diff --git a/kubernetes/helm/openslice/templates/_helpers.tpl b/kubernetes/helm/openslice/templates/_helpers.tpl index 89f9f71fba483f569751099ef78cdfb1da8a3f4c..fa5e591ed3974face4677c85b65907329ad9ec27 100644 --- a/kubernetes/helm/openslice/templates/_helpers.tpl +++ b/kubernetes/helm/openslice/templates/_helpers.tpl @@ -60,3 +60,54 @@ Create the name of the service account to use {{- default "default" .Values.serviceAccount.name }} {{- end }} {{- end }} + +{{/* +Secrets +*/}} +{{- define "openslice.secrets.activemq" -}} +{{- if .Values.oscreds.activemq.existingSecret }} +{{- .Values.oscreds.activemq.existingSecret }} +{{- else }} +{{- include "openslice.fullname" . }}-artemis-secret +{{- end }} +{{- end }} + +{{- define "openslice.secrets.mysql" -}} +{{- if .Values.oscreds.mysql.existingSecret }} +{{- .Values.oscreds.mysql.existingSecret }} +{{- else }} +{{- include "openslice.fullname" . }}-mysql-secrets +{{- end }} +{{- end }} + +{{- define "openslice.secrets.keycloak.mysql" -}} +{{- if .Values.oscreds.mysql.keycloak.existingMySQLSecret }} +{{- .Values.oscreds.mysql.keycloak.existingMySQLSecret }} +{{- else }} +{{- include "openslice.fullname" . }}-mysql-keycloak-secrets +{{- end }} +{{- end }} + +{{- define "openslice.secrets.keycloak.admin" -}} +{{- if .Values.oscreds.mysql.keycloak.existingSecret }} +{{- .Values.oscreds.mysql.keycloak.existingSecret }} +{{- else }} +{{- include "openslice.fullname" . }}-keycloak-secret +{{- end }} +{{- end }} + +{{- define "openslice.secrets.portal.mysql" -}} +{{- if .Values.oscreds.mysql.portal.existingSecret }} +{{- .Values.oscreds.mysql.portal.existingSecret }} +{{- else }} +{{- include "openslice.fullname" . }}-mysql-portal-secrets +{{- end }} +{{- end }} + +{{- define "openslice.secrets.metrico.mysql" -}} +{{- if .Values.oscreds.mysql.metrico.existingSecret }} +{{- .Values.oscreds.mysql.metrico.existingSecret }} +{{- else }} +{{- include "openslice.fullname" . }}-mysql-metrico-secrets +{{- end }} +{{- end }} diff --git a/kubernetes/helm/openslice/templates/artemis-secret.yaml b/kubernetes/helm/openslice/templates/artemis-secret.yaml index 21c97d099c3c61f1c851c2d5d30fb3bfa5e03288..cceefc21fcb7f187ec9cbf98a5bc9f2d52aac86c 100644 --- a/kubernetes/helm/openslice/templates/artemis-secret.yaml +++ b/kubernetes/helm/openslice/templates/artemis-secret.yaml @@ -1,3 +1,4 @@ +{{- if not .Values.oscreds.activemq.existingSecret -}} apiVersion: v1 kind: Secret metadata: @@ -11,3 +12,4 @@ metadata: data: username: {{ .Values.oscreds.activemq.user | b64enc }} password: {{ .Values.oscreds.activemq.password | b64enc }} +{{- end -}} diff --git a/kubernetes/helm/openslice/templates/artemis.yaml b/kubernetes/helm/openslice/templates/artemis.yaml index 2f4cc1f2a542f6c9787fb74d03839178886db20b..17e18a021021d2440e53d69c4f2d3f44ce3f5ed1 100644 --- a/kubernetes/helm/openslice/templates/artemis.yaml +++ b/kubernetes/helm/openslice/templates/artemis.yaml @@ -32,12 +32,12 @@ spec: - name: ARTEMIS_USER valueFrom: secretKeyRef: - name: {{ include "openslice.fullname" . }}-artemis-secret + name: {{ include "openslice.secrets.activemq" . }} key: username - name: ARTEMIS_PASSWORD valueFrom: secretKeyRef: - name: {{ include "openslice.fullname" . }}-artemis-secret + name: {{ include "openslice.secrets.activemq" . }} key: password resources: {{- toYaml .Values.resources | nindent 12 }} diff --git a/kubernetes/helm/openslice/templates/bugzilla.yaml b/kubernetes/helm/openslice/templates/bugzilla.yaml index 1e63a6d0f60ec937122a694617bb0d29511b4989..09323cfee26429bd49a6bde4c27fce625507ca92 100644 --- a/kubernetes/helm/openslice/templates/bugzilla.yaml +++ b/kubernetes/helm/openslice/templates/bugzilla.yaml @@ -55,7 +55,7 @@ spec: volumes: - name: artemis-secrets secret: - secretName: {{ include "openslice.fullname" . }}-artemis-secret + secretName: {{ include "openslice.secrets.activemq" . }} --- apiVersion: v1 kind: Service diff --git a/kubernetes/helm/openslice/templates/centrallog.yaml b/kubernetes/helm/openslice/templates/centrallog.yaml index e3c4b0e6cc9d8e3c3ea8ca22e461b56b1a74f5c6..e61dc66710455d4606b7ccf9bfcb6ccd4c3df291 100644 --- a/kubernetes/helm/openslice/templates/centrallog.yaml +++ b/kubernetes/helm/openslice/templates/centrallog.yaml @@ -53,7 +53,7 @@ spec: volumes: - name: artemis-secrets secret: - secretName: {{ include "openslice.fullname" . }}-artemis-secret + secretName: {{ include "openslice.secrets.activemq" . }} --- apiVersion: v1 kind: Service diff --git a/kubernetes/helm/openslice/templates/cridge.yaml b/kubernetes/helm/openslice/templates/cridge.yaml index 45dc6f31de5fe95c37b5fb5172e052eed3fbddf7..bb32c679cec3e4a9e59afe732bb3738b980845ac 100644 --- a/kubernetes/helm/openslice/templates/cridge.yaml +++ b/kubernetes/helm/openslice/templates/cridge.yaml @@ -56,5 +56,5 @@ spec: secretName: {{ include "openslice.fullname" . }}-kubeconfig - name: artemis-secrets secret: - secretName: {{ include "openslice.fullname" . }}-artemis-secret + secretName: {{ include "openslice.secrets.activemq" . }} {{- end }} diff --git a/kubernetes/helm/openslice/templates/keycloak-secret.yaml b/kubernetes/helm/openslice/templates/keycloak-secret.yaml index 1795c04c9a66674bf69e4de62f6fa8ef47d5d4b7..c6b7d4fe56ebd434dceaf087555d4bd04e1240c0 100644 --- a/kubernetes/helm/openslice/templates/keycloak-secret.yaml +++ b/kubernetes/helm/openslice/templates/keycloak-secret.yaml @@ -1,3 +1,4 @@ +{{- if not .Values.oscreds.mysql.keycloak.existingSecret -}} apiVersion: v1 kind: Secret metadata: @@ -10,3 +11,4 @@ metadata: name: {{ include "openslice.fullname" . }}-keycloak-secret data: admin-password: {{ .Values.oscreds.mysql.keycloak.adminpassword | b64enc }} +{{- end -}} diff --git a/kubernetes/helm/openslice/templates/keycloak.yaml b/kubernetes/helm/openslice/templates/keycloak.yaml index d0f469c0185eeeb5226eae87a0f064d039313c37..843f1dfc7013013cd083fc78f2798a7b6429233d 100644 --- a/kubernetes/helm/openslice/templates/keycloak.yaml +++ b/kubernetes/helm/openslice/templates/keycloak.yaml @@ -41,24 +41,24 @@ spec: - name: DB_DATABASE valueFrom: secretKeyRef: - name: {{ include "openslice.fullname" . }}-mysql-keycloak-secrets + name: {{ include "openslice.secrets.keycloak.mysql" . }} key: database - name: DB_PASSWORD valueFrom: secretKeyRef: - name: {{ include "openslice.fullname" . }}-mysql-keycloak-secrets + name: {{ include "openslice.secrets.keycloak.mysql" . }} key: password - name: DB_USER valueFrom: secretKeyRef: - name: {{ include "openslice.fullname" . }}-mysql-keycloak-secrets + name: {{ include "openslice.secrets.keycloak.mysql" . }} key: username - name: KEYCLOAK_USER value: admin - name: KEYCLOAK_PASSWORD valueFrom: secretKeyRef: - name: {{ include "openslice.fullname" . }}-keycloak-secret + name: {{ include "openslice.secrets.keycloak.admin" . }} key: admin-password - name: JDBC_PARAMS value: useSSL=false diff --git a/kubernetes/helm/openslice/templates/manoclient.yaml b/kubernetes/helm/openslice/templates/manoclient.yaml index 46d75aec90634a7c39beec0dcd6c680d250afeca..c773eba011828aeb89e0738749909dbdfe3452be 100644 --- a/kubernetes/helm/openslice/templates/manoclient.yaml +++ b/kubernetes/helm/openslice/templates/manoclient.yaml @@ -53,7 +53,7 @@ spec: volumes: - name: artemis-secrets secret: - secretName: {{ include "openslice.fullname" . }}-artemis-secret + secretName: {{ include "openslice.secrets.activemq" . }} --- apiVersion: v1 kind: Service diff --git a/kubernetes/helm/openslice/templates/mcp-server.yaml b/kubernetes/helm/openslice/templates/mcp-server.yaml index b5bb3310319fae7f4586ae23e834022f89489fde..8db6f33158ab46bc93c03ed196e62ada3cb99e99 100644 --- a/kubernetes/helm/openslice/templates/mcp-server.yaml +++ b/kubernetes/helm/openslice/templates/mcp-server.yaml @@ -70,10 +70,10 @@ spec: volumes: - name: artemis-secrets secret: - secretName: {{ include "openslice.fullname" . }}-artemis-secret + secretName: {{ include "openslice.secrets.activemq" . }} - name: mysql-portal-secrets secret: - secretName: {{ include "openslice.fullname" . }}-mysql-portal-secrets + secretName: {{ include "openslice.secrets.portal.mysql" . }} --- apiVersion: v1 kind: Service diff --git a/kubernetes/helm/openslice/templates/metrico.yaml b/kubernetes/helm/openslice/templates/metrico.yaml index b5d1aa463db41836d70a745fcc469e8bbd91735f..d894b500b1d31b52c59c0b28058ed017af6a4ad3 100644 --- a/kubernetes/helm/openslice/templates/metrico.yaml +++ b/kubernetes/helm/openslice/templates/metrico.yaml @@ -60,8 +60,8 @@ spec: volumes: - name: artemis-secrets secret: - secretName: {{ include "openslice.fullname" . }}-artemis-secret + secretName: {{ include "openslice.secrets.activemq" . }} - name: mysql-metrico-secrets secret: - secretName: {{ include "openslice.fullname" . }}-mysql-metrico-secrets + secretName: {{ include "openslice.secrets.metrico.mysql" . }} {{- end }} diff --git a/kubernetes/helm/openslice/templates/mysql-keycloak-secret.yaml b/kubernetes/helm/openslice/templates/mysql-keycloak-secret.yaml index eae26f4c35e9bd450142e5f9d419c7f65ddfc33d..3f3035ca0a26e3563613219925462e643f7562d7 100644 --- a/kubernetes/helm/openslice/templates/mysql-keycloak-secret.yaml +++ b/kubernetes/helm/openslice/templates/mysql-keycloak-secret.yaml @@ -1,3 +1,4 @@ +{{- if not .Values.oscreds.mysql.keycloak.existingMySQLSecret -}} apiVersion: v1 kind: Secret metadata: @@ -12,3 +13,4 @@ data: username: {{ .Values.oscreds.mysql.keycloak.username | default "keycloak" | b64enc }} password: {{ .Values.oscreds.mysql.keycloak.password | default "password" | b64enc }} database: {{ .Values.oscreds.mysql.keycloak.database | default "keycloak" | b64enc }} +{{- end -}} diff --git a/kubernetes/helm/openslice/templates/mysql-metrico-secret.yaml b/kubernetes/helm/openslice/templates/mysql-metrico-secret.yaml index 3aa8df072492297f084ebebc326101e6006d07ee..4685b05b1a4ef466b6480ac9563d645b210537b1 100644 --- a/kubernetes/helm/openslice/templates/mysql-metrico-secret.yaml +++ b/kubernetes/helm/openslice/templates/mysql-metrico-secret.yaml @@ -1,3 +1,4 @@ +{{- if not .Values.oscreds.mysql.metrico.existingSecret -}} apiVersion: v1 kind: Secret metadata: @@ -12,3 +13,4 @@ data: username: {{ .Values.oscreds.mysql.metrico.username | default "metricouser" | b64enc }} password: {{ .Values.oscreds.mysql.metrico.password | default "12345" | b64enc }} database: {{ .Values.oscreds.mysql.metrico.database | default "metricodb" | b64enc }} +{{- end -}} diff --git a/kubernetes/helm/openslice/templates/mysql-portal-secret.yaml b/kubernetes/helm/openslice/templates/mysql-portal-secret.yaml index 58bff0246fbc1e40242bb99269268a887b2962f8..99afd54fe6b11c20cc50ae6e0b92e6897af67e28 100644 --- a/kubernetes/helm/openslice/templates/mysql-portal-secret.yaml +++ b/kubernetes/helm/openslice/templates/mysql-portal-secret.yaml @@ -1,3 +1,4 @@ +{{- if not .Values.oscreds.mysql.portal.existingSecret -}} apiVersion: v1 kind: Secret metadata: @@ -11,4 +12,5 @@ metadata: data: username: {{ .Values.oscreds.mysql.portal.username | default "portaluser" | b64enc }} password: {{ .Values.oscreds.mysql.portal.password | default "12345" | b64enc }} - database: {{ .Values.oscreds.mysql.openslicedb | default "osdb" | b64enc }} + database: {{ .Values.oscreds.mysql.portal.database | default "osdb" | b64enc }} +{{- end -}} diff --git a/kubernetes/helm/openslice/templates/mysql-secret.yaml b/kubernetes/helm/openslice/templates/mysql-secret.yaml index a17dc36a8744ce240ae8ef89c8dc344e1620983b..9db23d40e2b68ef60ba379a216024f1c581f1db1 100644 --- a/kubernetes/helm/openslice/templates/mysql-secret.yaml +++ b/kubernetes/helm/openslice/templates/mysql-secret.yaml @@ -1,3 +1,4 @@ +{{- if not .Values.oscreds.mysql.existingSecret -}} apiVersion: v1 kind: Secret metadata: @@ -10,3 +11,4 @@ metadata: name: {{ include "openslice.fullname" . }}-mysql-secrets data: root-password: {{ .Values.oscreds.mysql.password | default "letmein" | b64enc }} +{{- end -}} diff --git a/kubernetes/helm/openslice/templates/mysql.yaml b/kubernetes/helm/openslice/templates/mysql.yaml index 7f9585f402a18d983c3fcae686e6fd17d922a69a..e0cc23dfb2a71ab6a7383dae787116f9e635b329 100644 --- a/kubernetes/helm/openslice/templates/mysql.yaml +++ b/kubernetes/helm/openslice/templates/mysql.yaml @@ -37,7 +37,7 @@ spec: - name: MYSQL_ROOT_PASSWORD valueFrom: secretKeyRef: - name: {{ include "openslice.fullname" . }}-mysql-secrets + name: {{ include "openslice.secrets.mysql" . }} key: root-password resources: {{- toYaml .Values.resources | nindent 12 }} @@ -88,16 +88,16 @@ spec: defaultMode: 0755 - name: mysql-secrets secret: - secretName: {{ include "openslice.fullname" . }}-mysql-secrets + secretName: {{ include "openslice.secrets.mysql" . }} - name: mysql-portal-secrets secret: - secretName: {{ include "openslice.fullname" . }}-mysql-portal-secrets + secretName: {{ include "openslice.secrets.portal.mysql" . }} - name: mysql-keycloak-secrets secret: - secretName: {{ include "openslice.fullname" . }}-mysql-keycloak-secrets + secretName: {{ include "openslice.secrets.keycloak.mysql" . }} - name: mysql-metrico-secrets secret: - secretName: {{ include "openslice.fullname" . }}-mysql-metrico-secrets + secretName: {{ include "openslice.secrets.metrico.mysql" . }} --- apiVersion: v1 kind: Service diff --git a/kubernetes/helm/openslice/templates/oasapi.yaml b/kubernetes/helm/openslice/templates/oasapi.yaml index 3cb458cac33d1dbee28a4b543fde5f44e9f538dc..fa143dcbf21b4f17fe1126c64c5e2fd2231b898d 100644 --- a/kubernetes/helm/openslice/templates/oasapi.yaml +++ b/kubernetes/helm/openslice/templates/oasapi.yaml @@ -85,10 +85,10 @@ spec: volumes: - name: artemis-secrets secret: - secretName: {{ include "openslice.fullname" . }}-artemis-secret + secretName: {{ include "openslice.secrets.activemq" . }} - name: mysql-portal-secrets secret: - secretName: {{ include "openslice.fullname" . }}-mysql-portal-secrets + secretName: {{ include "openslice.secrets.portal.mysql" . }} --- apiVersion: v1 kind: Service diff --git a/kubernetes/helm/openslice/templates/osom.yaml b/kubernetes/helm/openslice/templates/osom.yaml index f5a1617a404a015187537d6a61a738aa81bf1cda..31a8ab95c6eba40903add06dbadd8b37a23b94f7 100644 --- a/kubernetes/helm/openslice/templates/osom.yaml +++ b/kubernetes/helm/openslice/templates/osom.yaml @@ -54,7 +54,7 @@ spec: volumes: - name: artemis-secrets secret: - secretName: {{ include "openslice.fullname" . }}-artemis-secret + secretName: {{ include "openslice.secrets.activemq" . }} --- apiVersion: v1 kind: Service diff --git a/kubernetes/helm/openslice/templates/osportalapi.yaml