| Andreas Geissler | cde4a78 | 2024-02-28 16:08:06 +0100 | [diff] [blame] | 1 | {{- /* |
| 2 | Copyright VMware, Inc. |
| 3 | SPDX-License-Identifier: APACHE-2.0 |
| 4 | */}} |
| 5 | |
| 6 | {{- if .Values.auth.enabled }} |
| 7 | {{- $replicaCount := int .Values.replicaCount }} |
| 8 | {{- $port := .Values.service.ports.mongodb }} |
| 9 | {{- $host := include "mongodb.service.nameOverride" . }} |
| 10 | {{- $hostForURI := printf "%s:%s" (include "mongodb.service.nameOverride" .) (print $port) }} |
| 11 | {{- if (eq .Values.architecture "replicaset") }} |
| 12 | {{- $fullname := include "mongodb.fullname" . }} |
| 13 | {{- $releaseNamespace := include "mongodb.namespace" . }} |
| 14 | {{- $clusterDomain := .Values.clusterDomain }} |
| 15 | {{- $mongoList := list }} |
| 16 | {{- $mongoOnlyHostList := list }} |
| 17 | {{- range $e, $i := until $replicaCount }} |
| 18 | {{- $mongoOnlyHostList = append $mongoList (printf "%s-%d.%s-headless.%s.svc.%s" $fullname $i $fullname $releaseNamespace $clusterDomain) }} |
| 19 | {{- $mongoList = append $mongoList (printf "%s-%d.%s-headless.%s.svc.%s:%s" $fullname $i $fullname $releaseNamespace $clusterDomain (print $port)) }} |
| 20 | {{- end }} |
| 21 | {{- $host = (join "," $mongoOnlyHostList) }} |
| 22 | {{- $hostForURI = (join "," $mongoList) }} |
| 23 | {{- end }} |
| 24 | |
| 25 | {{/* Root user section. */}} |
| 26 | {{- $rootPassword := include "common.secrets.passwords.manage" (dict "secret" (include "mongodb.secretName" .) "key" "mongodb-root-password" "providedValues" (list "auth.rootPassword" ) "context" $) | trimAll "\"" | b64dec }} |
| 27 | |
| 28 | {{/* Custom user section. This chart allows creating multiple users */}} |
| 29 | {{- $customUsers := include "mongodb.customUsers" . }} |
| 30 | {{- $customDatabases := include "mongodb.customDatabases" . }} |
| 31 | {{- $customPasswords := include "mongodb.customPasswords" . }} |
| 32 | {{- $passwords := "" }} |
| 33 | {{- $passwordList := list -}} |
| 34 | {{- $customUsersList := list }} |
| 35 | {{- $customDatabasesList := list }} |
| 36 | {{- $customPasswordsList := list }} |
| 37 | {{- if and (not (empty $customUsers)) (not (empty $customDatabases)) }} |
| 38 | {{- $customUsersList = splitList "," $customUsers }} |
| 39 | {{- $customDatabasesList = splitList "," $customDatabases }} |
| 40 | {{- if not (empty $customPasswords) }} |
| 41 | {{- $passwordList = $customPasswords }} |
| 42 | {{- $customPasswordsList = splitList "," $customPasswords }} |
| 43 | {{- else }} |
| 44 | {{- range $customUsersList }} |
| 45 | {{- $customPasswordsList = append $customPasswordsList (randAlphaNum 10) }} |
| 46 | {{- end -}} |
| 47 | {{- $passwordList = (join "," $customPasswordsList) }} |
| 48 | {{- end }} |
| 49 | {{- $passwords = include "common.secrets.passwords.manage" (dict "secret" (include "mongodb.secretName" .) "key" "mongodb-passwords" "providedValues" (list "mongodbPasswords") "context" (set (deepCopy $) "Values" (dict "mongodbPasswords" $passwordList))) | trimAll "\"" | b64dec }} |
| 50 | {{- end }} |
| 51 | |
| 52 | {{- if (include "mongodb.createSecret" .) }} |
| 53 | apiVersion: v1 |
| 54 | kind: Secret |
| 55 | metadata: |
| 56 | name: {{ include "mongodb.fullname" . }} |
| 57 | namespace: {{ template "mongodb.namespace" . }} |
| 58 | labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} |
| 59 | app.kubernetes.io/component: mongodb |
| 60 | {{- if .Values.commonAnnotations }} |
| 61 | annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} |
| 62 | {{- end }} |
| 63 | type: Opaque |
| 64 | data: |
| 65 | mongodb-root-password: {{ print $rootPassword | b64enc | quote }} |
