commit c53ff54815a8d716c12395293a8c75a5b6a7fa91
author Krzysztof Opasiak <k.opasiak@samsung.com> Sat Mar 28 02:14:37 2020 +0100
committer Krzysztof Opasiak <k.opasiak@samsung.com> Sat Mar 28 02:14:37 2020 +0100
tree da614c3f8fdeb01253aae189d995122c6f3baeda
parent f68b72895b2fe13a50d7a059b25b42ba37469091

[SO] Use common secret template in so

Generate passwords for:
- so_user
- so_admin

and distribute them to all SO subcharts.

mariadb-galera root password is taken as a reference to existing
secret (shared mariadb instance) or also generated if local cluster is
used.

Three other DB users also have generated passwords but they are not
distributed outside of so-mariadb as they were never used.

Issue-ID: OOM-2328
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
Change-Id: Ic4af5c9b12b00d2a52d2597e3fe1161d0d1a9f20

kubernetes/so/charts/so-mariadb/values.yaml

diff --git a/kubernetes/so/charts/so-mariadb/values.yaml b/kubernetes/so/charts/so-mariadb/values.yaml
index d1f3f80..5e7b2fe 100755
--- a/kubernetes/so/charts/so-mariadb/values.yaml
+++ b/kubernetes/so/charts/so-mariadb/values.yaml
@@ -32,13 +32,13 @@
   - uid: db-root-pass
     name: '{{ include "common.release" . }}-so-mariadb-root-pass'
     type: password
-    externalSecret: '{{ .Values.db.rootPasswordExternalSecret }}'
+    externalSecret: '{{ tpl (default "" .Values.db.rootPasswordExternalSecret) . }}'
     password: '{{ .Values.db.rootPassword }}'
     passwordPolicy: required
   - uid: db-backup-creds
     name: '{{ include "common.release" . }}-so-mariadb-backup-creds'
     type: basicAuth
-    externalSecret: '{{ .Values.db.backupCredsExternalSecret }}'
+    externalSecret: '{{ tpl (default "" .Values.db.backupCredsExternalSecret) . }}'
     login: '{{ .Values.db.backupUser }}'
     password: '{{ .Values.db.backupPassword }}'
     passwordPolicy: required
@@ -48,27 +48,27 @@
       helm.sh/hook-delete-policy: before-hook-creation
   - uid: db-user-creds
     type: basicAuth
-    externalSecret: '{{ .Values.db.userCredsExternalSecret }}'
+    externalSecret: '{{ tpl (default "" .Values.db.userCredsExternalSecret) . }}'
     login: '{{ .Values.db.userName }}'
     password: '{{ .Values.db.userPassword }}'
   - uid: db-admin-creds
     type: basicAuth
-    externalSecret: '{{ .Values.db.adminCredsExternalSecret }}'
+    externalSecret: '{{ tpl (default "" .Values.db.adminCredsExternalSecret) . }}'
     login: '{{ .Values.db.adminName }}'
     password: '{{ .Values.db.adminPassword }}'
   - uid: camunda-db-creds
     type: basicAuth
-    externalSecret: '{{ .Values.db.camunda.dbCredsExternalSecret }}'
+    externalSecret: '{{ tpl (default "" .Values.db.camunda.dbCredsExternalSecret) . }}'
     login: '{{ .Values.db.camunda.userName }}'
     password: '{{ .Values.db.camunda.password }}'
   - uid: request-db-creds
     type: basicAuth
-    externalSecret: '{{ .Values.db.request.dbCredsExternalSecret }}'
+    externalSecret: '{{ tpl (default "" .Values.db.request.dbCredsExternalSecret) . }}'
     login: '{{ .Values.db.request.userName }}'
     password: '{{ .Values.db.request.password }}'
   - uid: catalog-db-creds
     type: basicAuth
-    externalSecret: '{{ .Values.db.catalog.dbCredsExternalSecret }}'
+    externalSecret: '{{ tpl (default "" .Values.db.catalog.dbCredsExternalSecret) . }}'
     login: '{{ .Values.db.catalog.userName }}'
     password: '{{ .Values.db.catalog.password }}'