b/kubernetes/helm/openslice/templates/osportalapi.yaml index afe161aae0fac33362f72314b1b8fdd97a3bc2c6..5f7736446bf9dc0701f857b2654ab594ad9b921b 100644 --- a/kubernetes/helm/openslice/templates/osportalapi.yaml +++ b/kubernetes/helm/openslice/templates/osportalapi.yaml @@ -88,10 +88,10 @@ spec: claimName: {{ include "openslice.fullname" . }}-osportalapi-claim0 - name: artemis-secrets secret: - secretName: {{ include "openslice.fullname" . }}-artemis-secret + secretName: {{ include "openslice.secrets.activemq" . }} - name: mysql-portal-secrets secret: - secretName: {{ include "openslice.fullname" . }}-mysql-portal-secrets + secretName: {{ include "openslice.secrets.portal.mysql" . }} --- apiVersion: v1 kind: Service diff --git a/kubernetes/helm/openslice/templates/osscapi.yaml b/kubernetes/helm/openslice/templates/osscapi.yaml index 2b3be8e352df7a548bcd16c0ce41882e5c9beb07..e2923354869ad7b972806b2170a703bcdae71db5 100644 --- a/kubernetes/helm/openslice/templates/osscapi.yaml +++ b/kubernetes/helm/openslice/templates/osscapi.yaml @@ -92,10 +92,10 @@ spec: claimName: {{ include "openslice.fullname" . }}-osscapi-claim0 - name: artemis-secrets secret: - secretName: {{ include "openslice.fullname" . }}-artemis-secret + secretName: {{ include "openslice.secrets.activemq" . }} - name: mysql-portal-secrets secret: - secretName: {{ include "openslice.fullname" . }}-mysql-portal-secrets + secretName: {{ include "openslice.secrets.portal.mysql" . }} --- apiVersion: v1 kind: Service diff --git a/kubernetes/helm/openslice/values.yaml b/kubernetes/helm/openslice/values.yaml index 405de62d64e47655f39f9f06c6fd4731a939c0dc..546672a524a5228c6e88c34dd16a5f33578893cc 100644 --- a/kubernetes/helm/openslice/values.yaml +++ b/kubernetes/helm/openslice/values.yaml @@ -99,22 +99,64 @@ rooturl: ~ # This is the ingress LB IP or domain - ex. http://openslice.com:port oscreds: activemq: + # The name of an existing secret to use for the activemq broker. + # + # The secret requires the following keys: + # - `username` the broker user + # - `password` the broker password + existingSecret: "" + user: artemis password: artemis mysql: - username: root + # The name of an existing secret to use for the mysql root user. + # + # The secret requires the following keys: + # - `root-password` containing the mysql root password. + existingSecret: "" + password: letmein - openslicedb: osdb - keycloak: + + keycloak: + # The name of an existing secret to use for the mysql keycloak user. + # + # The secret requires the following keys: + # - `username` the database user + # - `password` the database user's password + # - `database` the database to use for keycloak + existingMySQLSecret: "" + + # The name of an existing secret to use for keycloak. + # + # The secret requires the following keys: + # - `admin-password` the adminstrator password for keycloak + existingSecret: "" + database: keycloak username: keycloak password: password adminpassword: Pa55w0rd portal: + # The name of an existing secret to use for the mysql portal user. + # + # The secret requires the following keys: + # - `username` the database user + # - `password` the database user's password + # - `database` the database to use for the portal + existingSecret: "" + database: osdb username: portaluser password: "12345" metrico: + # The name of an existing secret to use for the mysql metrico user. + # + # The secret requires the following keys: + # - `username` the database user + # - `password` the database user's password + # - `database` the database to use for metrico + existingSecret: "" + database: metricodb username: metricouser password: "12345"