From 5b51881c3520027d1015c72eded17d6448810665 Mon Sep 17 00:00:00 2001 From: Krzysztof Opasiak Date: Wed, 22 Jan 2020 00:08:05 +0100 Subject: [PATCH] [COMMON] Make network-name-gen use common secrets template For now we use it only for DB secret but in a future also other secrets should be replaced. Issue-ID: OOM-2249 Change-Id: Ie6515806c39c6a2cd94be378b5210156b78f4afb Signed-off-by: Krzysztof Opasiak --- .../common/network-name-gen/templates/deployment.yaml | 7 ++----- .../common/network-name-gen/templates/secrets.yaml | 16 ++-------------- kubernetes/common/network-name-gen/values.yaml | 11 +++++++++++ 3 files changed, 15 insertions(+), 19 deletions(-) diff --git a/kubernetes/common/network-name-gen/templates/deployment.yaml b/kubernetes/common/network-name-gen/templates/deployment.yaml index 60dbca4f2b..2f9cd6a158 100644 --- a/kubernetes/common/network-name-gen/templates/deployment.yaml +++ b/kubernetes/common/network-name-gen/templates/deployment.yaml @@ -53,12 +53,9 @@ spec: - name: SPRING_PROFILE value: "{{ .Values.config.springProfile }}" - name: NENG_DB_USER - value: {{ index .Values "mariadb-galera" "config" "userName" }} + {{- include "common.secret.envFromSecret" (dict "global" . "uid" "db-user-creds" "key" "login") | indent 10}} - name: NENG_DB_PASS - valueFrom: - secretKeyRef: - name: {{ template "common.fullname" . }} - key: db-root-password + {{- include "common.secret.envFromSecret" (dict "global" . "uid" "db-user-creds" "key" "password") | indent 10}} - name: NENG_DB_URL value: {{ .Values.config.dbUrl }} - name: POL_CLIENT_AUTH diff --git a/kubernetes/common/network-name-gen/templates/secrets.yaml b/kubernetes/common/network-name-gen/templates/secrets.yaml index 55d21d74e3..d5bdce3e04 100644 --- a/kubernetes/common/network-name-gen/templates/secrets.yaml +++ b/kubernetes/common/network-name-gen/templates/secrets.yaml @@ -12,19 +12,7 @@ # See the License for the specific language governing permissions and # limitations under the License. -apiVersion: v1 -kind: Secret -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.fullname" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -type: Opaque -data: - db-root-password: {{ index .Values "mariadb-galera" "config" "mariadbRootPassword" | b64enc | quote }} +{{ include "common.secret" . }} --- apiVersion: v1 data: @@ -38,4 +26,4 @@ metadata: release: {{ include "common.release" . }} heritage: {{ .Release.Service }} kind: Secret -type: Opaque \ No newline at end of file +type: Opaque diff --git a/kubernetes/common/network-name-gen/values.yaml b/kubernetes/common/network-name-gen/values.yaml index b8a5dad170..d5897013c4 100644 --- a/kubernetes/common/network-name-gen/values.yaml +++ b/kubernetes/common/network-name-gen/values.yaml @@ -32,6 +32,17 @@ global: # image pull policy pullPolicy: IfNotPresent +################################################################# +# Secrets metaconfig +################################################################# +secrets: + - uid: "db-user-creds" + externalSecret: '{{- include "common.mariadb.secret.userCredentialsSecretName" (dict "dot" . "chartName" (index .Values "mariadb-galera" "nameOverride")) }}' + type: basicAuth + - uid: "db-root-pass" + externalSecret: '{{- include "common.mariadb.secret.rootPassSecretName" (dict "dot" . "chartName" (index .Values "mariadb-galera" "nameOverride")) }}' + type: password + # sub-chart config mariadb-galera: config: -- 2.16.6