{{- define "common.postgres.deployment" -}}
{{- $dot := .dot }}
{{- $pgMode := .pgMode }}
-apiVersion: apps/v1beta1
+apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ include "common.fullname" $dot }}-{{ $pgMode }}
heritage: {{ $dot.Release.Service }}
name: "{{ index $dot.Values "container" "name" $pgMode }}"
spec:
- serviceName: {{ $dot.Values.service.name }}
replicas: 1
+ selector:
+ matchLabels:
+ app: {{ include "common.name" $dot }}-{{ $pgMode }}
template:
metadata:
labels:
- sh
args:
- -c
- - "cd /config-input && for PFILE in `ls -1 .`; do envsubst <${PFILE} >/config/${PFILE}; done"
+ - |
+ function prepare_password {
+ echo -n $1 | sed -e "s/'/''/g"
+ }
+ export PG_PRIMARY_PASSWORD=`prepare_password $PG_PRIMARY_PASSWORD_INPUT`;
+ export PG_PASSWORD=`prepare_password $PG_PASSWORD_INPUT`;
+ export PG_ROOT_PASSWORD=`prepare_password $PG_ROOT_PASSWORD_INPUT`;
+ cd /config-input && for PFILE in `ls -1 .`; do envsubst <${PFILE} >/config/${PFILE}; done
env:
- name: PG_PRIMARY_USER
value: primaryuser
- - name: PG_PRIMARY_PASSWORD
- {{- include "common.secret.envFromSecret" (dict "global" $dot "uid" (include "common.postgres.secret.primaryPasswordUID" .) "key" "password") | indent 10 }}
+ - name: PG_PRIMARY_PASSWORD_INPUT
+ {{- include "common.secret.envFromSecretFast" (dict "global" $dot "uid" (include "common.postgres.secret.primaryPasswordUID" .) "key" "password") | indent 10 }}
- name: PG_USER
- {{- include "common.secret.envFromSecret" (dict "global" $dot "uid" (include "common.postgres.secret.userCredentialsUID" .) "key" "login") | indent 10 }}
- - name: PG_PASSWORD
- {{- include "common.secret.envFromSecret" (dict "global" $dot "uid" (include "common.postgres.secret.userCredentialsUID" .) "key" "password") | indent 10 }}
+ {{- include "common.secret.envFromSecretFast" (dict "global" $dot "uid" (include "common.postgres.secret.userCredentialsUID" .) "key" "login") | indent 10 }}
+ - name: PG_PASSWORD_INPUT
+ {{- include "common.secret.envFromSecretFast" (dict "global" $dot "uid" (include "common.postgres.secret.userCredentialsUID" .) "key" "password") | indent 10 }}
- name: PG_DATABASE
value: "{{ $dot.Values.config.pgDatabase }}"
- - name: PG_ROOT_PASSWORD
- {{- include "common.secret.envFromSecret" (dict "global" $dot "uid" (include "common.postgres.secret.rootPassUID" .) "key" "password") | indent 10 }}
+ - name: PG_ROOT_PASSWORD_INPUT
+ {{- include "common.secret.envFromSecretFast" (dict "global" $dot "uid" (include "common.postgres.secret.rootPassUID" .) "key" "password") | indent 10 }}
volumeMounts:
- mountPath: /config-input/setup.sql
name: config
subPath: setup.sql
- mountPath: /config
name: pgconf
- image: "{{ $dot.Values.global.envsubstImage }}"
+ image: {{ include "repositoryGenerator.image.envsubst" $dot }}
imagePullPolicy: {{ $dot.Values.global.pullPolicy | default $dot.Values.pullPolicy }}
name: {{ include "common.name" $dot }}-update-config
- |
chown 26:26 /podroot/;
chmod 700 /podroot/;
- image: {{ $dot.Values.global.busyboxRepository | default $dot.Values.busyboxRepository }}/{{ $dot.Values.busyboxImage }}
+ image: {{ include "repositoryGenerator.image.busybox" $dot }}
imagePullPolicy: {{ $dot.Values.global.pullPolicy | default $dot.Values.pullPolicy }}
volumeMounts:
- name: {{ include "common.fullname" $dot }}-data
mountPath: /podroot/
containers:
- name: {{ include "common.name" $dot }}
- image: "{{ $dot.Values.postgresRepository }}/{{ $dot.Values.image }}"
+ image: {{ include "repositoryGenerator.image.postgres" $dot }}
imagePullPolicy: {{ $dot.Values.global.pullPolicy | default $dot.Values.pullPolicy }}
ports:
- containerPort: {{ $dot.Values.service.internalPort }}
- name: PG_PRIMARY_PORT
value: "{{ $dot.Values.service.internalPort }}"
- name: PG_PRIMARY_PASSWORD
- {{- include "common.secret.envFromSecret" (dict "global" $dot "uid" (include "common.postgres.secret.primaryPasswordUID" .) "key" "password") | indent 10 }}
+ {{- include "common.secret.envFromSecretFast" (dict "global" $dot "uid" (include "common.postgres.secret.primaryPasswordUID" .) "key" "password") | indent 10 }}
- name: PG_USER
- {{- include "common.secret.envFromSecret" (dict "global" $dot "uid" (include "common.postgres.secret.userCredentialsUID" .) "key" "login") | indent 10 }}
+ {{- include "common.secret.envFromSecretFast" (dict "global" $dot "uid" (include "common.postgres.secret.userCredentialsUID" .) "key" "login") | indent 10 }}
- name: PG_PASSWORD
- {{- include "common.secret.envFromSecret" (dict "global" $dot "uid" (include "common.postgres.secret.userCredentialsUID" .) "key" "password") | indent 10 }}
+ {{- include "common.secret.envFromSecretFast" (dict "global" $dot "uid" (include "common.postgres.secret.userCredentialsUID" .) "key" "password") | indent 10 }}
- name: PG_DATABASE
value: "{{ $dot.Values.config.pgDatabase }}"
- name: PG_ROOT_PASSWORD
- {{- include "common.secret.envFromSecret" (dict "global" $dot "uid" (include "common.postgres.secret.rootPassUID" .) "key" "password") | indent 10 }}
+ {{- include "common.secret.envFromSecretFast" (dict "global" $dot "uid" (include "common.postgres.secret.rootPassUID" .) "key" "password") | indent 10 }}
volumeMounts:
- name: config
mountPath: /pgconf/pool_hba.conf
- mountPath: /backup
name: {{ include "common.fullname" $dot }}-backup
readOnly: true
- resources:
-{{ include "common.resources" $dot | indent 12 }}
+ resources: {{ include "common.resources" $dot | nindent 12 }}
{{- if $dot.Values.nodeSelector }}
nodeSelector:
{{ toYaml $dot.Values.nodeSelector | indent 10 }}
Code Review / oom.git / blobdiff