[COMMON] Optimize common secret template

[oom.git] / kubernetes / common / mariadb-galera / templates / statefulset.yaml

{{/*
# Copyright © 2019 Amdocs, Bell Canada, Orange, Samsung Electronics
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#       http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
*/}}

apiVersion: apps/v1beta1
kind: StatefulSet
metadata:
  name: {{ include "common.fullname" . }}
  namespace: {{ include "common.namespace" . }}
  labels:
    app: {{ include "common.fullname" . }}
    chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
    release: "{{ include "common.release" . }}"
    heritage: "{{ .Release.Service }}"
spec:
  serviceName: {{ .Values.service.name }}
  replicas: {{ .Values.replicaCount }}
  template:
    metadata:
      labels:
        app: {{ include "common.fullname" . }}
        chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
        release: "{{ include "common.release" . }}"
        heritage: "{{ .Release.Service }}"
      annotations:
        pod.alpha.kubernetes.io/initialized: "true"
    spec:
    {{- if .Values.nodeSelector }}
      nodeSelector:
{{ toYaml .Values.nodeSelector | indent 8 }}
    {{- end }}
      volumes:
      {{- if .Values.externalConfig }}
        - name: config
          configMap:
            name: {{ include "common.fullname" . }}-external-config
      {{- end}}
        - name: localtime
          hostPath:
            path: /etc/localtime
      imagePullSecrets:
      - name: {{ include "common.namespace" . }}-docker-registry-key
      containers:
        - name: {{ include "common.name" . }}
          image: "{{ include "common.repository" . }}/{{ .Values.image }}"
          imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy | quote}}
          env:
            - name: POD_NAMESPACE
              valueFrom:
                fieldRef:
                  apiVersion: v1
                  fieldPath: metadata.namespace
            - name: MYSQL_USER
              {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" (include "common.mariadb.secret.userCredentialsUID" .) "key" "login") | indent 14}}
            - name: MYSQL_PASSWORD
              {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" (include "common.mariadb.secret.userCredentialsUID" .) "key" "password") | indent 14}}
            - name: MYSQL_DATABASE
              value: {{ default "" .Values.config.mysqlDatabase | quote }}
            - name: MYSQL_ROOT_PASSWORD
              {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" (include "common.mariadb.secret.rootPassUID" .) "key" "password") | indent 14}}
          ports:
          - containerPort: {{ .Values.service.internalPort }}
            name: {{ .Values.service.portName }}
          - containerPort: {{ .Values.service.sstPort }}
            name: {{ .Values.service.sstPortName }}
          - containerPort: {{ .Values.service.replicationPort }}
            name: {{ .Values.service.replicationName }}
          - containerPort: {{ .Values.service.istPort }}
            name: {{ .Values.service.istPortName }}
          readinessProbe:
            exec:
              command:
              - /usr/share/container-scripts/mysql/readiness-probe.sh
            initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
            periodSeconds: {{ .Values.readiness.periodSeconds }}
            timeoutSeconds: {{ .Values.readiness.timeoutSeconds }}
      {{- if eq .Values.liveness.enabled true }}
          livenessProbe:
            exec:
              command: ["mysqladmin", "ping"]
            initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
            periodSeconds: {{ .Values.liveness.periodSeconds }}
            timeoutSeconds: {{ .Values.liveness.timeoutSeconds }}
      {{- end }}
          resources:
{{ include "common.resources" . | indent 12 }}
          volumeMounts:
        {{- if .Values.externalConfig }}
          - mountPath: /etc/config
            name: config
        {{- end}}
          - mountPath: /etc/localtime
            name: localtime
            readOnly: true
{{- if .Values.persistence.enabled }}
          - mountPath: /var/lib/mysql
            name: {{ include "common.fullname" . }}-data
      initContainers:
        - name: {{ include "common.name" . }}-prepare
          image: "{{ include "common.repository" . }}/{{ .Values.imageInit }}"
          imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy | quote}}
          command: ["sh", "-c", "chown -R 27:27 /var/lib/mysql"]
          volumeMounts:
            - name: {{ include "common.fullname" . }}-data
              mountPath: /var/lib/mysql
  volumeClaimTemplates:
  - metadata:
      name: {{ include "common.fullname" . }}-data
      labels:
        name: {{ include "common.fullname" . }}
        chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
        release: "{{ include "common.release" . }}"
        heritage: "{{ .Release.Service }}"
    spec:
      accessModes:
      - {{ .Values.persistence.accessMode | quote }}
      storageClassName: {{ include "common.storageClass" . }}
      resources:
        requests:
          storage: {{ .Values.persistence.size | quote }}
{{- end }}