Browse Source

Update Shipyard/Airflow Chart - Database Configurability

- Support configured Postgres admin password
- Use secrets for database job environment setup

This patch set also updates a bunch of banners

Change-Id: I238cfd123b5aad31c9cb93864cff7641f719f3df
changes/87/569187/1
Anthony Lin 4 years ago
parent
commit
eb23a5a0d2
  1. 2
      charts/shipyard/Chart.yaml
  2. 2
      charts/shipyard/requirements.yaml
  3. 10
      charts/shipyard/templates/bin/_airflow-db-init.sh.tpl
  4. 2
      charts/shipyard/templates/bin/_airflow-db-sync.sh.tpl
  5. 2
      charts/shipyard/templates/bin/_airflow-shipyard-init.sh.tpl
  6. 12
      charts/shipyard/templates/bin/_shipyard-db-init.sh.tpl
  7. 2
      charts/shipyard/templates/bin/_shipyard-db-sync.sh.tpl
  8. 2
      charts/shipyard/templates/configmap-airflow-bin.yaml
  9. 2
      charts/shipyard/templates/configmap-airflow-etc.yaml
  10. 2
      charts/shipyard/templates/configmap-shipyard-bin.yaml
  11. 2
      charts/shipyard/templates/configmap-shipyard-etc.yaml
  12. 2
      charts/shipyard/templates/deployment-airflow-flower.yaml
  13. 6
      charts/shipyard/templates/deployment-airflow-scheduler.yaml
  14. 6
      charts/shipyard/templates/deployment-airflow-web.yaml
  15. 6
      charts/shipyard/templates/deployment-airflow-worker.yaml
  16. 2
      charts/shipyard/templates/deployment-shipyard.yaml
  17. 2
      charts/shipyard/templates/etc/_airflow.cfg.tpl
  18. 2
      charts/shipyard/templates/ingress-airflow-api.yaml
  19. 2
      charts/shipyard/templates/ingress-shipyard-api.yaml
  20. 39
      charts/shipyard/templates/job-airflow-db-init.yaml
  21. 2
      charts/shipyard/templates/job-airflow-db-sync.yaml
  22. 2
      charts/shipyard/templates/job-ks-endpoints.yaml
  23. 2
      charts/shipyard/templates/job-ks-service.yaml
  24. 2
      charts/shipyard/templates/job-ks-user.yaml
  25. 44
      charts/shipyard/templates/job-shipyard-db-init.yaml
  26. 27
      charts/shipyard/templates/job-shipyard-db-sync.yaml
  27. 13
      charts/shipyard/templates/secret-airflow-db.yaml
  28. 24
      charts/shipyard/templates/secret-keystone-env.yaml
  29. 13
      charts/shipyard/templates/secret-shipyard-db.yaml
  30. 2
      charts/shipyard/templates/service-airflow-flower.yaml
  31. 2
      charts/shipyard/templates/service-airflow-ingress.yaml
  32. 2
      charts/shipyard/templates/service-airflow-web.yaml
  33. 2
      charts/shipyard/templates/service-shipyard-ingress.yaml
  34. 2
      charts/shipyard/templates/service-shipyard.yaml
  35. 16
      charts/shipyard/values.yaml

2
charts/shipyard/Chart.yaml

@ -1,4 +1,4 @@
# Copyright 2017 The Openstack-Helm Authors.
# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.

2
charts/shipyard/requirements.yaml

@ -1,4 +1,4 @@
# Copyright 2017 The Openstack-Helm Authors.
# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.

10
charts/shipyard/templates/bin/_airflow-db-init.sh.tpl

@ -1,7 +1,7 @@
#!/bin/bash
{{/*
Copyright 2017 The Openstack-Helm Authors.
Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
@ -34,7 +34,7 @@ pgsql_superuser_cmd () {
psql \
-h $db_fqdn \
-p $db_port \
-U ${ROOT_DB_USER} \
-U ${DB_ADMIN_USER} \
--command="${DB_COMMAND}"
}
@ -42,8 +42,8 @@ pgsql_superuser_cmd () {
pgsql_superuser_cmd "SELECT 1 FROM pg_database WHERE datname = '$DB_NAME'" | grep -q 1 || pgsql_superuser_cmd "CREATE DATABASE $DB_NAME"
# Create db user
pgsql_superuser_cmd "SELECT * FROM pg_roles WHERE rolname = '$DB_USER';" | tail -n +3 | head -n -2 | grep -q 1 || \
pgsql_superuser_cmd "CREATE ROLE ${DB_USER} LOGIN PASSWORD '$DB_PASS'"
pgsql_superuser_cmd "SELECT * FROM pg_roles WHERE rolname = '$DB_SERVICE_USER';" | tail -n +3 | head -n -2 | grep -q 1 || \
pgsql_superuser_cmd "CREATE ROLE ${DB_SERVICE_USER} LOGIN PASSWORD '$DB_SERVICE_PASSWORD'"
# Grant permissions to user
pgsql_superuser_cmd "GRANT ALL PRIVILEGES ON DATABASE $DB_NAME to $DB_USER;"
pgsql_superuser_cmd "GRANT ALL PRIVILEGES ON DATABASE $DB_NAME to $DB_SERVICE_USER;"

2
charts/shipyard/templates/bin/_airflow-db-sync.sh.tpl

@ -1,7 +1,7 @@
#!/bin/bash
{{/*
Copyright 2017 The Openstack-Helm Authors.
Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.

2
charts/shipyard/templates/bin/_airflow-shipyard-init.sh.tpl

@ -1,7 +1,7 @@
#!/bin/bash
{{/*
Copyright 2017 The Openstack-Helm Authors.
Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.

12
charts/shipyard/templates/bin/_shipyard-db-init.sh.tpl

@ -1,7 +1,7 @@
#!/bin/bash
{{/*
Copyright 2017 The Openstack-Helm Authors.
Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
@ -34,7 +34,7 @@ pgsql_superuser_cmd () {
psql \
-h $db_fqdn \
-p $db_port \
-U ${ROOT_DB_USER} \
-U ${DB_ADMIN_USER} \
--command="${DB_COMMAND}"
}
@ -42,13 +42,13 @@ pgsql_superuser_cmd () {
pgsql_superuser_cmd "SELECT 1 FROM pg_database WHERE datname = '$DB_NAME'" | grep -q 1 || pgsql_superuser_cmd "CREATE DATABASE $DB_NAME"
# Create db user
pgsql_superuser_cmd "SELECT * FROM pg_roles WHERE rolname = '$DB_USER';" | tail -n +3 | head -n -2 | grep -q 1 || \
pgsql_superuser_cmd "CREATE ROLE ${DB_USER} LOGIN PASSWORD '$DB_PASS'"
pgsql_superuser_cmd "SELECT * FROM pg_roles WHERE rolname = '$DB_SERVICE_USER';" | tail -n +3 | head -n -2 | grep -q 1 || \
pgsql_superuser_cmd "CREATE ROLE ${DB_SERVICE_USER} LOGIN PASSWORD '$DB_SERVICE_PASSWORD'"
# Grant permissions to user
pgsql_superuser_cmd "GRANT ALL PRIVILEGES ON DATABASE $DB_NAME to $DB_USER;"
pgsql_superuser_cmd "GRANT ALL PRIVILEGES ON DATABASE $DB_NAME to $DB_SERVICE_USER;"
# Grant permissions to shipyard user
# This will allow shipyard user to query airflow database
psql -h $db_fqdn -p $db_port -U ${AIRFLOW_DB_USER} \
--command="GRANT select, insert, update, delete on all tables in schema public to $DB_USER;"
--command="GRANT select, insert, update, delete on all tables in schema public to $DB_SERVICE_USER;"

2
charts/shipyard/templates/bin/_shipyard-db-sync.sh.tpl

@ -1,7 +1,7 @@
#!/bin/bash
{{/*
Copyright 2017 The Openstack-Helm Authors.
Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.

2
charts/shipyard/templates/configmap-airflow-bin.yaml

@ -1,3 +1,5 @@
# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at

2
charts/shipyard/templates/configmap-airflow-etc.yaml

@ -1,4 +1,4 @@
# Copyright 2017 The Openstack-Helm Authors.
# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.

2
charts/shipyard/templates/configmap-shipyard-bin.yaml

@ -1,3 +1,5 @@
# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at

2
charts/shipyard/templates/configmap-shipyard-etc.yaml

@ -1,4 +1,4 @@
# Copyright 2017 The Openstack-Helm Authors.
# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.

2
charts/shipyard/templates/deployment-airflow-flower.yaml

@ -1,4 +1,4 @@
# Copyright 2017 The Openstack-Helm Authors.
# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.

