[charts] add auth db user

neicnordic · Nov 14, 2024 · d6e7698 · d6e7698
1 parent 1f8e7f2
commit d6e7698
Show file tree

Hide file tree

Showing 3 changed files with 41 additions and 0 deletions.
diff --git a/charts/sda-svc/templates/_helpers.yaml b/charts/sda-svc/templates/_helpers.yaml
@@ -147,6 +147,14 @@ Create chart name and version as used by the chart label.
 {{- ternary .Values.global.broker.password .Values.credentials.api.mqPassword (empty .Values.credentials.api.mqPassword) -}}
 {{- end -}}
 
+{{/**/}}
+{{- define "dbUserAuth" -}}
+{{- ternary .Values.global.db.user .Values.credentials.auth.dbUser (empty .Values.credentials.auth.dbUser) -}}
+{{- end -}}
+{{- define "dbPassDownload" -}}
+{{- ternary .Values.global.db.password .Values.credentials.auth.dbPassword (empty .Values.credentials.auth.dbPassword) -}}
+{{- end -}}
+
 {{/**/}}
 {{- define "dbUserSync" -}}
 {{- ternary .Values.global.db.user .Values.credentials.sync.dbUser (empty .Values.credentials.sync.dbUser) -}}

diff --git a/charts/sda-svc/templates/auth-deploy.yaml b/charts/sda-svc/templates/auth-deploy.yaml
@@ -159,6 +159,37 @@ spec:
         - name: SERVER_KEY
           value: {{ template "tlsPath" . }}/tls.key
         {{- end }}
+    {{- if .Values.global.tls.enabled }}
+        - name: DB_CACERT
+          value: {{ include "tlsPath" . }}/ca.crt
+        {{- if ne "verify-none" .Values.global.db.sslMode }}
+        - name: DB_CLIENTCERT
+          value: {{ include "tlsPath" . }}/tls.crt
+        - name: DB_CLIENTKEY
+          value: {{ include "tlsPath" . }}/tls.key
+        {{- end }}
+        - name: DB_SSLMODE
+          value: {{ .Values.global.db.sslMode | quote }}
+    {{- else }}
+        - name: DB_SSLMODE
+          value: "disable"
+    {{- end }}
+        - name: DB_PASSWORD
+          valueFrom:
+              secretKeyRef:
+                name: {{ template "sda.fullname" . }}-api
+                key: dbPassword
+        - name: DB_USER
+          valueFrom:
+              secretKeyRef:
+                name: {{ template "sda.fullname" . }}-api
+                key: dbUser
+        - name: DB_DATABASE
+          value: {{ default "lega" .Values.global.db.name | quote }}
+        - name: DB_HOST
+          value: {{ required "A valid DB host is required" .Values.global.db.host | quote }}
+        - name: DB_PORT
+          value: {{ .Values.global.db.port | quote }}
         ports:
         - name: auth
           containerPort: 8080

diff --git a/charts/sda-svc/templates/auth-secrets.yaml b/charts/sda-svc/templates/auth-secrets.yaml
@@ -15,6 +15,8 @@ data:
   cegaID: {{ .Values.global.cega.user | quote | trimall "\"" | b64enc }}
   cegaSecret: {{ .Values.global.cega.password | quote | trimall "\"" | b64enc }}
   {{- end }}
+  dbPassword: {{ required "DB password is required" (include "dbPassAuth" .) | b64enc }}
+  dbUser: {{ required "DB user is required" (include "dbUserAuth" .) | b64enc }}
 {{- end }}
 {{- end }}
 {{- end }}