| 66 | {{- if and (not (empty $customUsers)) (not (empty $customDatabases)) }} |
| 67 | mongodb-passwords: {{ print $passwords | b64enc | quote }} |
| 68 | {{- end }} |
| 69 | {{- if .Values.metrics.username }} |
| 70 | mongodb-metrics-password: {{ include "common.secrets.passwords.manage" (dict "secret" (include "mongodb.fullname" .) "key" "mongodb-metrics-password" "providedValues" (list "metrics.password" ) "context" $) }} |
| 71 | {{- end }} |
| 72 | {{- if eq .Values.architecture "replicaset" }} |
| 73 | mongodb-replica-set-key: {{ include "common.secrets.passwords.manage" (dict "secret" (include "mongodb.fullname" .) "key" "mongodb-replica-set-key" "providedValues" (list "auth.replicaSetKey" ) "context" $) }} |
| 74 | {{- end }} |
| 75 | {{- end }} |
| 76 | {{- if .Values.serviceBindings.enabled }} |
| 77 | --- |
| 78 | apiVersion: v1 |
| 79 | kind: Secret |
| 80 | metadata: |
| 81 | name: {{ include "common.names.fullname" . }}-svcbind-root |
| 82 | namespace: {{ .Release.Namespace | quote }} |
| 83 | labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} |
| 84 | {{- if .Values.commonAnnotations }} |
| 85 | annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} |
| 86 | {{- end }} |
| 87 | type: servicebinding.io/mongodb |
| 88 | data: |
| 89 | provider: {{ print "bitnami" | b64enc | quote }} |
| 90 | type: {{ print "mongodb" | b64enc | quote }} |
| 91 | host: {{ print $host | b64enc | quote }} |
| 92 | port: {{ print $port | b64enc | quote }} |
| 93 | username: {{ print .Values.auth.rootUser | b64enc | quote }} |
| 94 | password: {{ print $rootPassword | b64enc | quote }} |
| 95 | database: {{ print "admin" | b64enc | quote }} |
| 96 | uri: {{ printf "mongodb://%s:%s@%s/admin" .Values.auth.rootUser $rootPassword $hostForURI | b64enc | quote }} |
| 97 | {{- range $e, $i := until (len $customUsersList) }} |
| 98 | --- |
| 99 | {{- $currentSecret := printf "%s-svcbind-%d" (include "common.names.fullname" $) $i }} |
| 100 | apiVersion: v1 |
| 101 | kind: Secret |
| 102 | metadata: |
| 103 | name: {{ $currentSecret }} |
| 104 | namespace: {{ $.Release.Namespace | quote }} |
| 105 | labels: {{- include "common.labels.standard" ( dict "customLabels" $.Values.commonLabels "context" $ ) | nindent 4 }} |
| 106 | {{- if $.Values.commonAnnotations }} |
| 107 | annotations: {{- include "common.tplvalues.render" ( dict "value" $.Values.commonAnnotations "context" $ ) | nindent 4 }} |
| 108 | {{- end }} |
| 109 | type: servicebinding.io/mongodb |
| 110 | data: |
| 111 | {{- $currentUser := index $customUsersList $i }} |
| 112 | {{- $currentDatabase := last $customDatabasesList }} |
| 113 | {{- if gt (len $customDatabasesList) $i }} |
| 114 | {{- $currentDatabase = index $customDatabasesList $i }} |
| 115 | {{- end }} |
| 116 | {{- $currentProvidedPassword := index $customPasswordsList $i }} |
| 117 | {{- $currentPassword := include "common.secrets.lookup" (dict "secret" $currentSecret "key" "password" "defaultValue" $currentProvidedPassword "context" $) | b64dec }} |
| 118 | provider: {{ print "bitnami" | b64enc | quote }} |
| 119 | type: {{ print "mongodb" | b64enc | quote }} |
| 120 | host: {{ print $host | b64enc | quote }} |
| 121 | port: {{ print $port | b64enc | quote }} |
| 122 | username: {{ print $currentUser | b64enc | quote }} |
| 123 | password: {{ print $currentPassword | b64enc | quote }} |
| 124 | database: {{ print $currentDatabase | b64enc | quote }} |
| 125 | uri: {{ printf "mongodb://%s:%s@%s/%s" $currentUser $currentPassword $hostForURI $currentDatabase | b64enc | quote }} |
| 126 | {{- end }} |
| 127 | {{- end }} |
| 128 | {{- end }} |