Change global.mariadb to be able to select Operator user
and add setting for external Secret name for root User
Issue-ID: OOM-3266
Change-Id: Ic54819b0d146bd3194b51fddff069167b72cd4f3
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
apiVersion: v2
description: ONAP Policy
name: policy
apiVersion: v2
description: ONAP Policy
name: policy
dependencies:
- name: common
dependencies:
- name: common
- name: mariadb-galera
version: ~13.x-0
repository: '@local'
- name: mariadb-galera
version: ~13.x-0
repository: '@local'
- condition: global.mariadb.localCluster
+ condition: global.mariadbGalera.localCluster
- name: policy-nexus
version: ~13.x-0
repository: 'file://components/policy-nexus'
- name: policy-nexus
version: ~13.x-0
repository: 'file://components/policy-nexus'
# Global configuration defaults.
#################################################################
global:
# Global configuration defaults.
#################################################################
global:
+ mariadbGalera:
+ # flag to enable the DB creation via mariadb-operator
+ useOperator: true
+ # if useOperator set to "true", set "enableServiceAccount to "false"
+ # as the SA is created by the Operator
+ enableServiceAccount: false
localCluster: true
# '&mariadbConfig' means we "store" the values for later use in the file
# with '*mariadbConfig' pointer.
localCluster: true
# '&mariadbConfig' means we "store" the values for later use in the file
# with '*mariadbConfig' pointer.
service: &mariadbService
name: &policy-mariadb policy-mariadb
internalPort: 3306
service: &mariadbService
name: &policy-mariadb policy-mariadb
internalPort: 3306
+ nameOverride: *policy-mariadb
+ # (optional) if localCluster=false and an external secret is used set this variable
+ #userRootSecret: <secretName>
prometheusEnabled: false
postgres:
localCluster: false
prometheusEnabled: false
postgres:
localCluster: false
- uid: db-root-password
name: &dbRootPassSecretName '{{ include "common.release" . }}-policy-db-root-password'
type: password
- uid: db-root-password
name: &dbRootPassSecretName '{{ include "common.release" . }}-policy-db-root-password'
type: password
- externalSecret: '{{ ternary "" (tpl (default "" (index .Values "mariadb-galera" "rootUser" "externalSecret")) .) (hasSuffix "policy-db-root-password" (index .Values "mariadb-galera" "rootUser" "externalSecret"))}}'
+ externalSecret: '{{ .Values.global.mariadbGalera.localCluster |
+ ternary (( hasSuffix "policy-db-root-password" (index .Values "mariadb-galera" "rootUser" "externalSecret")) |
+ ternary
+ ""
+ (tpl (default "" (index .Values "mariadb-galera" "rootUser" "externalSecret")) .)
+ )
+ ( (not (empty (default "" .Values.global.mariadbGalera.userRootSecret))) |
+ ternary
+ .Values.global.mariadbGalera.userRootSecret
+ (include "common.mariadb.secret.rootPassSecretName"
+ (dict "dot" . "chartName" .Values.global.mariadbGalera.nameOverride)
+ )
+ ) }}'
password: '{{ (index .Values "mariadb-galera" "rootUser" "password") }}'
policy: generate
- uid: db-secret
password: '{{ (index .Values "mariadb-galera" "rootUser" "password") }}'
policy: generate
- uid: db-secret
someConfig: blah
mariadb-galera:
someConfig: blah
mariadb-galera:
- # mariadb-galera.config and global.mariadb.config must be equals
+ # mariadb-galera.config and global.mariadbGalera.config must be equals
db:
user: policy-user
# password:
db:
user: policy-user
# password:
rootUser:
externalSecret: *dbRootPassSecretName
nameOverride: *policy-mariadb
rootUser:
externalSecret: *dbRootPassSecretName
nameOverride: *policy-mariadb
- # mariadb-galera.service and global.mariadb.service must be equals
+ # mariadb-galera.service and global.mariadbGalera.service must be equals
service: *mariadbService
replicaCount: 1
mariadbOperator:
service: *mariadbService
replicaCount: 1
mariadbOperator: