Complete management of existing secrets for external postgres (#129)

zalf-rdm · Jan 5, 2024 · 4d33ea1 · 4d33ea1
1 parent ea6afc8
commit 4d33ea1
Show file tree

Hide file tree

Showing 6 changed files with 24 additions and 17 deletions.
diff --git a/charts/geonode/templates/_helpers.tpl b/charts/geonode/templates/_helpers.tpl
@@ -47,28 +47,35 @@
 {{- define "database_postgres_password_secret_key_ref" -}}
 {{- if (index .Values "postgres-operator" "enabled") -}}
 "{{ .Values.postgres.username }}.{{ include "postgres_pod_name" . }}.credentials.postgresql.acid.zalan.do"
-{{- else if .Values.postgres.external_postgres.enabled -}}
+{{- else if and .Values.postgres.external_postgres.enabled (not .Values.postgres.external_postgres.secret.existingSecretName ) -}}
 "{{ .Release.Name }}-postgres-external-secrets"
+{{- else -}}
+"{{.Values.postgres.external_postgres.secret.existingSecretName }}"
 {{- end -}}
 {{- end -}}
 
 # secret key reference for the password of user:  .Values.postgres.geonode_databasename_and_username
 {{- define "database_geonode_password_secret_key_ref" -}}
 {{- if (index .Values "postgres-operator" "enabled") -}}
 "{{ .Values.postgres.geonode_databasename_and_username }}.{{ include "postgres_pod_name" . }}.credentials.postgresql.acid.zalan.do"
-{{- else if .Values.postgres.external_postgres.enabled -}}
+{{- else if and .Values.postgres.external_postgres.enabled (not .Values.postgres.external_postgres.secret.existingSecretName ) -}}
 "{{ .Release.Name }}-geonode-external-secrets"
+{{- else -}}
+"{{.Values.postgres.external_postgres.secret.existingSecretName }}"
 {{- end -}}
 {{- end -}}
 
-# secret key reference for the password of user: .Values.postgres.geonode_databasename_and_username
+# secret key reference for the password of user: .Values.postgres.geodata_databasename_and_username
 {{- define "database_geodata_password_secret_key_ref" -}}
 {{- if (index .Values "postgres-operator" "enabled") -}}
 "{{ .Values.postgres.geodata_databasename_and_username }}.{{ include "postgres_pod_name" . }}.credentials.postgresql.acid.zalan.do"
-{{- else if .Values.postgres.external_postgres.enabled -}}
+{{- else if and .Values.postgres.external_postgres.enabled (not .Values.postgres.external_postgres.secret.existingSecretName ) -}}
 "{{ .Release.Name }}-geodata-external-secrets"
+{{- else -}}
+"{{.Values.postgres.external_postgres.secret.existingSecretName }}"
 {{- end -}}
 {{- end -}}
+
 {{- define "pycsw_pod_name" -}}
 {{ .Release.Name }}-{{ .Values.pycsw.pod_name }}
 {{- end -}}

diff --git a/charts/geonode/templates/geonode/geonode-deploy.yaml b/charts/geonode/templates/geonode/geonode-deploy.yaml
@@ -100,17 +100,17 @@ spec:
           valueFrom:
             secretKeyRef:
               name: {{ include "database_geonode_password_secret_key_ref" . }}
-              key: password
+              key: geonode_password
         - name: GEONODE_GEODATABASE_PASSWORD
           valueFrom:
             secretKeyRef:
               name: {{ include "database_geodata_password_secret_key_ref" . }}
-              key: password
+              key: geodata_password
         - name: POSTGRES_PASSWORD
           valueFrom:
             secretKeyRef:
               name: {{ include "database_postgres_password_secret_key_ref" . }}
-              key: password
+              key: postgres_password
         - name: GEODATABASE_URL
           value: "postgis://$(GEONODE_GEODATABASE):$(GEONODE_GEODATABASE_PASSWORD)@$(DATABASE_HOST):$(DATABASE_PORT)/$(GEONODE_GEODATABASE)"
         - name: DATABASE_URL
@@ -207,17 +207,17 @@ spec:
           valueFrom:
             secretKeyRef:
               name: {{ include "database_geonode_password_secret_key_ref" . }}
-              key: password
+              key: geonode_password
         - name: GEONODE_GEODATABASE_PASSWORD
           valueFrom:
             secretKeyRef:
               name: {{ include "database_geodata_password_secret_key_ref" . }}
-              key: password
+              key: geodata_password
         - name: POSTGRES_PASSWORD
           valueFrom:
             secretKeyRef:
               name: {{ include "database_postgres_password_secret_key_ref" . }}
-              key: password
+              key: postgres_password
         - name: GEODATABASE_URL
           value: "postgis://$(GEONODE_GEODATABASE):$(GEONODE_GEODATABASE_PASSWORD)@$(DATABASE_HOST):$(DATABASE_PORT)/$(GEONODE_GEODATABASE)"
         - name: DATABASE_URL

diff --git a/charts/geonode/templates/geoserver/geoserver-deploy.yaml b/charts/geonode/templates/geoserver/geoserver-deploy.yaml
@@ -76,7 +76,7 @@ spec:
             valueFrom:
               secretKeyRef:
                 name: {{ include "database_geodata_password_secret_key_ref" . }}
-                key: password
+                key: geodata_password
 
         volumeMounts:
         - name: "{{ include "persistant_volume_name" . }}"

diff --git a/charts/geonode/templates/postgres/postgres-external-geodata-secrets.yaml b/charts/geonode/templates/postgres/postgres-external-geodata-secrets.yaml
@@ -6,6 +6,6 @@ metadata:
   namespace: {{ .Release.Namespace }}
 type: Opaque
 data:
-  username: {{ .Values.postgres.geodata_databasename_and_username | b64enc }}
-  password: {{ .Values.postgres.external_postgres.secret.geodata_password | b64enc }}
+  geodata_username: {{ .Values.postgres.geodata_databasename_and_username | b64enc }}
+  geodata_password: {{ .Values.postgres.external_postgres.secret.geodata_password | b64enc }}
 {{ end }}
diff --git a/charts/geonode/templates/postgres/postgres-external-geonode-secrets.yaml b/charts/geonode/templates/postgres/postgres-external-geonode-secrets.yaml
@@ -6,6 +6,6 @@ metadata:
   namespace: {{ .Release.Namespace }}
 type: Opaque
 data:
-  username: {{ .Values.postgres.username | b64enc }}
-  password: {{ .Values.postgres.external_postgres.secret.geonode_password | b64enc }}
+  geonode_username: {{ .Values.postgres.geonode_databasename_and_username | b64enc }}
+  geonode_password: {{ .Values.postgres.external_postgres.secret.geonode_password | b64enc }}
 {{ end }}
diff --git a/charts/geonode/templates/postgres/postgres-external-postgres-secrets.yaml b/charts/geonode/templates/postgres/postgres-external-postgres-secrets.yaml
@@ -6,6 +6,6 @@ metadata:
   namespace: {{ .Release.Namespace }}
 type: Opaque
 data:
-  username: {{ .Values.postgres.username | b64enc }}
-  password: {{ .Values.postgres.external_postgres.secret.postgres_password | b64enc }}
+  postgres_username: {{ .Values.postgres.username | b64enc }}
+  postgres_password: {{ .Values.postgres.external_postgres.secret.postgres_password | b64enc }}
 {{ end }}