariadb.tpl
@@ -18,5 +18,5 @@
   Choose the name of the mariadb secret to use.
 */}}
 {{- define "mariadbInit.mariadbClusterSecret" -}}
-  {{- printf "%s-%s-db-root-password" (include "common.release" .) (default "mariadb-galera" .Values.global.mariadbGalera.nameOverride) -}}
+  {{- include "common.mariadb.secret.rootPassSecretName" (dict "dot" . "chartName" (default "mariadb-galera" .Values.global.mariadbGalera.nameOverride)) -}}
 {{- end -}}
-- 
cgit 1.2.3-korg