[POLICY] Support external MariaDB using Operator

[oom.git] / kubernetes / policy / values.yaml

diff --git a/kubernetes/policy/values.yaml b/kubernetes/policy/values.yaml
index 47ced8a..5628ade 100755 (executable)
--- a/kubernetes/policy/values.yaml
+++ b/kubernetes/policy/values.yaml
@@ -18,7 +18,12 @@
 # Global configuration defaults.
 #################################################################
 global:
-  mariadb:
+  mariadbGalera:
+    # flag to enable the DB creation via mariadb-operator
+    useOperator: true
+    # if useOperator set to "true", set "enableServiceAccount to "false"
+    # as the SA is created by the Operator
+    enableServiceAccount: false
     localCluster: true
     # '&mariadbConfig' means we "store" the values for  later use in the file
     # with '*mariadbConfig' pointer.
@@ -27,6 +32,9 @@ global:
     service: &mariadbService
       name: &policy-mariadb policy-mariadb
       internalPort: 3306
+    nameOverride: *policy-mariadb
+    # (optional) if localCluster=false and an external secret is used set this variable
+    #userRootSecret: <secretName>
   prometheusEnabled: false
   postgres:
     localCluster: false
@@ -53,7 +61,19 @@ secrets:
   - uid: db-root-password
     name: &dbRootPassSecretName '{{ include "common.release" . }}-policy-db-root-password'
     type: password
-    externalSecret: '{{ ternary "" (tpl (default "" (index .Values "mariadb-galera" "rootUser" "externalSecret")) .) (hasSuffix "policy-db-root-password" (index .Values "mariadb-galera" "rootUser" "externalSecret"))}}'
+    externalSecret: '{{ .Values.global.mariadbGalera.localCluster |
+      ternary (( hasSuffix "policy-db-root-password" (index .Values "mariadb-galera" "rootUser" "externalSecret")) |
+               ternary
+                  ""
+                  (tpl (default "" (index .Values "mariadb-galera" "rootUser" "externalSecret")) .)
+               )
+               ( (not (empty (default "" .Values.global.mariadbGalera.userRootSecret))) |
+                 ternary
+                   .Values.global.mariadbGalera.userRootSecret
+                   (include "common.mariadb.secret.rootPassSecretName"
+                     (dict "dot" . "chartName" .Values.global.mariadbGalera.nameOverride)
+                   )
+               ) }}'
     password: '{{ (index .Values "mariadb-galera" "rootUser" "password") }}'
     policy: generate
   - uid: db-secret
@@ -210,7 +230,7 @@ config:
   someConfig: blah
 
 mariadb-galera:
-  # mariadb-galera.config and global.mariadb.config must be equals
+  # mariadb-galera.config and global.mariadbGalera.config must be equals
   db:
     user: policy-user
     # password:
@@ -219,7 +239,7 @@ mariadb-galera:
   rootUser:
     externalSecret: *dbRootPassSecretName
   nameOverride: *policy-mariadb
-  # mariadb-galera.service and global.mariadb.service must be equals
+  # mariadb-galera.service and global.mariadbGalera.service must be equals
   service: *mariadbService
   replicaCount: 1
   mariadbOperator: