diff --git a/library/common/templates/class/_cnpgCluster.tpl b/library/common/templates/class/_cnpgCluster.tpl index 0095707a..c4de70a3 100644 --- a/library/common/templates/class/_cnpgCluster.tpl +++ b/library/common/templates/class/_cnpgCluster.tpl @@ -28,9 +28,6 @@ metadata: spec: instances: {{ $values.instances | default 2 }} - superuserSecret: - name: {{ $cnpgClusterName }}-superuser - {{- $basename := include "tc.v1.common.lib.chart.names.fullname" $ -}} {{- $fetchname := printf "%s-dbcreds" $basename -}} {{- $olddbprevious1 := lookup "v1" "Secret" .Release.Namespace $fetchname }} diff --git a/library/common/templates/lib/cnpg/_superuserSecret.tpl b/library/common/templates/lib/cnpg/_superuserSecret.tpl deleted file mode 100644 index 1878efc1..00000000 --- a/library/common/templates/lib/cnpg/_superuserSecret.tpl +++ /dev/null @@ -1,8 +0,0 @@ -{{- define "tc.v1.common.lib.cnpg.secret.superuser" -}} -{{- $pgPass := .pgPass }} -enabled: true -stringData: - username: {{ "postgres" }} - password: {{ $pgPass }} -type: kubernetes.io/basic-auth -{{- end -}} diff --git a/library/common/templates/lib/cnpg/_userSecret.tpl b/library/common/templates/lib/cnpg/_userSecret.tpl index 53f94361..b4bb53cc 100644 --- a/library/common/templates/lib/cnpg/_userSecret.tpl +++ b/library/common/templates/lib/cnpg/_userSecret.tpl @@ -3,7 +3,7 @@ {{- $values := .values -}} enabled: true type: kubernetes.io/basic-auth -stringData: +data: username: {{ $values.user }} password: {{ $dbPass }} {{- end -}} diff --git a/library/common/templates/lib/secret/_validation.tpl b/library/common/templates/lib/secret/_validation.tpl index 565de561..5f930c57 100644 --- a/library/common/templates/lib/secret/_validation.tpl +++ b/library/common/templates/lib/secret/_validation.tpl @@ -10,11 +10,11 @@ objectData: {{- define "tc.v1.common.lib.secret.validation" -}} {{- $objectData := .objectData -}} - {{- if not $objectData.data -}} - {{- fail "Secret - Expected non-empty " -}} + {{- if and ( not $objectData.data ) ( not $objectData.stringData ) -}} + {{- fail "Secret - Expected non-empty or " -}} {{- end -}} - {{- if not (kindIs "map" $objectData.data) -}} + {{- if and $objectData.data (not (kindIs "map" $objectData.data)) -}} {{- fail (printf "Secret - Expected to be a dictionary, but got [%v]" (kindOf $objectData.data)) -}} {{- end -}} diff --git a/library/common/templates/spawner/_cnpg.tpl b/library/common/templates/spawner/_cnpg.tpl index babb6b15..25a16e09 100644 --- a/library/common/templates/spawner/_cnpg.tpl +++ b/library/common/templates/spawner/_cnpg.tpl @@ -45,28 +45,11 @@ {{- $dbPass = $cnpgValues.password | default ( randAlphaNum 62 ) }} {{- end }} - {{- $pgPass := "" }} - {{- $pgprevious := lookup "v1" "Secret" $.Release.Namespace ( printf "%s-superuser" $cnpgValues.name ) }} - {{- if $pgprevious }} - {{- $pgPass = ( index $pgprevious.data "password" ) }} - {{- else if and $.Values.postgresql.enabled $olddbprevious1 $.Release.IsUpgrade }} - {{- $pgPass = ( index $olddbprevious1.data "postgresql-postgres-password" ) | b64dec }} - {{- else if and $.Values.postgresql.enabled $olddbprevious2 $.Release.IsUpgrade }} - {{- $pgPass = ( index $olddbprevious2.data "postgresql-postgres-password" ) | b64dec }} - {{- else }} - {{- $pgPass = $cnpgValues.superUserPassword | default ( randAlphaNum 62 ) }} - {{- end }} - - {{- $std := ( ( printf "postgresql://%v:%v@%v-rw:5432/%v" $cnpgValues.user $dbPass $cnpgValues.name $cnpgValues.database ) | b64enc | quote ) }} - {{- $nossl := ( ( printf "postgresql://%v:%v@%v-rw:5432/%v?sslmode=disable" $cnpgValues.user $dbPass $cnpgValues.name $cnpgValues.database ) | b64enc | quote ) }} - {{- $porthost := ( ( printf "%s-rw:5432" $cnpgValues.name ) | b64enc | quote ) }} - {{- $host := ( ( printf "%s-rw" $cnpgValues.name ) | b64enc | quote ) }} - {{- $jdbc := ( ( printf "jdbc:postgresql://%v-rw:5432/%v" $cnpgValues.name $cnpgValues.database ) | b64enc | quote ) }} - - {{- $superuserSecret := include "tc.v1.common.lib.cnpg.secret.superuser" (dict "pgPass" $pgPass ) | fromYaml }} - {{- if $superuserSecret }} - {{- $_ := set $.Values.secret ( printf "cnpg-%s-superuser" $cnpgValues.shortName ) $superuserSecret }} - {{- end }} + {{- $std := ( ( printf "postgresql://%v:%v@%v-rw:5432/%v" $cnpgValues.user $dbPass $cnpgValues.name $cnpgValues.database ) | quote ) }} + {{- $nossl := ( ( printf "postgresql://%v:%v@%v-rw:5432/%v?sslmode=disable" $cnpgValues.user $dbPass $cnpgValues.name $cnpgValues.database ) | quote ) }} + {{- $porthost := ( ( printf "%s-rw:5432" $cnpgValues.name ) | quote ) }} + {{- $host := ( ( printf "%s-rw" $cnpgValues.name ) | quote ) }} + {{- $jdbc := ( ( printf "jdbc:postgresql://%v-rw:5432/%v" $cnpgValues.name $cnpgValues.database ) | quote ) }} {{- $userSecret := include "tc.v1.common.lib.cnpg.secret.user" (dict "values" $cnpgValues "dbPass" $dbPass ) | fromYaml }} {{- if $userSecret }} @@ -79,7 +62,6 @@ {{- end }} {{- $_ := set $cnpgValues.creds "password" ( $dbPass | quote ) }} - {{- $_ := set $cnpgValues.creds "superUserPassword" ( $pgPass | quote ) }} {{- $_ := set $cnpgValues.creds "std" $std }} {{- $_ := set $cnpgValues.creds "nossl" $nossl }} {{- $_ := set $cnpgValues.creds "porthost" $porthost }}