Merge "Use helm-toolkit for DB initialization"
This commit is contained in:
commit
1a9531c3fe
@ -1,43 +0,0 @@
|
|||||||
#!/bin/bash
|
|
||||||
|
|
||||||
{{/*
|
|
||||||
Copyright (c) 2017 AT&T Intellectual Property. All rights reserved.
|
|
||||||
|
|
||||||
Licensed under the Apache License, Version 2.0 (the "License");
|
|
||||||
you may not use this file except in compliance with the License.
|
|
||||||
You may obtain a copy of the License at
|
|
||||||
|
|
||||||
http://www.apache.org/licenses/LICENSE-2.0
|
|
||||||
|
|
||||||
Unless required by applicable law or agreed to in writing, software
|
|
||||||
distributed under the License is distributed on an "AS IS" BASIS,
|
|
||||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
||||||
See the License for the specific language governing permissions and
|
|
||||||
limitations under the License.
|
|
||||||
*/}}
|
|
||||||
|
|
||||||
set -ex
|
|
||||||
export HOME=/tmp
|
|
||||||
|
|
||||||
pgsql_superuser_cmd () {
|
|
||||||
DB_COMMAND="$1"
|
|
||||||
if [[ ! -z $2 ]]; then
|
|
||||||
EXPORT PGDATABASE=$2
|
|
||||||
fi
|
|
||||||
|
|
||||||
psql \
|
|
||||||
-h ${DB_FQDN} \
|
|
||||||
-p ${DB_PORT} \
|
|
||||||
-U ${DB_ADMIN_USER} \
|
|
||||||
--command="${DB_COMMAND}"
|
|
||||||
}
|
|
||||||
|
|
||||||
# Create db
|
|
||||||
pgsql_superuser_cmd "SELECT 1 FROM pg_database WHERE datname = '$DB_NAME'" | grep -q 1 || pgsql_superuser_cmd "CREATE DATABASE $DB_NAME"
|
|
||||||
|
|
||||||
# Create db user
|
|
||||||
pgsql_superuser_cmd "SELECT * FROM pg_roles WHERE rolname = '$DB_SERVICE_USER';" | tail -n +3 | head -n -2 | grep -q 1 || \
|
|
||||||
pgsql_superuser_cmd "CREATE ROLE ${DB_SERVICE_USER} LOGIN PASSWORD '$DB_SERVICE_PASSWORD';"
|
|
||||||
|
|
||||||
# Grant permissions to user
|
|
||||||
pgsql_superuser_cmd "GRANT ALL PRIVILEGES ON DATABASE $DB_NAME to $DB_SERVICE_USER;"
|
|
@ -28,7 +28,7 @@ data:
|
|||||||
ks-domain-user.sh: |
|
ks-domain-user.sh: |
|
||||||
{{- include "helm-toolkit.scripts.keystone_domain_user" . | indent 4 }}
|
{{- include "helm-toolkit.scripts.keystone_domain_user" . | indent 4 }}
|
||||||
db-init.sh: |+
|
db-init.sh: |+
|
||||||
{{ tuple "bin/_db-init.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
|
{{- include "helm-toolkit.scripts.pg_db_init" . | indent 4 }}
|
||||||
db-sync.sh: |+
|
db-sync.sh: |+
|
||||||
{{ tuple "bin/_db-sync.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
|
{{ tuple "bin/_db-sync.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
@ -45,27 +45,22 @@ spec:
|
|||||||
imagePullPolicy: {{ .Values.images.pull_policy | quote }}
|
imagePullPolicy: {{ .Values.images.pull_policy | quote }}
|
||||||
{{ tuple $envAll $envAll.Values.pod.resources.jobs.db_init | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
|
{{ tuple $envAll $envAll.Values.pod.resources.jobs.db_init | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
|
||||||
env:
|
env:
|
||||||
- name: DECKHAND_DB_URL
|
- name: USER_DB_NAME
|
||||||
valueFrom:
|
|
||||||
secretKeyRef:
|
|
||||||
name: {{ .Values.secrets.postgresql.user }}
|
|
||||||
key: DATABASE_URI
|
|
||||||
- name: DB_NAME
|
|
||||||
valueFrom:
|
valueFrom:
|
||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: {{ .Values.secrets.postgresql.user }}
|
name: {{ .Values.secrets.postgresql.user }}
|
||||||
key: DATABASE_NAME
|
key: DATABASE_NAME
|
||||||
- name: DB_SERVICE_USER
|
- name: USER_DB_USER
|
||||||
valueFrom:
|
valueFrom:
|
||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: {{ .Values.secrets.postgresql.user }}
|
name: {{ .Values.secrets.postgresql.user }}
|
||||||
key: DATABASE_USERNAME
|
key: DATABASE_USERNAME
|
||||||
- name: DB_SERVICE_PASSWORD
|
- name: USER_DB_PASS
|
||||||
valueFrom:
|
valueFrom:
|
||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: {{ .Values.secrets.postgresql.user }}
|
name: {{ .Values.secrets.postgresql.user }}
|
||||||
key: DATABASE_PASSWORD
|
key: DATABASE_PASSWORD
|
||||||
- name: DB_FQDN
|
- name: DB_HOST
|
||||||
valueFrom:
|
valueFrom:
|
||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: {{ .Values.secrets.postgresql.user }}
|
name: {{ .Values.secrets.postgresql.user }}
|
||||||
|
Loading…
Reference in New Issue
Block a user