*/}}
{{- define "common.mariadbSecret" -}}
{{- if .Values.global.mariadbGalera.localCluster -}}
- {{ printf "%s-%s" (include "common.fullname" .) (index .Values "mariadb-galera" "nameOverride") -}}
+ {{ printf "%s-%s-db-user-credentials" (include "common.fullname" .) (index .Values "mariadb-galera" "nameOverride") -}}
{{- else -}}
{{ printf "%s-%s" (.Release.Name) (index .Values "mariadb-init" "nameOverride") -}}
{{- end -}}
*/}}
{{- define "common.mariadbSecretParam" -}}
{{- if .Values.global.mariadbGalera.localCluster -}}
- {{ printf "user-password" -}}
+ {{ printf "password" -}}
{{- else -}}
{{ printf "db-user-password" -}}
{{- end -}}
{{/*
-# Copyright © 2019 Amdocs, Bell Canada
+# Copyright © 2019 Amdocs, Bell Canada, Samsung Electronics
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
echo "Backup Successful!!!"
env:
- name: DB_PASS
- valueFrom:
- secretKeyRef:
- name: {{ include "common.fullname" . }}
- key: db-root-password
+ {{- include "common.secret.envFromSecret" (dict "global" . "uid" "db-root-password" "key" "password") | indent 14}}
volumeMounts:
- name: backup-dir
mountPath: /backup
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
env:
- name: MYSQL_ROOT_PASSWORD
- valueFrom:
- secretKeyRef:
- name: {{ include "common.fullname" . }}
- key: db-root-password
+ {{- include "common.secret.envFromSecret" (dict "global" . "uid" "db-root-password" "key" "password") | indent 14}}
command:
- /bin/bash
- -c
# Copyright © 2018 Amdocs, Bell Canada
+# Copyright © 2019 Samsung Electronics
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
-
-apiVersion: v1
-kind: Secret
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
- release: "{{ .Release.Name }}"
- heritage: "{{ .Release.Service }}"
-type: Opaque
-data:
- db-root-password: {{ .Values.config.mariadbRootPassword | b64enc | quote }}
- user-password: {{ default "" .Values.config.userPassword | b64enc | quote }}
\ No newline at end of file
+{{ include "common.secret" . }}
-# Copyright © 2019 Amdocs, Bell Canada, Orange
+# Copyright © 2019 Amdocs, Bell Canada, Orange, Samsung Electronics
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
apiVersion: v1
fieldPath: metadata.namespace
- name: MYSQL_USER
- value: {{ default "" .Values.config.userName | quote }}
+ {{- include "common.secret.envFromSecret" (dict "global" . "uid" "db-user-credentials" "key" "login") | indent 14}}
- name: MYSQL_PASSWORD
- valueFrom:
- secretKeyRef:
- name: {{ template "common.fullname" . }}
- key: user-password
+ {{- include "common.secret.envFromSecret" (dict "global" . "uid" "db-user-credentials" "key" "password") | indent 14}}
- name: MYSQL_DATABASE
value: {{ default "" .Values.config.mysqlDatabase | quote }}
- name: MYSQL_ROOT_PASSWORD
- valueFrom:
- secretKeyRef:
- name: {{ template "common.fullname" . }}
- key: db-root-password
+ {{- include "common.secret.envFromSecret" (dict "global" . "uid" "db-root-password" "key" "password") | indent 14}}
ports:
- containerPort: {{ .Values.service.internalPort }}
name: {{ .Values.service.portName }}
# Copyright © 2018 Amdocs, Bell Canada
+# Copyright © 2019 Samsung Electronics
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# See the License for the specific language governing permissions and
# limitations under the License.
+#################################################################
+# Secrets metaconfig
+#################################################################
+secrets:
+ - uid: "db-root-password"
+ type: password
+ externalSecret: '{{ tpl (default "" .Values.config.mariadbRootPasswordExternalSecret) . }}'
+ password: '{{ .Values.config.mariadbRootPassword }}'
+ - uid: "db-user-credentials"
+ type: basicAuth
+ externalSecret: '{{ tpl (default "" .Values.config.userCredentialsExternalSecret) . }}'
+ login: '{{ .Values.config.userName }}'
+ password: '{{ .Values.config.userPassword }}'
+
+
#################################################################
# Global configuration defaults.
#################################################################
# application configuration
config:
+ # .mariadbRootPasswordExternalSecret: 'some-external-secret'
mariadbRootPassword: secretpassword
+ # .userCredentialsExternalSecret: 'some-external-secret'
userName: my-user
userPassword: my-password
mysqlDatabase: my-database
*/}}
{{- define "mariadbInit.mariadbClusterSecret" -}}
{{- if (eq "default" .Values.global.mariadbGalera.userRootSecret) -}}
- {{- printf "%s-mariadb-galera-%s" (include "common.release" .) .Values.global.mariadbGalera.nameOverride -}}
+ {{- printf "%s-mariadb-galera-%s-db-root-password" (include "common.release" .) .Values.global.mariadbGalera.nameOverride -}}
{{- else -}}
{{- .Values.global.mariadbGalera.userRootSecret -}}
{{- end -}}
servicePort: 3306
# set these two values if you want to access an 'out of ONAP' mariadb
userRootSecret: default
- userRootSecretKey: db-root-password
+ userRootSecretKey: password
#################################################################
# Application configuration defaults.
Code Review / oom.git / commitdiff