6
charts/shipyard/templates/deployment-airflow-scheduler.yaml

@ -1,4 +1,4 @@
# Copyright 2017 The Openstack-Helm Authors.
# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@ -68,8 +68,8 @@ spec:
- name: AIRFLOW_CONN_AIRFLOWS_OWN_DB
valueFrom:
secretKeyRef:
name: {{ .Values.secrets.postgresql_airflow_db.admin }}
key: DB_CONNECTION_AIRFLOW
name: {{ .Values.secrets.postgresql_airflow_db.user }}
key: AIRFLOW_DATABASE_URI
# Set to -1 to stop scheduler from going into crash loops
args: ["scheduler", "-n", "-1" ]
volumeMounts:

6
charts/shipyard/templates/deployment-airflow-web.yaml

@ -1,4 +1,4 @@
# Copyright 2017 The Openstack-Helm Authors.
# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@ -68,8 +68,8 @@ spec:
- name: AIRFLOW_CONN_AIRFLOWS_OWN_DB
valueFrom:
secretKeyRef:
name: {{ .Values.secrets.postgresql_airflow_db.admin }}
key: DB_CONNECTION_AIRFLOW
name: {{ .Values.secrets.postgresql_airflow_db.user }}
key: AIRFLOW_DATABASE_URI
ports:
- containerPort: {{ .Values.network.airflow.web.port }}
args: ["webserver"]

6
charts/shipyard/templates/deployment-airflow-worker.yaml

@ -1,4 +1,4 @@
# Copyright 2017 The Openstack-Helm Authors.
# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@ -99,8 +99,8 @@ spec:
- name: AIRFLOW_CONN_AIRFLOWS_OWN_DB
valueFrom:
secretKeyRef:
name: {{ .Values.secrets.postgresql_airflow_db.admin }}
key: DB_CONNECTION_AIRFLOW
name: {{ .Values.secrets.postgresql_airflow_db.user }}
key: AIRFLOW_DATABASE_URI
ports:
- containerPort: {{ .Values.network.airflow.worker.port }}
args: ["worker"]

2
charts/shipyard/templates/deployment-shipyard.yaml

@ -1,4 +1,4 @@
# Copyright 2017 The Openstack-Helm Authors.
# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.

2
charts/shipyard/templates/etc/_airflow.cfg.tpl

@ -1,4 +1,4 @@
# Copyright 2017 The Openstack-Helm Authors.
# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.

2
charts/shipyard/templates/ingress-airflow-api.yaml

@ -1,5 +1,5 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.

2
charts/shipyard/templates/ingress-shipyard-api.yaml

@ -1,5 +1,5 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.

39
charts/shipyard/templates/job-airflow-db-init.yaml

@ -1,5 +1,5 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
@ -42,21 +42,38 @@ spec:
imagePullPolicy: {{ .Values.images.pull_policy | quote }}
{{ tuple $envAll $envAll.Values.pod.resources.jobs.airflow_db_init | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
env:
- name: DB_CONNECTION
- name: AIRFLOW_DB_URL
valueFrom:
secretKeyRef:
name: {{ .Values.secrets.postgresql_airflow_db.admin }}
key: DB_CONNECTION_AIRFLOW
name: {{ .Values.secrets.postgresql_airflow_db.user }}
key: AIRFLOW_DATABASE_URI
- name: AIRFLOW_CONFIG_FILE
value: /etc/airflow/airflow.cfg
- name: DB_NAME
value: {{ .Values.database.postgresql_airflow.db_name }}
- name: DB_USER
value: {{ .Values.endpoints.postgresql_airflow_db.auth.user.username }}
- name: DB_PASS
value: {{ .Values.endpoints.postgresql_airflow_db.auth.user.password }}
- name: ROOT_DB_USER
value: {{ .Values.database.postgresql_airflow.db_root_user }}
valueFrom:
secretKeyRef:
name: {{ .Values.secrets.postgresql_airflow_db.user }}
key: AIRFLOW_DATABASE_NAME
- name: DB_SERVICE_USER
valueFrom:
secretKeyRef:
name: {{ .Values.secrets.postgresql_airflow_db.user }}
key: AIRFLOW_DATABASE_USERNAME
- name: DB_SERVICE_PASSWORD
valueFrom:
secretKeyRef:
name: {{ .Values.secrets.postgresql_airflow_db.user }}
key: AIRFLOW_DATABASE_PASSWORD
- name: DB_ADMIN_USER
valueFrom:
secretKeyRef:
name: {{ .Values.secrets.postgresql_airflow_db.admin }}
key: AIRFLOW_DATABASE_USERNAME
- name: PGPASSWORD
valueFrom:
secretKeyRef:
name: {{ .Values.secrets.postgresql_airflow_db.admin }}
key: AIRFLOW_DATABASE_PASSWORD
command:
- /tmp/airflow-db-init.sh
volumeMounts:

2
charts/shipyard/templates/job-airflow-db-sync.yaml

@ -1,5 +1,5 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.

