Gitiles
Code Review Sign In
gerrit.nordix.org / onap / oom / b0a2d3b3628166dc2dba34a6984cc36b8f821fe0^! / .
commitb0a2d3b3628166dc2dba34a6984cc36b8f821fe0[log] [tgz]
authorKrzysztof Opasiak <k.opasiak@samsung.com>Mon May 25 15:38:48 2020 +0200
committerKrzysztof Opasiak <k.opasiak@samsung.com>Mon May 25 15:38:48 2020 +0200
tree991eaad0a5c5eb0fbceaf8182c5437886926701e
parent7cccd2a303d4f61dee5aa2ab5da701bd9e18fec8 [diff]
[COMMON] Allow to use ' in postgres passwords

' is one of characters that are placed in passwords by our default
password generation algorith. As ' is a special character in SQL files
we need to escape it before substituting environment variables in .sql file.

Issue-ID: OOM-2317
Reported-by: Fiachra Corcoran <fiachra.corcoran@est.tech>
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
Change-Id: I970eaf03fbcbfa8cb68df4a06ee27503d02d896a

diff --git a/kubernetes/common/postgres/templates/_deployment.tpl b/kubernetes/common/postgres/templates/_deployment.tpl
index e3ac669..b1aae5f 100644
--- a/kubernetes/common/postgres/templates/_deployment.tpl
+++ b/kubernetes/common/postgres/templates/_deployment.tpl

@@ -44,19 +44,26 @@
         - sh
         args:
         - -c
-        - "cd /config-input && for PFILE in `ls -1 .`; do envsubst <${PFILE} >/config/${PFILE}; done"
+        - |
+          function prepare_password {
+            echo -n $1 | sed -e "s/'/''/g"
+          }
+          export PG_PRIMARY_PASSWORD=`prepare_password $PG_PRIMARY_PASSWORD_INPUT`;
+          export PG_PASSWORD=`prepare_password $PG_PASSWORD_INPUT`;
+          export PG_ROOT_PASSWORD=`prepare_password $PG_ROOT_PASSWORD_INPUT`;
+          cd /config-input && for PFILE in `ls -1 .`; do envsubst <${PFILE} >/config/${PFILE}; done
         env:
         - name: PG_PRIMARY_USER
           value: primaryuser
-        - name: PG_PRIMARY_PASSWORD
+        - name: PG_PRIMARY_PASSWORD_INPUT
           {{- include "common.secret.envFromSecretFast" (dict "global" $dot "uid" (include "common.postgres.secret.primaryPasswordUID" .) "key" "password") | indent 10 }}
         - name: PG_USER
           {{- include "common.secret.envFromSecretFast" (dict "global" $dot "uid" (include "common.postgres.secret.userCredentialsUID" .) "key" "login") | indent 10 }}
-        - name: PG_PASSWORD
+        - name: PG_PASSWORD_INPUT
           {{- include "common.secret.envFromSecretFast" (dict "global" $dot "uid" (include "common.postgres.secret.userCredentialsUID" .) "key" "password") | indent 10 }}
         - name: PG_DATABASE
           value: "{{ $dot.Values.config.pgDatabase }}"
-        - name: PG_ROOT_PASSWORD
+        - name: PG_ROOT_PASSWORD_INPUT
           {{- include "common.secret.envFromSecretFast" (dict "global" $dot "uid" (include "common.postgres.secret.rootPassUID" .) "key" "password") | indent 10 }}
         volumeMounts:
         - mountPath: /config-input/setup.sql