cnpg improvements

FRINXio · Nov 27, 2023 · 4b68c45 · 4b68c45
1 parent a795b2f
commit 4b68c45
Show file tree

Hide file tree

Showing 6 changed files with 111 additions and 35 deletions.
diff --git a/charts/cloud-native-pg/templates/helpers.tpl b/charts/cloud-native-pg/templates/helpers.tpl
@@ -0,0 +1,72 @@
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "cloud-native-pg.fullname" -}}
+{{- or $.Values.name $.Chart.Name | trunc 63 | trimSuffix "-" -}}
+{{- end }}
+
+{{/*
+Return true if a secret object should be created
+*/}}
+{{- define "cloud-native-pg.createSuperuserSecret" -}}
+{{- if (.Values.secrets.superuserSecret) -}}
+    {{- if (not .Values.secrets.superuserSecret.existingSecret ) -}}
+        {{- true -}}
+    {{- end -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Get the password secret.
+*/}}
+{{- define "cloud-native-pg.superUserSecretName" -}}
+{{- if .Values.secrets.superuserSecret.existingSecret }}
+    {{- printf "%s" (tpl  .Values.secrets.superuserSecret.existingSecret $) -}}
+{{- else -}}
+    {{- printf "%s-frinx-superuser"  (include "cloud-native-pg.fullname" .) -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Return true if a secret object should be created
+*/}}
+{{- define "cloud-native-pg.createUserSecret" -}}
+{{- if (.Values.secrets.userSecret) -}}
+    {{- if (not .Values.secrets.userSecret.existingSecret ) -}}
+        {{- true -}}
+    {{- end -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Get the password secret.
+*/}}
+{{- define "cloud-native-pg.userSecretName" -}}
+{{- if .Values.secrets.userSecret.existingSecret }}
+    {{- printf "%s" (tpl  .Values.secrets.userSecret.existingSecret $) -}}
+{{- else -}}
+    {{- printf "%s-frinx-user"  (include "cloud-native-pg.fullname" .) -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Return true if a secret object should be created
+*/}}
+{{- define "cloud-native-pg.createPostInitSqlSecret" -}}
+{{- if (.Values.secrets.postInitSqlSecret) -}}
+    {{- if (not .Values.secrets.postInitSqlSecret.existingSecret ) -}}
+        {{- true -}}
+    {{- end -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Get the password secret.
+*/}}
+{{- define "cloud-native-pg.postInitSqlSecretName" -}}
+{{- if .Values.secrets.postInitSqlSecret.existingSecret }}
+    {{- printf "%s" (tpl  .Values.secrets.postInitSqlSecret.existingSecret $) -}}
+{{- else -}}
+    {{- printf "%s-post-init-sql-secret"  (include "cloud-native-pg.fullname" .) -}}
+{{- end -}}
+{{- end -}}
diff --git a/charts/cloud-native-pg/templates/post-init-sql-secret.yaml b/charts/cloud-native-pg/templates/post-init-sql-secret.yaml
@@ -1,8 +1,8 @@
-{{ if .Values.secrets.postInitSqlSecret }}
+{{- if (include "cloud-native-pg.createPostInitSqlSecret" .) }}
 apiVersion: v1
 kind: Secret
 metadata:
-  name: "{{ or .Values.name .Chart.Name}}-{{.Values.secrets.postInitSqlSecret.name}}"
+  name:  {{ template "cloud-native-pg.fullname" . }}-post-init-sql-secret
 stringData:
-  secret.sql: {{- .Values.secrets.postInitSqlSecret.sql | toYaml | indent 1 }}
+  secret.sql: {{- required "Required value for secrets.postInitSqlSecret.sql" .Values.secrets.postInitSqlSecret.sql | toYaml | indent 1 }}
 {{ end }}
diff --git a/charts/cloud-native-pg/templates/postgres-cluster.yaml b/charts/cloud-native-pg/templates/postgres-cluster.yaml
@@ -2,7 +2,7 @@
 apiVersion: postgresql.cnpg.io/v1
 kind: Cluster
 metadata:
-  name: {{ $cluster_name }}
+  name: {{ include "cloud-native-pg.fullname" . }}
 spec:
   instances: {{ .Values.instances }}
   imageName: {{ .Values.imageName }}
@@ -50,7 +50,7 @@ spec:
       database: {{ .Values.bootstrap.initdb.database }}
       owner: {{ .Values.bootstrap.initdb.owner }}
       secret:
-        name: {{- printf " %s-%s" $cluster_name .Values.bootstrap.initdb.secret.name }}
+        name: {{ include "cloud-native-pg.userSecretName" . }}
       {{- if .Values.bootstrap.initdb.postInitSQL }}
       postInitSQL:
         {{- toYaml .Values.bootstrap.initdb.postInitSQL | nindent 8 }}
@@ -65,30 +65,30 @@ spec:
       {{- end }}
       {{- if .Values.bootstrap.initdb.postInitApplicationSQLRefs }}
       postInitApplicationSQLRefs:
-        {{- if .Values.bootstrap.initdb.postInitApplicationSQLRefs.configMapRefs }}
         configMapRefs:
-          {{- range .Values.bootstrap.initdb.postInitApplicationSQLRefs.configMapRefs }}
-          - name: {{- printf " %s-%s" $cluster_name .name }}
+          {{- range .Values.bootstrap.initdb.postInitApplicationSQLRefs.extraConfigMapRefs }}
+          - name: {{ .name }}
             key: {{ .key }}
           {{- end }}
-        {{- end }}
-        {{- if .Values.bootstrap.initdb.postInitApplicationSQLRefs.secretRefs }}
         secretRefs:
-          {{- range .Values.bootstrap.initdb.postInitApplicationSQLRefs.secretRefs }}
-          - name: {{- printf " %s-%s" $cluster_name .name }}
+          {{- if .Values.secrets.postInitSqlSecret }}
+          - name: {{ include "cloud-native-pg.postInitSqlSecretName" . }}
+            key: secret.sql
+          {{- end }}
+          {{- range .Values.bootstrap.initdb.postInitApplicationSQLRefs.extraSecretRefs }}
+          - name: {{- .name }}
             key: {{ .key }}
           {{- end }}
-      {{- end }}
   {{- end }}
 