2
charts/shipyard/templates/job-ks-endpoints.yaml

@ -1,3 +1,5 @@
# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at

2
charts/shipyard/templates/job-ks-service.yaml

@ -1,3 +1,5 @@
# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at

2
charts/shipyard/templates/job-ks-user.yaml

@ -1,3 +1,5 @@
# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at

44
charts/shipyard/templates/job-shipyard-db-init.yaml

@ -1,5 +1,5 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
@ -44,23 +44,43 @@ spec:
imagePullPolicy: {{ .Values.images.pull_policy | quote }}
{{ tuple $envAll $envAll.Values.pod.resources.jobs.shipyard_db_init | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
env:
- name: ROOT_DB_CONNECTION
- name: SHIPYARD_DB_URL
valueFrom:
secretKeyRef:
name: {{ .Values.secrets.postgresql_shipyard_db.admin }}
key: DB_CONNECTION_SHIPYARD
name: {{ .Values.secrets.postgresql_shipyard_db.user }}
key: SHIPYARD_DATABASE_URI
- name: SHIPYARD_CONFIG_FILE
value: /etc/shipyard/shipyard.conf
- name: DB_NAME
value: {{ .Values.database.postgresql_shipyard.db_name }}
- name: DB_USER
value: {{ .Values.endpoints.postgresql_shipyard_db.auth.user.username }}
- name: DB_PASS
value: {{ .Values.endpoints.postgresql_shipyard_db.auth.user.password }}
- name: ROOT_DB_USER
value: {{ .Values.database.postgresql_shipyard.db_root_user }}
valueFrom:
secretKeyRef:
name: {{ .Values.secrets.postgresql_shipyard_db.user }}
key: SHIPYARD_DATABASE_NAME
- name: DB_SERVICE_USER
valueFrom:
secretKeyRef:
name: {{ .Values.secrets.postgresql_shipyard_db.user }}
key: SHIPYARD_DATABASE_USERNAME
- name: DB_SERVICE_PASSWORD
valueFrom:
secretKeyRef:
name: {{ .Values.secrets.postgresql_shipyard_db.user }}
key: SHIPYARD_DATABASE_PASSWORD
- name: DB_ADMIN_USER
valueFrom:
secretKeyRef:
name: {{ .Values.secrets.postgresql_shipyard_db.admin }}
key: SHIPYARD_DATABASE_USERNAME
- name: PGPASSWORD
valueFrom:
secretKeyRef:
name: {{ .Values.secrets.postgresql_shipyard_db.admin }}
key: SHIPYARD_DATABASE_PASSWORD
- name: AIRFLOW_DB_USER
value: {{ .Values.endpoints.postgresql_airflow_db.auth.user.username }}
valueFrom:
secretKeyRef:
name: {{ .Values.secrets.postgresql_airflow_db.user }}
key: AIRFLOW_DATABASE_USERNAME
command:
- /tmp/shipyard-db-init.sh
volumeMounts:

27
charts/shipyard/templates/job-shipyard-db-sync.yaml

@ -1,5 +1,5 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
@ -44,19 +44,28 @@ spec:
imagePullPolicy: {{ .Values.images.pull_policy }}
{{ tuple $envAll $envAll.Values.pod.resources.jobs.shipyard_db_sync | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
env:
- name: ROOT_DB_CONNECTION
- name: SHIPYARD_DB_URL
valueFrom:
secretKeyRef:
name: {{ .Values.secrets.postgresql_shipyard_db.admin }}
key: DB_CONNECTION_SHIPYARD
name: {{ .Values.secrets.postgresql_shipyard_db.user }}
key: SHIPYARD_DATABASE_URI
- name: SHIPYARD_CONFIG_FILE
value: /etc/shipyard/shipyard.conf
- name: DB_NAME
value: {{ .Values.database.postgresql_shipyard.db_name }}
- name: DB_USER
value: {{ .Values.endpoints.postgresql_shipyard_db.auth.user.username }}
- name: DB_PASS
value: {{ .Values.endpoints.postgresql_shipyard_db.auth.user.password }}
valueFrom:
secretKeyRef:
name: {{ .Values.secrets.postgresql_shipyard_db.user }}
key: SHIPYARD_DATABASE_NAME
- name: DB_SERVICE_USER
valueFrom:
secretKeyRef:
name: {{ .Values.secrets.postgresql_shipyard_db.user }}
key: SHIPYARD_DATABASE_USERNAME
- name: DB_SERVICE_PASSWORD
valueFrom:
secretKeyRef:
name: {{ .Values.secrets.postgresql_shipyard_db.user }}
key: SHIPYARD_DATABASE_PASSWORD
command:
- /tmp/shipyard-db-sync.sh
volumeMounts:

13
charts/shipyard/templates/secret-airflow-db.yaml

@ -1,5 +1,5 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
@ -18,6 +18,7 @@ limitations under the License.
{{- $envAll := . }}
{{- range $key1, $userClass := tuple "admin" "user" }}
{{- $secretName := index $envAll.Values.secrets.postgresql_airflow_db $userClass }}
{{- $auth := index $envAll.Values.endpoints.postgresql_airflow_db.auth $userClass }}
---
apiVersion: v1
kind: Secret
@ -25,6 +26,14 @@ metadata:
name: {{ $secretName }}
type: Opaque
data:
DB_CONNECTION_AIRFLOW: {{ tuple "postgresql_airflow_db" "internal" $userClass "postgresql" $envAll | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | b64enc -}}
AIRFLOW_DATABASE_NAME: |-
{{ $auth.database | default "" | b64enc | indent 4 }}
AIRFLOW_DATABASE_PASSWORD: |-
{{ $auth.password | b64enc | indent 4 }}
AIRFLOW_DATABASE_USERNAME: |-
{{ $auth.username | b64enc | indent 4 }}
AIRFLOW_DATABASE_URI: |-
{{ tuple "postgresql_airflow_db" "internal" "user" "postgresql" $envAll | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | b64enc | indent 4 }}
...
{{- end }}
{{- end }}

24
charts/shipyard/templates/secret-keystone-env.yaml

@ -1,15 +1,17 @@
{{/*
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if .Values.manifests.secret_keystone }}
{{- $envAll := . }}

13
charts/shipyard/templates/secret-shipyard-db.yaml

@ -1,5 +1,5 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
@ -18,6 +18,7 @@ limitations under the License.
{{- $envAll := . }}
{{- range $key1, $userClass := tuple "admin" "user" }}
{{- $secretName := index $envAll.Values.secrets.postgresql_shipyard_db $userClass }}
{{- $auth := index $envAll.Values.endpoints.postgresql_shipyard_db.auth $userClass }}
---
apiVersion: v1
kind: Secret
@ -25,6 +26,14 @@ metadata:
name: {{ $secretName }}
type: Opaque
data:
DB_CONNECTION_SHIPYARD: {{ tuple "postgresql_shipyard_db" "internal" $userClass "postgresql" $envAll | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | b64enc -}}
SHIPYARD_DATABASE_NAME: |-
{{ $auth.database | default "" | b64enc | indent 4 }}
SHIPYARD_DATABASE_PASSWORD: |-
{{ $auth.password | b64enc | indent 4 }}
SHIPYARD_DATABASE_USERNAME: |-
{{ $auth.username | b64enc | indent 4 }}
SHIPYARD_DATABASE_URI: |-
{{ tuple "postgresql_shipyard_db" "internal" "user" "postgresql" $envAll | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | b64enc | indent 4 }}
...
{{- end }}
{{- end }}

2
charts/shipyard/templates/service-airflow-flower.yaml

@ -1,5 +1,5 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.

2
charts/shipyard/templates/service-airflow-ingress.yaml

@ -1,5 +1,5 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.

2
charts/shipyard/templates/service-airflow-web.yaml

@ -1,5 +1,5 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.

2
charts/shipyard/templates/service-shipyard-ingress.yaml

@ -1,5 +1,5 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.

2
charts/shipyard/templates/service-shipyard.yaml

@ -1,5 +1,5 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.

16
charts/shipyard/values.yaml

@ -1,4 +1,4 @@
# Copyright 2017 The Openstack-Helm Authors.
# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@ -213,10 +213,11 @@ endpoints:
auth:
admin:
username: postgres
password: postgres
password: password
user:
username: shipyard
password: password
database: shipyard
hosts:
default: postgresql
path: /shipyard
@ -231,10 +232,11 @@ endpoints:
auth:
admin:
username: postgres
password: postgres
password: password
user:
username: airflow
password: password
database: airflow
hosts:
default: postgresql
path: /airflow
@ -281,14 +283,6 @@ secrets:
admin: airflow-db-admin
user: airflow-db-user
database:
postgresql_airflow:
db_name: airflow
db_root_user: postgres
postgresql_shipyard:
db_name: shipyard
db_root_user: postgres
conf:
uwsgi:
threads: 1

Loading…
Cancel
Save