[SO] Support root secret for external DB
In case of an external DB the secret containing the root
password can be given in the global.mariadbGalera section
and has to be used in the DB jobs
Issue-ID: OOM-3266
Change-Id: Ifdaa4bdefbe3f985bfb2ff9f630a2d806089241c
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
diff --git a/kubernetes/so/values.yaml b/kubernetes/so/values.yaml
index 229decd..ec77d92 100755
--- a/kubernetes/so/values.yaml
+++ b/kubernetes/so/values.yaml
@@ -27,9 +27,11 @@
servicePort: '3306'
service: mariadb-galera
internalPort: '3306'
- #This flag allows SO to instantiate its own mariadb-galera cluster,
- #serviceName and nameOverride should be so-mariadb-galera if this flag is enabled
+ # This flag allows SO to instantiate its own mariadb-galera cluster,
+ # serviceName and nameOverride should be so-mariadb-galera if this flag is enabled
localCluster: false
+ # (optional) if localCluster=false and an external secret is used set this variable
+ #userRootSecret: <secretName>
persistence:
mountPath: /dockerdata-nfs
#This configuration specifies Service and port for SDNC OAM interface
@@ -68,13 +70,18 @@
# override this secret using external one with the same field that is used
# to pass this to subchart.
externalSecret: '{{ .Values.global.mariadbGalera.localCluster |
- ternary ((hasSuffix "so-db-root-pass" (index .Values "mariadb-galera" "rootUser" "externalSecret")) |
- ternary
- ""
- (tpl (default "" (index .Values "mariadb-galera" "rootUser" "externalSecret")) .))
- (include "common.mariadb.secret.rootPassSecretName"
- (dict "dot" .
- "chartName" .Values.global.mariadbGalera.nameOverride)) }}'
+ ternary (( hasSuffix "so-db-root-pass" (index .Values "mariadb-galera" "rootUser" "externalSecret")) |
+ ternary
+ ""
+ (tpl (default "" (index .Values "mariadb-galera" "rootUser" "externalSecret")) .)
+ )
+ ( (not (empty (default "" .Values.global.mariadbGalera.userRootSecret))) |
+ ternary
+ .Values.global.mariadbGalera.userRootSecret
+ (include "common.mariadb.secret.rootPassSecretName"
+ (dict "dot" . "chartName" .Values.global.mariadbGalera.nameOverride)
+ )
+ ) }}'
password: '{{ .Values.global.mariadbGalera.mariadbRootpassword }}'
- uid: db-backup-creds
name: &dbBackupCredsSecretName '{{ include "common.release" . }}-so-db-backup-creds'
@@ -690,7 +697,15 @@
db:
rootPasswordExternalSecretLocalDb: *dbRootPassSecretName
#rootPasswordExternalSecretLocalDb: *dbRootPassSecretName
- rootPasswordExternalSecret: '{{ ternary (tpl .Values.db.rootPasswordExternalSecretLocalDb .) (include "common.mariadb.secret.rootPassSecretName" (dict "dot" . "chartName" .Values.global.mariadbGalera.nameOverride)) .Values.global.mariadbGalera.localCluster }}'
+ rootPasswordExternalSecret: '{{ .Values.global.mariadbGalera.localCluster |
+ ternary (tpl .Values.db.rootPasswordExternalSecretLocalDb .)
+ ( (not (empty (default "" .Values.global.mariadbGalera.userRootSecret))) |
+ ternary
+ .Values.global.mariadbGalera.userRootSecret
+ (include "common.mariadb.secret.rootPassSecretName"
+ (dict "dot" . "chartName" .Values.global.mariadbGalera.nameOverride)
+ )
+ ) }}'
backupCredsExternalSecret: *dbBackupCredsSecretName
userCredsExternalSecret: *dbUserCredsSecretName
adminCredsExternalSecret: *dbAdminCredsSecretName