From: Krzysztof Opasiak <k.opasiak@samsung.com>
Date: Mon, 25 May 2020 13:38:48 +0000 (+0200)
Subject: [COMMON] Allow to use ' in postgres passwords
X-Git-Tag: 6.0.0~23^2
X-Git-Url: https://gerrit.onap.org/r/gitweb?p=oom.git;a=commitdiff_plain;h=7cc76a79c1d2bd8f35270f9068070d13d4b65109

[COMMON] Allow to use ' in postgres passwords

' is one of characters that are placed in passwords by our default
password generation algorith. As ' is a special character in SQL files
we need to escape it before substituting environment variables in .sql file.

Issue-ID: OOM-2317
Reported-by: Fiachra Corcoran <fiachra.corcoran@est.tech>
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
Change-Id: I970eaf03fbcbfa8cb68df4a06ee27503d02d896a
(cherry picked from commit b0a2d3b3628166dc2dba34a6984cc36b8f821fe0)
---

diff --git a/kubernetes/common/postgres/templates/_deployment.tpl b/kubernetes/common/postgres/templates/_deployment.tpl
index e3ac66933f..b1aae5f50d 100644
--- a/kubernetes/common/postgres/templates/_deployment.tpl
+++ b/kubernetes/common/postgres/templates/_deployment.tpl
@@ -44,19 +44,26 @@ spec:
         - sh
         args:
         - -c
-        - "cd /config-input && for PFILE in `ls -1 .`; do envsubst <${PFILE} >/config/${PFILE}; done"
+        - |
+          function prepare_password {
+            echo -n $1 | sed -e "s/'/''/g"
+          }
+          export PG_PRIMARY_PASSWORD=`prepare_password $PG_PRIMARY_PASSWORD_INPUT`;
+          export PG_PASSWORD=`prepare_password $PG_PASSWORD_INPUT`;
+          export PG_ROOT_PASSWORD=`prepare_password $PG_ROOT_PASSWORD_INPUT`;
+          cd /config-input && for PFILE in `ls -1 .`; do envsubst <${PFILE} >/config/${PFILE}; done
         env:
         - name: PG_PRIMARY_USER
           value: primaryuser
-        - name: PG_PRIMARY_PASSWORD
+        - name: PG_PRIMARY_PASSWORD_INPUT
           {{- include "common.secret.envFromSecretFast" (dict "global" $dot "uid" (include "common.postgres.secret.primaryPasswordUID" .) "key" "password") | indent 10 }}
         - name: PG_USER
           {{- include "common.secret.envFromSecretFast" (dict "global" $dot "uid" (include "common.postgres.secret.userCredentialsUID" .) "key" "login") | indent 10 }}
-        - name: PG_PASSWORD
+        - name: PG_PASSWORD_INPUT
           {{- include "common.secret.envFromSecretFast" (dict "global" $dot "uid" (include "common.postgres.secret.userCredentialsUID" .) "key" "password") | indent 10 }}
         - name: PG_DATABASE
           value: "{{ $dot.Values.config.pgDatabase }}"
-        - name: PG_ROOT_PASSWORD
+        - name: PG_ROOT_PASSWORD_INPUT
           {{- include "common.secret.envFromSecretFast" (dict "global" $dot "uid" (include "common.postgres.secret.rootPassUID" .) "key" "password") | indent 10 }}
         volumeMounts:
         - mountPath: /config-input/setup.sql