Gitiles
Code Review Sign In
gerrit.nordix.org / onap / oom / 68b1c92d437c3bd568f9c5c34efcc46295574ece^! / . / kubernetes / policy / charts / drools / templates
commit68b1c92d437c3bd568f9c5c34efcc46295574ece[log] [tgz]
authorKrzysztof Opasiak <k.opasiak@samsung.com>Thu Mar 26 23:59:36 2020 +0100
committerKrzysztof Opasiak <k.opasiak@samsung.com>Thu Mar 26 23:59:36 2020 +0100
tree3c3f31120f46dc8061d4bfd72e302043ad3b452f
parent87a8e38f930e02e2ea6c37ff9bf5642245c4d88c [diff]
[POLICY] Use common secret template in drools

Use common secret template in drools module instead of putting db
credentials in a single secret file to allow usage of external secret
mechanism.

For now db creds are hardcoded but will be remove in further commits.

Issue-ID: OOM-2342
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
Change-Id: I377b71d76b0b37e919ea841586bb6d5c22107952

diff --git a/kubernetes/policy/charts/drools/templates/secrets.yaml b/kubernetes/policy/charts/drools/templates/secrets.yaml
index 47e0b8c..7fb84b5 100644
--- a/kubernetes/policy/charts/drools/templates/secrets.yaml
+++ b/kubernetes/policy/charts/drools/templates/secrets.yaml

@@ -13,6 +13,8 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
+{{ include "common.secret" . }}
+---
 apiVersion: v1
 kind: Secret
 metadata:

diff --git a/kubernetes/policy/charts/drools/templates/statefulset.yaml b/kubernetes/policy/charts/drools/templates/statefulset.yaml
index 047a77a..e2463aa 100644
--- a/kubernetes/policy/charts/drools/templates/statefulset.yaml
+++ b/kubernetes/policy/charts/drools/templates/statefulset.yaml

@@ -74,6 +74,10 @@
           env:
           - name: REPLICAS
             value: "{{ .Values.replicaCount }}"
+          - name: SQL_USER
+            {{- include "common.secret.envFromSecret" (dict "global" . "uid" "db-secret" "key" "login") | indent 12 }}
+          - name: SQL_PASSWORD
+            {{- include "common.secret.envFromSecret" (dict "global" . "uid" "db-secret" "key" "password") | indent 12 }}
           volumeMounts:
           - mountPath: /etc/localtime
             name: localtime