blob: 004f2f3622071c6dd03f27a82506f4496c43619e (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
|
{{- /*
Copyright VMware, Inc.
SPDX-License-Identifier: APACHE-2.0
*/}}
{{- if .Values.auth.enabled }}
{{- $replicaCount := int .Values.replicaCount }}
{{- $port := .Values.service.ports.mongodb }}
{{- $host := include "mongodb.service.nameOverride" . }}
{{- $hostForURI := printf "%s:%s" (include "mongodb.service.nameOverride" .) (print $port) }}
{{- if (eq .Values.architecture "replicaset") }}
{{- $fullname := include "mongodb.fullname" . }}
{{- $releaseNamespace := include "mongodb.namespace" . }}
{{- $clusterDomain := .Values.clusterDomain }}
{{- $mongoList := list }}
{{- $mongoOnlyHostList := list }}
{{- range $e, $i := until $replicaCount }}
{{- $mongoOnlyHostList = append $mongoList (printf "%s-%d.%s-headless.%s.svc.%s" $fullname $i $fullname $releaseNamespace $clusterDomain) }}
{{- $mongoList = append $mongoList (printf "%s-%d.%s-headless.%s.svc.%s:%s" $fullname $i $fullname $releaseNamespace $clusterDomain (print $port)) }}
{{- end }}
{{- $host = (join "," $mongoOnlyHostList) }}
{{- $hostForURI = (join "," $mongoList) }}
{{- end }}
{{/* Root user section. */}}
{{- $rootPassword := include "common.secrets.passwords.manage" (dict "secret" (include "mongodb.secretName" .) "key" "mongodb-root-password" "providedValues" (list "auth.rootPassword" ) "context" $) | trimAll "\"" | b64dec }}
{{/* Custom user section. This chart allows creating multiple users */}}
{{- $customUsers := include "mongodb.customUsers" . }}
{{- $customDatabases := include "mongodb.customDatabases" . }}
{{- $customPasswords := include "mongodb.customPasswords" . }}
{{- $passwords := "" }}
{{- $passwordList := list -}}
{{- $customUsersList := list }}
{{- $customDatabasesList := list }}
{{- $customPasswordsList := list }}
{{- if and (not (empty $customUsers)) (not (empty $customDatabases)) }}
{{- $customUsersList = splitList "," $customUsers }}
{{- $customDatabasesList = splitList "," $customDatabases }}
{{- if not (empty $customPasswords) }}
{{- $passwordList = $customPasswords }}
{{- $customPasswordsList = splitList "," $customPasswords }}
{{- else }}
{{- range $customUsersList }}
{{- $customPasswordsList = append $customPasswordsList (randAlphaNum 10) }}
{{- end -}}
{{- $passwordList = (join "," $customPasswordsList) }}
{{- end }}
{{- $passwords = include "common.secrets.passwords.manage" (dict "secret" (include "mongodb.secretName" .) "key" "mongodb-passwords" "providedValues" (list "mongodbPasswords") "context" (set (deepCopy $) "Values" (dict "mongodbPasswords" $passwordList))) | trimAll "\"" | b64dec }}
{{- end }}
{{- if (include "mongodb.createSecret" .) }}
apiVersion: v1
kind: Secret
metadata:
name: {{ include "mongodb.fullname" . }}
namespace: {{ template "mongodb.namespace" . }}
labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }}
app.kubernetes.io/component: mongodb
{{- if .Values.commonAnnotations }}
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
{{- end }}
type: Opaque
data:
mongodb-root-password: {{ print $rootPassword | b64enc | quote }}
{{- if and (not (empty $customUsers)) (not (empty $customDatabases)) }}
mongodb-passwords: {{ print $passwords | b64enc | quote }}
{{- end }}
{{- if .Values.metrics.username }}
mongodb-metrics-password: {{ include "common.secrets.passwords.manage" (dict "secret" (include "mongodb.fullname" .) "key" "mongodb-metrics-password" "providedValues" (list "metrics.password" ) "context" $) }}
{{- end }}
{{- if eq .Values.architecture "replicaset" }}
mongodb-replica-set-key: {{ include "common.secrets.passwords.manage" (dict "secret" (include "mongodb.fullname" .) "key" "mongodb-replica-set-key" "providedValues" (list "auth.replicaSetKey" ) "context" $) }}
{{- end }}
{{- end }}
{{- if .Values.serviceBindings.enabled }}
---
apiVersion: v1
kind: Secret
metadata:
name: {{ include "common.names.fullname" . }}-svcbind-root
namespace: {{ .Release.Namespace | quote }}
labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }}
{{- if .Values.commonAnnotations }}
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
{{- end }}
type: servicebinding.io/mongodb
data:
provider: {{ print "bitnami" | b64enc | quote }}
type: {{ print "mongodb" | b64enc | quote }}
host: {{ print $host | b64enc | quote }}
port: {{ print $port | b64enc | quote }}
username: {{ print .Values.auth.rootUser | b64enc | quote }}
password: {{ print $rootPassword | b64enc | quote }}
database: {{ print "admin" | b64enc | quote }}
uri: {{ printf "mongodb://%s:%s@%s/admin" .Values.auth.rootUser $rootPassword $hostForURI | b64enc | quote }}
{{- range $e, $i := until (len $customUsersList) }}
---
{{- $currentSecret := printf "%s-svcbind-%d" (include "common.names.fullname" $) $i }}
apiVersion: v1
kind: Secret
metadata:
name: {{ $currentSecret }}
namespace: {{ $.Release.Namespace | quote }}
labels: {{- include "common.labels.standard" ( dict "customLabels" $.Values.commonLabels "context" $ ) | nindent 4 }}
{{- if $.Values.commonAnnotations }}
annotations: {{- include "common.tplvalues.render" ( dict "value" $.Values.commonAnnotations "context" $ ) | nindent 4 }}
{{- end }}
type: servicebinding.io/mongodb
data:
{{- $currentUser := index $customUsersList $i }}
{{- $currentDatabase := last $customDatabasesList }}
{{- if gt (len $customDatabasesList) $i }}
{{- $currentDatabase = index $customDatabasesList $i }}
{{- end }}
{{- $currentProvidedPassword := index $customPasswordsList $i }}
{{- $currentPassword := include "common.secrets.lookup" (dict "secret" $currentSecret "key" "password" "defaultValue" $currentProvidedPassword "context" $) | b64dec }}
provider: {{ print "bitnami" | b64enc | quote }}
type: {{ print "mongodb" | b64enc | quote }}
host: {{ print $host | b64enc | quote }}
port: {{ print $port | b64enc | quote }}
username: {{ print $currentUser | b64enc | quote }}
password: {{ print $currentPassword | b64enc | quote }}
database: {{ print $currentDatabase | b64enc | quote }}
uri: {{ printf "mongodb://%s:%s@%s/%s" $currentUser $currentPassword $hostForURI $currentDatabase | b64enc | quote }}
{{- end }}
{{- end }}
{{- end }}
|
