From b386878f00a0a37e12747f7a0bac3bbdbc2e81e7 Mon Sep 17 00:00:00 2001 From: Christian Anton Date: Mon, 13 Jun 2022 00:09:51 +0200 Subject: [PATCH] put the setting db access env vars into template --- templates/_helpers.tpl | 84 +++++++++++++++++ templates/cronjob-hanodes-autoclean.yaml | 57 +----------- templates/deployment-zabbix-server.yaml | 114 +---------------------- templates/deployment-zabbix-web.yaml | 57 +----------- templates/job-init-db-schema.yaml | 57 +----------- templates/statefulset-postgresql.yaml | 32 +------ 6 files changed, 90 insertions(+), 311 deletions(-) diff --git a/templates/_helpers.tpl b/templates/_helpers.tpl index da32021..5dc4c3f 100644 --- a/templates/_helpers.tpl +++ b/templates/_helpers.tpl @@ -88,3 +88,87 @@ Return if ingress supports pathType. {{- define "zabbix.ingress.supportsPathType" -}} {{- or (eq (include "zabbix.ingress.isStable" .) "true") (and (eq (include "zabbix.ingress.apiVersion" .) "networking.k8s.io/v1beta1")) -}} {{- end -}} + +{{/* +Define env var names + +*/}} + + +{{/* +Return the entire logic of setting DB access related env vars for the containers which need them +*/}} +{{- define "zabbix.db_access.env_vars" -}} +{{- $ := index . 0 }} +{{- $cntxt := index . 2 }} +{{- $hostvar := "DB_SERVER_HOST" }} +{{- $portvar := "DB_SERVER_PORT" }} +{{- $uservar := "POSTGRES_USER" }} +{{- $passwordvar := "POSTGRES_PASSWORD" }} +{{- $dbvar := "POSTGRES_DB" }} +{{- if eq $cntxt "database" }} +{{- $hostvar = "PGHOST" }} +{{- $portvar = "PGPORT" }} +{{- $uservar = "PGUSER" }} +{{- $passwordvar = "PGPASSWORD" }} +{{- $dbvar = "PGDATABASE" }} +{{- end }} +{{- with index . 1 }} +{{- if .Values.postgresql.enabled }} +- name: {{ $hostvar }} + value: {{ template "zabbix.fullname" . }}-postgresql +- name: {{ $portvar }} + value: {{ .Values.postgresql.service.port | quote }} +{{- else if .Values.db_access.use_unified_secret }} +- name: {{ $hostvar }} + valueFrom: + secretKeyRef: + name: {{ .Values.db_access.unified_secret_name }} + key: host +- name: {{ $portvar }} + valueFrom: + secretKeyRef: + name: {{ .Values.db_access.unified_secret_name }} + key: port + optional: true +{{- else }} +- name: {{ $hostvar }} + value: {{ .Values.db_access.db_server_host | quote }} +- name: {{ $portvar }} + value: {{ .Values.db_access.db_server_port | quote }} +{{- end }} +{{- if .Values.db_access.use_unified_secret }} +- name: {{ $uservar }} + valueFrom: + secretKeyRef: + name: {{ .Values.db_access.unified_secret_name }} + key: user + optional: true +- name: {{ $passwordvar }} + valueFrom: + secretKeyRef: + name: {{ .Values.db_access.unified_secret_name }} + key: password +- name: {{ $dbvar }} + valueFrom: + secretKeyRef: + name: {{ .Values.db_access.unified_secret_name }} + key: dbname + optional: true +{{- else }} +- name: {{ $uservar }} + value: {{ .Values.db_access.postgres_user | quote }} +- name: {{ $passwordvar }} + {{- if .Values.db_access.postgres_password_secret }} + valueFrom: + secretKeyRef: + name: {{ .Values.db_access.postgres_password_secret }} + key: {{ default "password" .Values.db_access.postgres_password_secret_key }} + {{- else }} + value: {{ .Values.db_access.postgres_password | quote }} + {{- end }} +- name: {{ $dbvar }} + value: {{ .Values.db_access.postgres_db | quote }} +{{- end }} +{{- end }} +{{- end -}} diff --git a/templates/cronjob-hanodes-autoclean.yaml b/templates/cronjob-hanodes-autoclean.yaml index 9e43f46..0827e7f 100644 --- a/templates/cronjob-hanodes-autoclean.yaml +++ b/templates/cronjob-hanodes-autoclean.yaml @@ -24,62 +24,7 @@ spec: - -c - echo "deleting all stopped and unavailable HANodes older than {{ .Values.zabbixserver.ha_nodes_autoclean.delete_older_than_seconds }} seconds..." && psql -c "delete from ha_node where status in (1,2) and extract(epoch from now())-lastaccess>{{ .Values.zabbixserver.ha_nodes_autoclean.delete_older_than_seconds }}" env: - {{- if .Values.postgresql.enabled }} - - name: PGHOST - value: {{ template "zabbix.fullname" . }}-postgresql - - name: PGPORT - value: {{ .Values.postgresql.service.port | quote }} - {{- else if .Values.db_access.use_unified_secret }} - - name: PGHOST - valueFrom: - secretKeyRef: - name: {{ .Values.db_access.unified_secret_name }} - key: host - - name: PGPORT - valueFrom: - secretKeyRef: - name: {{ .Values.db_access.unified_secret_name }} - key: port - optional: true - {{- else }} - - name: PGHOST - value: {{ .Values.db_access.db_server_host | quote }} - - name: PGPORT - value: {{ .Values.db_access.db_server_port | quote }} - {{- end }} - {{- if .Values.db_access.use_unified_secret }} - - name: PGUSER - valueFrom: - secretKeyRef: - name: {{ .Values.db_access.unified_secret_name }} - key: user - optional: true - - name: PGPASSWORD - valueFrom: - secretKeyRef: - name: {{ .Values.db_access.unified_secret_name }} - key: password - - name: PGDATABASE - valueFrom: - secretKeyRef: - name: {{ .Values.db_access.unified_secret_name }} - key: dbname - optional: true - {{- else }} - - name: PGUSER - value: {{ .Values.db_access.postgres_user | quote }} - - name: PGPASSWORD - {{- if .Values.db_access.postgres_password_secret }} - valueFrom: - secretKeyRef: - name: {{ .Values.db_access.postgres_password_secret }} - key: {{ default "password" .Values.db_access.postgres_password_secret_key }} - {{- else }} - value: {{ .Values.db_access.postgres_password | quote }} - {{- end }} - - name: PGDATABASE - value: {{ .Values.db_access.postgres_db | quote }} - {{- end }} + {{- include "zabbix.db_access.env_vars" (list $ . "database") | nindent 12 }} imagePullSecrets: {{- range .Values.zabbixserver.image.pullSecrets }} - name: {{ . | quote }} diff --git a/templates/deployment-zabbix-server.yaml b/templates/deployment-zabbix-server.yaml index 2edd62d..693dad4 100644 --- a/templates/deployment-zabbix-server.yaml +++ b/templates/deployment-zabbix-server.yaml @@ -51,62 +51,7 @@ spec: - name: init-wait-for-database-schema image: "{{ .Values.zabbixserver.image.repository }}:{{ .Values.zabbix_image_tag }}" env: - {{- if .Values.postgresql.enabled }} - - name: DB_SERVER_HOST - value: {{ template "zabbix.fullname" . }}-postgresql - - name: DB_SERVER_PORT - value: {{ .Values.postgresql.service.port | quote }} - {{- else if .Values.db_access.use_unified_secret }} - - name: DB_SERVER_HOST - valueFrom: - secretKeyRef: - name: {{ .Values.db_access.unified_secret_name }} - key: host - - name: DB_SERVER_PORT - valueFrom: - secretKeyRef: - name: {{ .Values.db_access.unified_secret_name }} - key: port - optional: true - {{- else }} - - name: DB_SERVER_HOST - value: {{ .Values.db_access.db_server_host | quote }} - - name: DB_SERVER_PORT - value: {{ .Values.db_access.db_server_port | quote }} - {{- end }} - {{- if .Values.db_access.use_unified_secret }} - - name: POSTGRES_USER - valueFrom: - secretKeyRef: - name: {{ .Values.db_access.unified_secret_name }} - key: user - optional: true - - name: POSTGRES_PASSWORD - valueFrom: - secretKeyRef: - name: {{ .Values.db_access.unified_secret_name }} - key: password - - name: POSTGRES_DB - valueFrom: - secretKeyRef: - name: {{ .Values.db_access.unified_secret_name }} - key: dbname - optional: true - {{- else }} - - name: POSTGRES_USER - value: {{ .Values.db_access.postgres_user | quote }} - - name: POSTGRES_PASSWORD - {{- if .Values.db_access.postgres_password_secret }} - valueFrom: - secretKeyRef: - name: {{ .Values.db_access.postgres_password_secret }} - key: {{ default "password" .Values.db_access.postgres_password_secret_key }} - {{- else }} - value: {{ .Values.db_access.postgres_password | quote }} - {{- end }} - - name: POSTGRES_DB - value: {{ .Values.db_access.postgres_db | quote }} - {{- end }} + {{- include "zabbix.db_access.env_vars" (list $ . "zabbix") | nindent 12 }} command: - "/bin/bash" - "/script/wait_db_schema.sh" @@ -137,62 +82,7 @@ spec: hostIP: {{ .Values.zabbixserver.hostIP }} {{- end}} env: - {{- if .Values.postgresql.enabled }} - - name: DB_SERVER_HOST - value: {{ template "zabbix.fullname" . }}-postgresql - - name: DB_SERVER_PORT - value: {{ .Values.postgresql.service.port | quote }} - {{- else if .Values.db_access.use_unified_secret }} - - name: DB_SERVER_HOST - valueFrom: - secretKeyRef: - name: {{ .Values.db_access.unified_secret_name }} - key: host - - name: DB_SERVER_PORT - valueFrom: - secretKeyRef: - name: {{ .Values.db_access.unified_secret_name }} - key: port - optional: true - {{- else }} - - name: DB_SERVER_HOST - value: {{ .Values.db_access.db_server_host | quote }} - - name: DB_SERVER_PORT - value: {{ .Values.db_access.db_server_port | quote }} - {{- end }} - {{- if .Values.db_access.use_unified_secret }} - - name: POSTGRES_USER - valueFrom: - secretKeyRef: - name: {{ .Values.db_access.unified_secret_name }} - key: user - optional: true - - name: POSTGRES_PASSWORD - valueFrom: - secretKeyRef: - name: {{ .Values.db_access.unified_secret_name }} - key: password - - name: POSTGRES_DB - valueFrom: - secretKeyRef: - name: {{ .Values.db_access.unified_secret_name }} - key: dbname - optional: true - {{- else }} - - name: POSTGRES_USER - value: {{ .Values.db_access.postgres_user | quote }} - - name: POSTGRES_PASSWORD - {{- if .Values.db_access.postgres_password_secret }} - valueFrom: - secretKeyRef: - name: {{ .Values.db_access.postgres_password_secret }} - key: {{ default "password" .Values.db_access.postgres_password_secret_key }} - {{- else }} - value: {{ .Values.db_access.postgres_password | quote }} - {{- end }} - - name: POSTGRES_DB - value: {{ .Values.db_access.postgres_db | quote }} - {{- end }} + {{- include "zabbix.db_access.env_vars" (list $ . "zabbix") | nindent 12 }} {{- range $item := .Values.zabbixserver.extraEnv }} - name: {{ $item.name }} value: {{ $item.value | quote }} diff --git a/templates/deployment-zabbix-web.yaml b/templates/deployment-zabbix-web.yaml index 834a0c4..bfe245e 100644 --- a/templates/deployment-zabbix-web.yaml +++ b/templates/deployment-zabbix-web.yaml @@ -54,62 +54,7 @@ spec: image: "{{ .Values.zabbixweb.image.repository }}:{{ .Values.zabbix_image_tag }}" imagePullPolicy: {{ .Values.zabbixweb.image.pullPolicy }} env: - {{- if .Values.postgresql.enabled }} - - name: DB_SERVER_HOST - value: {{ template "zabbix.fullname" . }}-postgresql - - name: DB_SERVER_PORT - value: {{ .Values.postgresql.service.port | quote }} - {{- else if .Values.db_access.use_unified_secret }} - - name: DB_SERVER_HOST - valueFrom: - secretKeyRef: - name: {{ .Values.db_access.unified_secret_name }} - key: host - - name: DB_SERVER_PORT - valueFrom: - secretKeyRef: - name: {{ .Values.db_access.unified_secret_name }} - key: port - optional: true - {{- else }} - - name: DB_SERVER_HOST - value: {{ .Values.db_access.db_server_host | quote }} - - name: DB_SERVER_PORT - value: {{ .Values.db_access.db_server_port | quote }} - {{- end }} - {{- if .Values.db_access.use_unified_secret }} - - name: POSTGRES_USER - valueFrom: - secretKeyRef: - name: {{ .Values.db_access.unified_secret_name }} - key: user - optional: true - - name: POSTGRES_PASSWORD - valueFrom: - secretKeyRef: - name: {{ .Values.db_access.unified_secret_name }} - key: password - - name: POSTGRES_DB - valueFrom: - secretKeyRef: - name: {{ .Values.db_access.unified_secret_name }} - key: dbname - optional: true - {{- else }} - - name: POSTGRES_USER - value: {{ .Values.db_access.postgres_user | quote }} - - name: POSTGRES_PASSWORD - {{- if .Values.db_access.postgres_password_secret }} - valueFrom: - secretKeyRef: - name: {{ .Values.db_access.postgres_password_secret }} - key: {{ default "password" .Values.db_access.postgres_password_secret_key }} - {{- else }} - value: {{ .Values.db_access.postgres_password | quote }} - {{- end }} - - name: POSTGRES_DB - value: {{ .Values.db_access.postgres_db | quote }} - {{- end }} + {{- include "zabbix.db_access.env_vars" (list $ . "zabbix") | nindent 10 }} {{- range $item := .Values.zabbixweb.extraEnv }} - name: {{ $item.name }} value: {{ $item.value | quote }} diff --git a/templates/job-init-db-schema.yaml b/templates/job-init-db-schema.yaml index 38a7d20..b57bbcf 100644 --- a/templates/job-init-db-schema.yaml +++ b/templates/job-init-db-schema.yaml @@ -16,62 +16,7 @@ spec: - name: init-db-schema image: {{ .Values.zabbixserver.image.repository }}:{{ .Values.zabbix_image_tag }} env: - {{- if .Values.postgresql.enabled }} - - name: DB_SERVER_HOST - value: {{ template "zabbix.fullname" . }}-postgresql - - name: DB_SERVER_PORT - value: {{ .Values.postgresql.service.port | quote }} - {{- else if .Values.db_access.use_unified_secret }} - - name: DB_SERVER_HOST - valueFrom: - secretKeyRef: - name: {{ .Values.db_access.unified_secret_name }} - key: host - - name: DB_SERVER_PORT - valueFrom: - secretKeyRef: - name: {{ .Values.db_access.unified_secret_name }} - key: port - optional: true - {{- else }} - - name: DB_SERVER_HOST - value: {{ .Values.db_access.db_server_host | quote }} - - name: DB_SERVER_PORT - value: {{ .Values.db_access.db_server_port | quote }} - {{- end }} - {{- if .Values.db_access.use_unified_secret }} - - name: POSTGRES_USER - valueFrom: - secretKeyRef: - name: {{ .Values.db_access.unified_secret_name }} - key: user - optional: true - - name: POSTGRES_PASSWORD - valueFrom: - secretKeyRef: - name: {{ .Values.db_access.unified_secret_name }} - key: password - - name: POSTGRES_DB - valueFrom: - secretKeyRef: - name: {{ .Values.db_access.unified_secret_name }} - key: dbname - optional: true - {{- else }} - - name: POSTGRES_USER - value: {{ .Values.db_access.postgres_user | quote }} - - name: POSTGRES_PASSWORD - {{- if .Values.db_access.postgres_password_secret }} - valueFrom: - secretKeyRef: - name: {{ .Values.db_access.postgres_password_secret }} - key: {{ default "password" .Values.db_access.postgres_password_secret_key }} - {{- else }} - value: {{ .Values.db_access.postgres_password | quote }} - {{- end }} - - name: POSTGRES_DB - value: {{ .Values.db_access.postgres_db | quote }} - {{- end }} + {{- include "zabbix.db_access.env_vars" (list $ . "zabbix") | nindent 10 }} command: - "/bin/sh" - "-c" diff --git a/templates/statefulset-postgresql.yaml b/templates/statefulset-postgresql.yaml index 2cbb447..ccc1418 100644 --- a/templates/statefulset-postgresql.yaml +++ b/templates/statefulset-postgresql.yaml @@ -67,37 +67,7 @@ spec: imagePullPolicy: {{ .Values.postgresql.image.pullPolicy }} args: ["-c", "max_connections={{ .Values.postgresql.max_connections }}"] env: - {{- if .Values.db_access.use_unified_secret }} - - name: POSTGRES_USER - valueFrom: - secretKeyRef: - name: {{ .Values.db_access.unified_secret_name }} - key: user - - name: POSTGRES_PASSWORD - valueFrom: - secretKeyRef: - name: {{ .Values.db_access.unified_secret_name }} - key: password - - name: POSTGRES_DB - valueFrom: - secretKeyRef: - name: {{ .Values.db_access.unified_secret_name }} - key: dbname - {{- else }} - - name: POSTGRES_USER - value: {{ .Values.db_access.postgres_user | quote }} - - name: POSTGRES_PASSWORD - {{- if .Values.db_access.postgres_password_secret }} - valueFrom: - secretKeyRef: - name: {{ .Values.db_access.postgres_password_secret }} - key: {{ default "password" .Values.db_access.postgres_password_secret_key }} - {{- else }} - value: {{ .Values.db_access.postgres_password | quote }} - {{- end }} - - name: POSTGRES_DB - value: {{ .Values.db_access.postgres_db | quote }} - {{- end }} + {{- include "zabbix.db_access.env_vars" (list $ . "database") | nindent 12 }} - name: PGDATA value: /var/lib/postgresql/data/pgdata {{- range $item := .Values.zabbixproxy.extraEnv }}