Skip to content

Commit

Permalink
Merge pull request #1699 from clemenschuaccso/database_secret
Browse files Browse the repository at this point in the history
Helm Chart existing database secret
  • Loading branch information
hylkevds authored Sep 3, 2023
2 parents 052f3e1 + 299eac9 commit d54a9d3
Show file tree
Hide file tree
Showing 8 changed files with 51 additions and 27 deletions.
7 changes: 7 additions & 0 deletions helm/frost-server/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -201,6 +201,9 @@ The following table lists the configurable parameters of the FROST-Server chart
| `frost.db.persistence.local.nodeMountPath` | The mount path to use if using the `local` StorageClassName as FROST-Server database StorageClass persistence. See [bellow](#persistence) for more information. | `/mnt/frost-server-db` |
| `frost.db.persistence.hostPath` | If `frost.db.persistence.enabled` is set to false. Than this variable can be used to mount this hostPath to the database container. | `nil` |
| `frost.db.database` | The FROST-Server database name to use. | `sensorthings` |
| `frost.db.existingSecret` | If set, this secret is used for the database credentials. | `nil` |
| `frost.db.secretUsernameKey` | The key in the database secret for the username. Change if your secret differs. | `db.username` |
| `frost.db.secretPasswordKey` | The key in the database secret for the password. Change if your secret differs. | `db.password` |
| `frost.db.username` | The _base64_ username to use when connecting to the FROST-Server database. | `c2Vuc29ydGhpbmdz` (`sensorthings`) |
| `frost.db.password` | The _base64_ password to use when connecting to the FROST-Server database. | `bm93eW91Y2FuY2hhbmdlaXQ=` (`nowyoucanchangeit`) |
| `frost.db.idGenerationMode` | Determines how entity ids are generated by any FROST-Server module. See [here](https://github.com/FraunhoferIOSB/FROST-Server/blob/master/docs/settings.adoc#persistence-settings) for more information. | `ServerGeneratedOnly` |
Expand Down Expand Up @@ -381,6 +384,10 @@ To enable it, set the `frost.db.persistence.storageClassName` to `frost-server-d
> **Warning #2**: The `local` StorageClass can only be used if only the ReadWriteOnce [AccessMode](https://kubernetes.io/docs/concepts/storage/persistent-volumes/#access-modes) is claimed (check the `frost.db.persistence.accessModes` configuration parameter).
### Secret

It is also possible to create your own secret. To do so set the `frost.db.existingSecret` to your secret.
If your keys differ, you can also set them by setting `frost.db.secretUsernameKey` and `frost.db.secretPasswordKey`.

## Ingress HTTP

Expand Down
15 changes: 13 additions & 2 deletions helm/frost-server/templates/_helpers.tpl
Original file line number Diff line number Diff line change
Expand Up @@ -27,15 +27,26 @@ Create chart name and version as used by the chart label.
{{- end -}}

{{/*
Get the HTTP service API version
Get the HTTP service API version.
*/}}
{{- define "frost-server.http.apiVersion" -}}
v1.0
{{- end -}}

{{/*
Get the HTTP service root URL
Get the HTTP service root URL.
*/}}
{{- define "frost-server.http.serviceRootUrl" -}}
{{ .Values.frost.http.serviceProtocol }}://{{ .Values.frost.http.serviceHost }}{{ if .Values.frost.http.servicePort }}:{{ .Values.frost.http.servicePort }}{{ else if not .Values.frost.http.ingress.enabled }}:{{ .Values.frost.http.ports.http.nodePort }}{{ end }}{{ if .Values.frost.http.urlSubPath }}/{{ .Values.frost.http.urlSubPath }}{{ end }}
{{- end -}}

{{/*
Get the DB secret.
*/}}
{{- define "frost-server.db.secret" -}}
{{- if .Values.frost.db.existingSecret -}}
{{ .Values.frost.db.existingSecret }}
{{- else -}}
{{ include "frost-server.fullName" . }}
{{- end -}}
{{- end -}}
8 changes: 4 additions & 4 deletions helm/frost-server/templates/db-backup-deployment.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -45,15 +45,15 @@ spec:
- name: POSTGRES_PASS
valueFrom:
secretKeyRef:
name: {{ include "frost-server.fullName" . }}
key: db.password
name: {{ include "frost-server.db.secret" . }}
key: {{ .Values.frost.db.secretPasswordKey }}
- name: POSTGRES_PORT
value: "5432"
- name: POSTGRES_USER
valueFrom:
secretKeyRef:
name: {{ include "frost-server.fullName" . }}
key: db.username
name: {{ include "frost-server.db.secret" . }}
key: {{ .Values.frost.db.secretUsernameKey }}
- name: REMOVE_BEFORE
value: "{{ .Values.frost.backup.removeBefore }}"
volumes:
Expand Down
8 changes: 4 additions & 4 deletions helm/frost-server/templates/db-deployment.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -62,13 +62,13 @@ spec:
- name: POSTGRES_USER
valueFrom:
secretKeyRef:
name: {{ include "frost-server.fullName" . }}
key: db.username
name: {{ include "frost-server.db.secret" . }}
key: {{ .Values.frost.db.secretUsernameKey }}
- name: POSTGRES_PASSWORD
valueFrom:
secretKeyRef:
name: {{ include "frost-server.fullName" . }}
key: db.password
name: {{ include "frost-server.db.secret" . }}
key: {{ .Values.frost.db.secretPasswordKey }}
{{- if .Values.frost.db.persistence.enabled }}
volumes:
- name: {{ $fullName }}
Expand Down
16 changes: 8 additions & 8 deletions helm/frost-server/templates/http-deployment.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -135,13 +135,13 @@ spec:
- name: persistence_db_username
valueFrom:
secretKeyRef:
name: {{ include "frost-server.fullName" . }}
key: db.username
name: {{ include "frost-server.db.secret" . }}
key: {{ .Values.frost.db.secretUsernameKey }}
- name: persistence_db_password
valueFrom:
secretKeyRef:
name: {{ include "frost-server.fullName" . }}
key: db.password
name: {{ include "frost-server.db.secret" . }}
key: {{ .Values.frost.db.secretPasswordKey }}

# Plugin-Loading settings
{{- if .Values.frost.plugins.providedPlugins }}
Expand Down Expand Up @@ -304,13 +304,13 @@ spec:
- name: auth_db_username
valueFrom:
secretKeyRef:
name: {{ include "frost-server.fullName" . }}
key: db.username
name: {{ include "frost-server.db.secret" . }}
key: {{ .Values.frost.db.secretUsernameKey }}
- name: auth_db_password
valueFrom:
secretKeyRef:
name: {{ include "frost-server.fullName" . }}
key: db.password
name: {{ include "frost-server.db.secret" . }}
key: {{ .Values.frost.db.secretPasswordKey }}
{{- else if contains "keycloak" (lower .Values.frost.auth.provider) }}
# KeyCloak auth requested
- name: auth_provider
Expand Down
16 changes: 8 additions & 8 deletions helm/frost-server/templates/mqtt-deployment.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -155,13 +155,13 @@ spec:
- name: persistence_db_username
valueFrom:
secretKeyRef:
name: {{ include "frost-server.fullName" . }}
key: db.username
name: {{ include "frost-server.db.secret" . }}
key: {{ .Values.frost.db.secretUsernameKey }}
- name: persistence_db_password
valueFrom:
secretKeyRef:
name: {{ include "frost-server.fullName" . }}
key: db.password
name: {{ include "frost-server.db.secret" . }}
key: {{ .Values.frost.db.secretPasswordKey }}

# Plugin-Loading settings
{{- if .Values.frost.plugins.providedPlugins }}
Expand Down Expand Up @@ -324,13 +324,13 @@ spec:
- name: auth_db_username
valueFrom:
secretKeyRef:
name: {{ include "frost-server.fullName" . }}
key: db.username
name: {{ include "frost-server.db.secret" . }}
key: {{ .Values.frost.db.secretUsernameKey }}
- name: auth_db_password
valueFrom:
secretKeyRef:
name: {{ include "frost-server.fullName" . }}
key: db.password
name: {{ include "frost-server.db.secret" . }}
key: {{ .Values.frost.db.secretPasswordKey }}
{{- else if contains "keycloak" (lower .Values.frost.auth.provider) }}
# KeyCloak auth requested
- name: auth_provider
Expand Down
4 changes: 3 additions & 1 deletion helm/frost-server/templates/secret.yaml
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
{{- if not .Values.frost.db.existingSecret -}}
apiVersion: v1
kind: Secret
metadata:
Expand All @@ -9,4 +10,5 @@ metadata:
app: {{ include "frost-server.name" . }}
data:
db.username: {{ .Values.frost.db.username }}
db.password: {{ .Values.frost.db.password }}
db.password: {{ .Values.frost.db.password }}
{{- end -}}
4 changes: 4 additions & 0 deletions helm/frost-server/values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -286,6 +286,10 @@ frost:
transactionRole: false
countMode: "FULL"
database: sensorthings
# Set this to your own created secret if needed
existingSecret:
secretUsernameKey: db.username
secretPasswordKey: db.password
username: c2Vuc29ydGhpbmdz
password: bm93eW91Y2FuY2hhbmdlaXQ=
securityContext:
Expand Down

0 comments on commit d54a9d3

Please sign in to comment.