diff --git a/library/common/templates/class/_cnpgCluster.tpl b/library/common/templates/class/_cnpgCluster.tpl index febd15ee..eefc3e13 100644 --- a/library/common/templates/class/_cnpgCluster.tpl +++ b/library/common/templates/class/_cnpgCluster.tpl @@ -29,14 +29,14 @@ spec: instances: {{ $values.instances | default 2 }} superuserSecret: - name: {{ $cnpgClusterName }}-cnpg-superuser + name: {{ $cnpgClusterName }}-superuser bootstrap: initdb: database: {{ $values.database | default "app" }} owner: {{ $values.user | default "app" }} secret: - name: {{ $cnpgClusterName }}-cnpg-user + name: {{ $cnpgClusterName }}-user primaryUpdateStrategy: {{ $values.primaryUpdateStrategy | default "unsupervised" }} @@ -69,38 +69,43 @@ spec: inProgress: false reusePVC: on ---- -apiVersion: v1 -kind: Secret -metadata: - name: {{ $cnpgClusterName }}-cnpgcreds -{{- $dbprevious := lookup "v1" "Secret" .Release.Namespace "cnpgcreds" }} {{- $dbPass := "" }} -{{- $pgPass := "" }} -data: +{{- $dbprevious := lookup "v1" "Secret" .Release.Namespace ( printf "cnpg-%s-user" $values.shortName ) }} {{- if $dbprevious }} {{- $dbPass = ( index $dbprevious.data "user-password" ) | b64dec }} - {{- $pgPass = ( index $dbprevious.data "superuser-password" ) | b64dec }} - user-password: {{ ( index $dbprevious.data "user-password" ) }} - superuser-password: {{ ( index $dbprevious.data "superuser-password" ) }} {{- else }} {{- $dbPass = $values.password | default ( randAlphaNum 62 ) }} - {{- $pgPass = $values.superUserPassword | default ( randAlphaNum 62 ) }} - user-password: {{ $dbPass | b64enc | quote }} - superuser-password: {{ $pgPass | b64enc | quote }} {{- end }} - {{- $std := ( ( printf "postgresql://%v:%v@%v-rw:5432/%v" $values.user $dbPass $cnpgClusterName $values.database ) | b64enc | quote ) }} - {{- $nossl := ( ( printf "postgresql://%v:%v@%v-rw:5432/%v?sslmode=disable" $values.user $dbPass $cnpgClusterName $values.database ) | b64enc | quote ) }} - {{- $porthost := ( ( printf "%s-rw:5432" $cnpgClusterName ) | b64enc | quote ) }} - {{- $host := ( ( printf "%s-rw" $cnpgClusterName ) | b64enc | quote ) }} - {{- $jdbc := ( ( printf "jdbc:postgresql://%v-rw:5432/%v" $cnpgClusterName $values.database ) | b64enc | quote ) }} - std: {{ $std }} - nossl: {{ $nossl }} - porthost: {{ $porthost }} - host: {{ $host }} - jdbc: {{ $jdbc }} -type: Opaque +{{- $pgPass := "" }} +{{- $pgprevious := lookup "v1" "Secret" .Release.Namespace ( printf "cnpg-%s-superuser" $values.shortName ) }} +{{- if $pgprevious }} + {{- $pgPass = ( index $dbprevious.data "superuser-password" ) | b64dec }} +{{- else }} + {{- $pgPass = $values.superUserPassword | default ( randAlphaNum 62 ) }} +{{- end }} + +{{- $std := ( ( printf "postgresql://%v:%v@%v-rw:5432/%v" $values.user $dbPass $cnpgClusterName $values.database ) | b64enc | quote ) }} +{{- $nossl := ( ( printf "postgresql://%v:%v@%v-rw:5432/%v?sslmode=disable" $values.user $dbPass $cnpgClusterName $values.database ) | b64enc | quote ) }} +{{- $porthost := ( ( printf "%s-rw:5432" $cnpgClusterName ) | b64enc | quote ) }} +{{- $host := ( ( printf "%s-rw" $cnpgClusterName ) | b64enc | quote ) }} +{{- $jdbc := ( ( printf "jdbc:postgresql://%v-rw:5432/%v" $cnpgClusterName $values.database ) | b64enc | quote ) }} + +{{- $superuserSecret := include "tc.v1.common.class.cnpg.secret.postgres" (dict "pgPass" $pgPass ) | fromYaml -}} +{{- if $superuserSecret -}} + {{- $_ := set $.Values.secret ( printf "cnpg-%s-superuser" $values.shortName ) $superuserSecret -}} +{{- end -}} + +{{- $userSecret := include "tc.v1.common.class.cnpg.secret.user" (dict "values" $values "dbPass" $dbPass ) | fromYaml -}} +{{- if $userSecret -}} + {{- $_ := set $.Values.secret ( printf "cnpg-%s-user" $values.shortName ) $userSecret -}} +{{- end -}} + +{{- $urlSecret := include "tc.v1.common.class.cnpg.secret.urls" (dict "std" $std "nossl" $nossl "porthost" $porthost "host" $host "jdbc" $jdbc) | fromYaml -}} +{{- if $urlSecret -}} + {{- $_ := set $.Values.secret ( printf "cnpg-%s-urls" $values.shortName ) $urlSecret -}} +{{- end -}} + {{- $_ := set $values.creds "password" ( $dbPass | quote ) }} {{- $_ := set $values.creds "superUserPassword" ( $pgPass | quote ) }} {{- $_ := set $values.creds "std" $std }} @@ -108,22 +113,46 @@ type: Opaque {{- $_ := set $values.creds "porthost" $porthost }} {{- $_ := set $values.creds "host" $host }} {{- $_ := set $values.creds "jdbc" $jdbc }} ---- -apiVersion: v1 + + +{{- end -}} + + +{{- define "tc.v1.common.class.cnpg.secret.postgres" -}} +{{- $pgPass := .pgPass }} +enabled: true data: username: {{ "postgres" | b64enc | quote }} password: {{ $pgPass | b64enc | quote }} -kind: Secret -metadata: - name: {{ $cnpgClusterName }}-cnpg-superuser type: kubernetes.io/basic-auth ---- -apiVersion: v1 +{{- end -}} + + +{{- define "tc.v1.common.class.cnpg.secret.user" -}} +{{- $dbPass := .dbPass }} +{{- $pgPass := .pgPass }} +{{- $user := .user }} +{{- $cnpgClusterName := .cnpgClusterName }} +{{- $database := .database }} +{{- $values := .values -}} +enabled: true +type: kubernetes.io/basic-auth data: username: {{ $values.user | b64enc | quote }} password: {{ $dbPass | b64enc | quote }} -kind: Secret -metadata: - name: {{ $cnpgClusterName }}-cnpg-user -type: kubernetes.io/basic-auth +{{- end -}} + +{{- define "tc.v1.common.class.cnpg.secret.urls" -}} +{{- $std := .std }} +{{- $nossl := .nossl }} +{{- $porthost := .porthost }} +{{- $host := .host }} +{{- $jdbc := .jdbc }} +enabled: true +data: + std: {{ $std }} + nossl: {{ $nossl }} + porthost: {{ $porthost }} + host: {{ $host }} + jdbc: {{ $jdbc }} {{- end -}} diff --git a/library/common/templates/class/_cnpgPooler.tpl b/library/common/templates/class/_cnpgPooler.tpl index 6aa15b9d..5707e008 100644 --- a/library/common/templates/class/_cnpgPooler.tpl +++ b/library/common/templates/class/_cnpgPooler.tpl @@ -7,6 +7,7 @@ {{- end -}} {{- end -}} {{- $cnpgClusterName := $values.name -}} + {{- $cnpgName := $values.cnpgName -}} {{- $cnpgPoolerName := $values.poolerName -}} {{- $cnpgClusterLabels := $values.labels -}} {{- $cnpgClusterAnnotations := $values.annotations }} @@ -15,7 +16,7 @@ apiVersion: {{ include "tc.v1.common.capabilities.cnpg.pooler.apiVersion" $ }} kind: Pooler metadata: - name: {{ printf "%v-%v" $cnpgPoolerName $values.pooler.type }} + name: {{ printf "%v-%v" $cnpgClusterName $values.pooler.type }} spec: cluster: name: {{ $cnpgClusterName }} @@ -33,7 +34,7 @@ spec: apiVersion: monitoring.coreos.com/v1 kind: PodMonitor metadata: - name: pooler-{{ printf "%v-%v" $cnpgClusterName $values.pooler.type }} + name: {{ printf "%v-%v" $cnpgClusterName $values.pooler.type }} spec: selector: matchLabels: diff --git a/library/common/templates/spawner/_cnpg.tpl b/library/common/templates/spawner/_cnpg.tpl index efd0adcb..8c238f80 100644 --- a/library/common/templates/spawner/_cnpg.tpl +++ b/library/common/templates/spawner/_cnpg.tpl @@ -5,23 +5,16 @@ {{- if $cnpg.enabled -}} {{- $cnpgValues := $cnpg -}} {{- $cnpgName := include "tc.v1.common.lib.chart.names.fullname" $ -}} + {{- $_ := set $cnpgValues "shortName" $name -}} {{/* set defaults */}} - {{- if and (not $cnpgValues.nameOverride) (ne $name (include "tc.v1.common.lib.util.cnpg.primary" $)) -}} - {{- $_ := set $cnpgValues "nameOverride" $name -}} - {{- end -}} + {{- $_ := set $cnpgValues "nameOverride" $name -}} - {{- if $cnpgValues.nameOverride -}} - {{- $cnpgName = printf "%v-%v" $cnpgName $cnpgValues.nameOverride -}} - {{- end -}} - - {{- $cnpgPoolerName := printf "cnpg-pooler-%v" $cnpgName -}} - {{- $cnpgName = printf "cnpg-%v" $cnpgName -}} + {{- $cnpgName := printf "%v-cnpg-%v" $cnpgName $cnpgValues.nameOverride -}} {{- $_ := set $cnpgValues "name" $cnpgName -}} {{- $_ := set $ "ObjectValues" (dict "cnpg" $cnpgValues) -}} - {{- $_ := set $cnpgValues "poolerName" $cnpgPoolerName -}} {{- include "tc.v1.common.class.cnpg.cluster" $ -}} {{- $_ := set $cnpgValues.pooler "type" "rw" -}}