   {{- if .Values.backup }}
   backup:
     {{- toYaml .Values.backup | nindent 4 }}
   {{- end }}
 
-  {{- if .Values.superuserSecret }}
+  {{- if .Values.secrets.superuserSecret }}
   superuserSecret:
-    name: {{- printf " %s-%s" $cluster_name .Values.superuserSecret.name }}
+    name: {{ include "cloud-native-pg.superUserSecretName" . }}
   {{- end }}
 
   {{- if .Values.env }}

diff --git a/charts/cloud-native-pg/templates/postgres-superuser-secret.yaml b/charts/cloud-native-pg/templates/postgres-superuser-secret.yaml
@@ -1,10 +1,10 @@
-{{ if .Values.secrets.superuserSecret }}
+{{- if (include "cloud-native-pg.createSuperuserSecret" .) }}
 apiVersion: v1
 kind: Secret
 metadata:
-  name: "{{or .Values.name .Chart.Name}}-{{.Values.secrets.superuserSecret.name }}"
+  name: {{ template "cloud-native-pg.fullname" . }}-frinx-superuser
 type: kubernetes.io/basic-auth
 data:
-  username: {{ .Values.secrets.superuserSecret.username | b64enc | quote }}
-  password: {{ .Values.secrets.superuserSecret.password | b64enc | quote }}
+  username: {{ required "Required value for secrets.superuserSecret.username" .Values.secrets.superuserSecret.username | b64enc | quote }}
+  password: {{ required "Required value for secrets.superuserSecret.password" .Values.secrets.superuserSecret.password | b64enc | quote }}
 {{ end }}
diff --git a/charts/cloud-native-pg/templates/postgres-user-secret.yaml b/charts/cloud-native-pg/templates/postgres-user-secret.yaml
@@ -1,10 +1,10 @@
-{{ if .Values.secrets.userSecret }}
+{{- if (include "cloud-native-pg.createUserSecret" .) }}
 apiVersion: v1
 kind: Secret
 metadata:
-  name: "{{or .Values.name .Chart.Name}}-{{.Values.secrets.userSecret.name}}"
+  name: {{ template "cloud-native-pg.fullname" . }}-frinx-user
 type: kubernetes.io/basic-auth
 data:
-  username: {{ .Values.secrets.userSecret.username | b64enc | quote }}
-  password: {{ .Values.secrets.userSecret.password | b64enc | quote }}
+  username: {{ required "Required value for secrets.userSecret.username" .Values.secrets.userSecret.username | b64enc | quote }}
+  password: {{ required "Required value for secrets.userSecret.password" .Values.secrets.userSecret.password | b64enc | quote }}
 {{ end }}
diff --git a/charts/cloud-native-pg/values.yaml b/charts/cloud-native-pg/values.yaml
@@ -44,23 +44,26 @@ bootstrap:
   initdb:
     database: frinx
     owner: frinx
-    secret:
-      name: frinx-user
+    # secret:
+    #   name: frinx-user
     postInitSQL: {}
     postInitTemplateSQL: {}
     postInitApplicationSQL: {}
     postInitApplicationSQLRefs:
-      configMapRefs: {}
-      secretRefs: {}
+      # extraConfigMapRefs holds a list of references to configmaps
+      # key-value format 
+      extraConfigMapRefs: {}
+      # extraSecretRefs holds a list of references to secrets
+      # If secrets.postInitSqlSecret exist, automatically is imported to secretRefs list
+      # key-value format 
+      extraSecretRefs: {}
 
 backup: {}
   # BackupConfiguration defines how the backup of the cluster are taken.
   # Currently the only supported backup method is barmanObjectStore.
   # For details and examples refer to the Backup and Recovery section of the documentation
   # https://cloudnative-pg.io/documentation/1.18/api_reference/#backupconfiguration
 
-superuserSecret:
-  name: frinx-superuser
 
 monitoring: {}
   # MonitoringConfiguration is the type containing all the monitoring configuration for a certain cluster
@@ -77,15 +80,16 @@ affinity: {}
   # https://cloudnative-pg.io/documentation/1.18/api_reference/#AffinityConfiguration
 
 secrets:
-  superuserSecret:
-    name: frinx-superuser
+  superuserSecret: 
+    existingSecret:
     username: postgres
     password: postgres
-  userSecret:
-    name: frinx-user
+  userSecret: 
+    existingSecret:
     username: frinx
-    password: postgres
-  postInitSqlSecret: {}
+    password: frinx
+  postInitSqlSecret:
+    # existingSecret:
     # name: post-init-sql-secret
     # sql: |-
     #   CREATE SCHEMA inventory AUTHORIZATION inventory;