jan/openreplay
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat(postgresql): provide credentials using secrets

Browse source 
- Compatible with `postgresql.existingSecret` in the postgresql chart.
- Uses dependent environment variables for `POSTGRES_STRING` connection strings
This commit is contained in:
Jorgen Evens 2022-08-09 17:00:20 +02:00 committed by rjshrjndrn
parent 0d15ea6854
commit b6de99a242
11 changed files with 94 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
scripts/helmcharts/openreplay/charts/alerts/templates/deployment.yaml
View file

@ -58,7 +58,14 @@ spec:
- name: pg_user
value: '{{ .Values.global.postgresql.postgresqlUser }}'
- name: pg_password
{{- if .Values.global.postgresql.existingSecret }}
valueFrom:
secretKeyRef:
name: {{ .Values.global.postgresql.existingSecret }}
key: postgresql-postgres-password
{{- else }}
value: '{{ .Values.global.postgresql.postgresqlPassword }}'
{{- end}}
- name: SITE_URL
value: 'https://{{ .Values.global.domainName }}'
- name: S3_HOST

7
scripts/helmcharts/openreplay/charts/chalice/templates/deployment.yaml
View file

@ -68,7 +68,14 @@ spec:
- name: pg_user
value: '{{ .Values.global.postgresql.postgresqlUser }}'
- name: pg_password
{{- if .Values.global.postgresql.existingSecret }}
valueFrom:
secretKeyRef:
name: {{ .Values.global.postgresql.existingSecret }}
key: postgresql-postgres-password
{{- else }}
value: '{{ .Values.global.postgresql.postgresqlPassword }}'
{{- end}}
- name: SITE_URL
value: 'https://{{ .Values.global.domainName }}'
- name: S3_HOST

13
scripts/helmcharts/openreplay/charts/db/templates/deployment.yaml
View file

@ -53,10 +53,19 @@ spec:
value: '{{ .Values.global.kafka.kafkaHost }}:{{ .Values.global.kafka.kafkaPort }}'
- name: KAFKA_USE_SSL
value: '{{ .Values.global.kafka.kafkaUseSsl }}'
- name: POSTGRES_STRING
value: 'postgres://{{ .Values.global.postgresql.postgresqlUser }}:{{ .Values.global.postgresql.postgresqlPassword }}@{{ .Values.global.postgresql.postgresqlHost }}:{{ .Values.global.postgresql.postgresqlPort }}/{{ .Values.global.postgresql.postgresqlDatabase }}'
- name: pg_password
{{- if .Values.global.postgresql.existingSecret }}
valueFrom:
secretKeyRef:
name: {{ .Values.global.postgresql.existingSecret }}
key: postgresql-postgres-password
{{- else }}
value: '{{ .Values.global.postgresql.postgresqlPassword }}'
{{- end}}
- name: QUICKWIT_ENABLED
value: '{{ .Values.global.quickwit.enabled }}'
- name: POSTGRES_STRING
value: 'postgres://{{ .Values.global.postgresql.postgresqlUser }}:$(pg_password)@{{ .Values.global.postgresql.postgresqlHost }}:{{ .Values.global.postgresql.postgresqlPort }}/{{ .Values.global.postgresql.postgresqlDatabase }}'
{{- range $key, $val := .Values.env }}
- name: {{ $key }}
value: '{{ $val }}'

11
scripts/helmcharts/openreplay/charts/ender/templates/deployment.yaml
View file

