[POLICY] Use common secret template in drools

author Krzysztof Opasiak <k.opasiak@samsung.com>

Thu, 26 Mar 2020 22:59:36 +0000 (23:59 +0100)

committer Krzysztof Opasiak <k.opasiak@samsung.com>

Thu, 26 Mar 2020 22:59:36 +0000 (23:59 +0100)
author Krzysztof Opasiak <k.opasiak@samsung.com>
Thu, 26 Mar 2020 22:59:36 +0000 (23:59 +0100)
committer Krzysztof Opasiak <k.opasiak@samsung.com>
Thu, 26 Mar 2020 22:59:36 +0000 (23:59 +0100)
diff --git a/kubernetes/policy/charts/drools/resources/secrets/credentials.conf b/kubernetes/policy/charts/drools/resources/secrets/credentials.conf

index 57269c1..ee2acc4 100644 (file)
--- a/kubernetes/policy/charts/drools/resources/secrets/credentials.conf
+++ b/kubernetes/policy/charts/drools/resources/secrets/credentials.conf
@@ -25,9 +25,6 @@ TELEMETRY_PASSWORD={{.Values.telemetry.password}}
  REPOSITORY_USERNAME={{.Values.nexus.user}}
  REPOSITORY_PASSWORD={{.Values.nexus.password}}
  
-SQL_USER={{.Values.db.user}}
-SQL_PASSWORD={{.Values.db.password}}
-
  PDPD_CONFIGURATION_API_KEY={{.Values.dmaap.brmsgw.key}}
  PDPD_CONFIGURATION_API_SECRET={{.Values.dmaap.brmsgw.secret}}
  
diff --git a/kubernetes/policy/charts/drools/templates/secrets.yaml b/kubernetes/policy/charts/drools/templates/secrets.yaml

index 47e0b8c..7fb84b5 100644 (file)
--- a/kubernetes/policy/charts/drools/templates/secrets.yaml
+++ b/kubernetes/policy/charts/drools/templates/secrets.yaml
@@ -13,6 +13,8 @@
  # See the License for the specific language governing permissions and
  # limitations under the License.
  
+{{ include "common.secret" . }}
+---
  apiVersion: v1
  kind: Secret
  metadata:
diff --git a/kubernetes/policy/charts/drools/templates/statefulset.yaml b/kubernetes/policy/charts/drools/templates/statefulset.yaml

index 047a77a..e2463aa 100644 (file)
--- a/kubernetes/policy/charts/drools/templates/statefulset.yaml
+++ b/kubernetes/policy/charts/drools/templates/statefulset.yaml
@@ -74,6 +74,10 @@ spec:
            env:
            - name: REPLICAS
              value: "{{ .Values.replicaCount }}"
+          - name: SQL_USER
+            {{- include "common.secret.envFromSecret" (dict "global" . "uid" "db-secret" "key" "login") | indent 12 }}
+          - name: SQL_PASSWORD
+            {{- include "common.secret.envFromSecret" (dict "global" . "uid" "db-secret" "key" "password") | indent 12 }}
            volumeMounts:
            - mountPath: /etc/localtime
              name: localtime
diff --git a/kubernetes/policy/charts/drools/values.yaml b/kubernetes/policy/charts/drools/values.yaml

index fbb4211..eae24e0 100644 (file)
--- a/kubernetes/policy/charts/drools/values.yaml
+++ b/kubernetes/policy/charts/drools/values.yaml
@@ -24,6 +24,17 @@ global:
    loggingImage: beats/filebeat:5.5.0
    ubuntuImage: ubuntu:16.04
  
+#################################################################
+# Secrets metaconfig
+#################################################################
+secrets:
+  - uid: db-secret
+    type: basicAuth
+    externalSecret: '{{ tpl (default "" .Values.db.credsExternalSecret) . }}'
+    login: '{{ .Values.db.user }}'
+    password: '{{ .Values.db.password }}'
+    passwordPolicy: required
+
  #################################################################
  # Application configuration defaults.
  #################################################################
author	Krzysztof Opasiak <k.opasiak@samsung.com>
	Thu, 26 Mar 2020 22:59:36 +0000 (23:59 +0100)
committer	Krzysztof Opasiak <k.opasiak@samsung.com>
	Thu, 26 Mar 2020 22:59:36 +0000 (23:59 +0100)
kubernetes/policy/charts/drools/resources/secrets/credentials.conf		patch \| blob \| history
kubernetes/policy/charts/drools/templates/secrets.yaml		patch \| blob \| history
kubernetes/policy/charts/drools/templates/statefulset.yaml		patch \| blob \| history
kubernetes/policy/charts/drools/values.yaml		patch \| blob \| history