diff --git a/service/files/defaults.yaml b/service/files/defaults.yaml index 2345c72..f068f23 100644 --- a/service/files/defaults.yaml +++ b/service/files/defaults.yaml @@ -5,14 +5,11 @@ configs: slow_query_log_enabled: false long_query_time: 1 general_log_enabled: false - root_password: "password" max_timeout: 60 tls: enabled: true percona: cluster_name: "k8scluster" - xtrabackup_password: "password" - monitor_password: "password" gcache_size: "1G" sql_mode: null cluster_size: 3 @@ -21,6 +18,14 @@ configs: node: null port: cont: 3306 + +secret_configs: + db: + root_password: "password" + percona: + xtrabackup_password: "password" + monitor_password: "password" + url: percona: debian: diff --git a/service/files/percona_entrypoint.py b/service/files/percona_entrypoint.py index 2a55906..ff38a2c 100644 --- a/service/files/percona_entrypoint.py +++ b/service/files/percona_entrypoint.py @@ -26,6 +26,7 @@ GRASTATE_FILE = os.path.join(DATADIR, 'grastate.dat') SST_FLAG = os.path.join(DATADIR, "sst_in_progress") DHPARAM = os.path.join(DATADIR, "dhparams.pem") GLOBALS_PATH = '/etc/ccp/globals/globals.json' +GLOBALS_SECRETS_PATH = '/etc/ccp/global-secrets/global-secrets.json' CA_CERT = '/opt/ccp/etc/tls/ca.pem' LOG_DATEFMT = "%Y-%m-%d %H:%M:%S" @@ -74,12 +75,25 @@ def retry(f): return wrap -def get_config(): +def merge_configs(variables, new_config): + for k, v in new_config.items(): + if k not in variables: + variables[k] = v + continue + if isinstance(v, dict) and isinstance(variables[k], dict): + merge_configs(variables[k], v) + else: + variables[k] = v + +def get_config(): LOG.info("Getting global variables from %s", GLOBALS_PATH) variables = {} with open(GLOBALS_PATH) as f: global_conf = json.load(f) + with open(GLOBALS_SECRETS_PATH) as f: + secrets = json.load(f) + merge_configs(global_conf, secrets) for key in ['percona', 'db', 'etcd', 'namespace', 'cluster_domain', 'security']: variables[key] = global_conf[key]