@ -51,8 +51,17 @@ spec:
value: '{{ .Values.global.kafka.kafkaHost }}:{{ .Values.global.kafka.kafkaPort }}'
- name: KAFKA_USE_SSL
value: '{{ .Values.global.kafka.kafkaUseSsl }}'
- name: pg_password
{{- if .Values.global.postgresql.existingSecret }}
valueFrom:
secretKeyRef:
name: {{ .Values.global.postgresql.existingSecret }}
key: postgresql-postgres-password
{{- else }}
value: '{{ .Values.global.postgresql.postgresqlPassword }}'
{{- end}}
- name: POSTGRES_STRING
value: 'postgres://{{ .Values.global.postgresql.postgresqlUser }}:{{ .Values.global.postgresql.postgresqlPassword }}@{{ .Values.global.postgresql.postgresqlHost }}:{{ .Values.global.postgresql.postgresqlPort }}/{{ .Values.global.postgresql.postgresqlDatabase }}'
value: 'postgres://{{ .Values.global.postgresql.postgresqlUser }}:$(pg_password)@{{ .Values.global.postgresql.postgresqlHost }}:{{ .Values.global.postgresql.postgresqlPort }}/{{ .Values.global.postgresql.postgresqlDatabase }}'
{{- range $key, $val := .Values.env }}
- name: {{ $key }}
value: '{{ $val }}'

11
scripts/helmcharts/openreplay/charts/frontend/templates/deployment.yaml
View file

@ -57,8 +57,17 @@ spec:
value: '{{ .Values.global.kafka.kafkaHost }}:{{ .Values.global.kafka.kafkaPort }}'
- name: KAFKA_USE_SSL
value: '{{ .Values.global.kafka.kafkaUseSsl }}'
- name: pg_password
{{- if .Values.global.postgresql.existingSecret }}
valueFrom:
secretKeyRef:
name: {{ .Values.global.postgresql.existingSecret }}
key: postgresql-postgres-password
{{- else }}
value: '{{ .Values.global.postgresql.postgresqlPassword }}'
{{- end}}
- name: POSTGRES_STRING
value: 'postgres://{{ .Values.global.postgresql.postgresqlUser }}:{{ .Values.global.postgresql.postgresqlPassword }}@{{ .Values.global.postgresql.postgresqlHost }}:{{ .Values.global.postgresql.postgresqlPort }}/{{ .Values.global.postgresql.postgresqlDatabase }}'
value: 'postgres://{{ .Values.global.postgresql.postgresqlUser }}:$(pg_password)@{{ .Values.global.postgresql.postgresqlHost }}:{{ .Values.global.postgresql.postgresqlPort }}/{{ .Values.global.postgresql.postgresqlDatabase }}'
# We need to check what is the object store endpoint.
# There can be 4 options
# 1. Using minio inside kube clster

11
scripts/helmcharts/openreplay/charts/http/templates/deployment.yaml
View file

@ -57,8 +57,17 @@ spec:
value: '{{ .Values.global.kafka.kafkaHost }}:{{ .Values.global.kafka.kafkaPort }}'
- name: KAFKA_USE_SSL
value: '{{ .Values.global.kafka.kafkaUseSsl }}'
- name: pg_password
{{- if .Values.global.postgresql.existingSecret }}
valueFrom:
secretKeyRef:
name: {{ .Values.global.postgresql.existingSecret }}
key: postgresql-postgres-password
{{- else }}
value: '{{ .Values.global.postgresql.postgresqlPassword }}'
{{- end}}
- name: POSTGRES_STRING
value: 'postgres://{{ .Values.global.postgresql.postgresqlUser }}:{{ .Values.global.postgresql.postgresqlPassword }}@{{ .Values.global.postgresql.postgresqlHost }}:{{ .Values.global.postgresql.postgresqlPort }}/{{ .Values.global.postgresql.postgresqlDatabase }}'
value: 'postgres://{{ .Values.global.postgresql.postgresqlUser }}:$(pg_password)@{{ .Values.global.postgresql.postgresqlHost }}:{{ .Values.global.postgresql.postgresqlPort }}/{{ .Values.global.postgresql.postgresqlDatabase }}'
# We need to check what is the object store endpoint.
# There can be 4 options
# 1. Using minio inside kube clster

11
scripts/helmcharts/openreplay/charts/integrations/templates/deployment.yaml
View file

@ -51,8 +51,17 @@ spec:
value: '{{ .Values.global.kafka.kafkaHost }}:{{ .Values.global.kafka.kafkaPort }}'
- name: KAFKA_USE_SSL
value: '{{ .Values.global.kafka.kafkaUseSsl }}'
- name: pg_password
{{- if .Values.global.postgresql.existingSecret }}
valueFrom:
secretKeyRef:
name: {{ .Values.global.postgresql.existingSecret }}
key: postgresql-postgres-password
{{- else }}
value: '{{ .Values.global.postgresql.postgresqlPassword }}'
{{- end}}
- name: POSTGRES_STRING
value: 'postgres://{{ .Values.global.postgresql.postgresqlUser }}:{{ .Values.global.postgresql.postgresqlPassword }}@{{ .Values.global.postgresql.postgresqlHost }}:{{ .Values.global.postgresql.postgresqlPort }}/{{ .Values.global.postgresql.postgresqlDatabase }}'
value: 'postgres://{{ .Values.global.postgresql.postgresqlUser }}:$(pg_password)@{{ .Values.global.postgresql.postgresqlHost }}:{{ .Values.global.postgresql.postgresqlPort }}/{{ .Values.global.postgresql.postgresqlDatabase }}'
{{- range $key, $val := .Values.env }}
- name: {{ $key }}
value: '{{ $val }}'

7
scripts/helmcharts/openreplay/charts/utilities/templates/report-cron.yaml
View file

@ -31,7 +31,14 @@ spec:
- name: pg_user
value: '{{ .Values.global.postgresql.postgresqlUser }}'
- name: pg_password
{{- if .Values.global.postgresql.existingSecret }}
valueFrom:
secretKeyRef:
name: {{ .Values.global.postgresql.existingSecret }}
key: postgresql-postgres-password
{{- else }}
value: '{{ .Values.global.postgresql.postgresqlPassword }}'
{{- end}}
- name: SITE_URL
value: 'https://{{ .Values.global.domainName }}'
- name: S3_HOST

7
scripts/helmcharts/openreplay/charts/utilities/templates/sessions-cleaner-cron.yaml
View file

@ -31,7 +31,14 @@ spec:
- name: pg_user
value: '{{ .Values.global.postgresql.postgresqlUser }}'
- name: pg_password
{{- if .Values.global.postgresql.existingSecret }}
valueFrom:
secretKeyRef:
name: {{ .Values.global.postgresql.existingSecret }}
key: postgresql-postgres-password
{{- else }}
value: '{{ .Values.global.postgresql.postgresqlPassword }}'
{{- end}}
- name: SITE_URL
value: 'https://{{ .Values.global.domainName }}'
- name: S3_HOST

7
scripts/helmcharts/openreplay/charts/utilities/templates/telemetry-cron.yaml
View file

@ -31,7 +31,14 @@ spec:
- name: pg_user
value: '{{ .Values.global.postgresql.postgresqlUser }}'
- name: pg_password
{{- if .Values.global.postgresql.existingSecret }}
valueFrom:
secretKeyRef:
name: {{ .Values.global.postgresql.existingSecret }}
key: postgresql-postgres-password
{{- else }}
value: '{{ .Values.global.postgresql.postgresqlPassword }}'
{{- end}}
- name: SITE_URL
value: 'https://{{ .Values.global.domainName }}'
- name: S3_HOST

9
scripts/helmcharts/openreplay/templates/job.yaml
View file

@ -91,7 +91,14 @@ spec:
- name: PGUSER
value: "{{ .Values.global.postgresql.postgresqlUser }}"
- name: PGPASSWORD
value: "{{ .Values.global.postgresql.postgresqlPassword }}"
{{- if .Values.global.postgresql.existingSecret }}
valueFrom:
secretKeyRef:
name: {{ .Values.global.postgresql.existingSecret }}
key: postgresql-postgres-password
{{- else }}
value: '{{ .Values.global.postgresql.postgresqlPassword }}'
{{- end}}
image: bitnami/postgresql:13.3.0-debian-10-r53
command:
- /bin/bash