From 70db399ecd58ca6f0b0a4579986c295600c7a9e4 Mon Sep 17 00:00:00 2001 From: Scott Rigby Date: Wed, 21 Nov 2018 23:12:28 -0500 Subject: [PATCH] Add option to set MongoDB URL string in a secret Simplify the conditional logic with "mongodb.url" helper definition. Also remove HTTP_PROXY AND HTTPS_PROXY ENV vars outside the mongodb.enabled conditional wrapper - I believe that was an unintentional result of two PRs merging cleanly in close proximity: - https://github.com/helm/monocular/pull/547 - https://github.com/helm/monocular/pull/554 Signed-off-by: Scott Rigby --- chart/monocular/README.md | 1 + chart/monocular/templates/NOTES.txt | 6 +++++ chart/monocular/templates/_helpers.tpl | 27 +++++++++++++++---- .../templates/chartsvc-deployment.yaml | 14 +++++++--- chart/monocular/values.yaml | 5 ++++ 5 files changed, 44 insertions(+), 9 deletions(-) diff --git a/chart/monocular/README.md b/chart/monocular/README.md index d3ca7b2fc..b6e622c07 100644 --- a/chart/monocular/README.md +++ b/chart/monocular/README.md @@ -108,3 +108,4 @@ $ helm install monocular/monocular -f custom-domains.yaml | `ingress.annotations` | Ingress annotations | `{ingress.kubernetes.io/rewrite-target: /, kubernetes.io/ingress.class: nginx}` | | `ingress.tls` | TLS configuration for the Ingress object | `nil` | | `global.mongoUrl` | External MongoDB connection URL | `nil` | +| `global.mongoUrlSecret` | External MongoDB connection URL secret | `nil` | diff --git a/chart/monocular/templates/NOTES.txt b/chart/monocular/templates/NOTES.txt index 8686e4b73..58c6b3121 100644 --- a/chart/monocular/templates/NOTES.txt +++ b/chart/monocular/templates/NOTES.txt @@ -9,3 +9,9 @@ Point your Ingress hosts to the address from the output of the above command: {{ end -}} Visit https://github.com/helm/monocular for more information. + +{{- if .Values.global.mongoUrlSecret }} +If you have not already created the external MongoDB connection URL secret: + + kubectl create secret generic {{ .Values.global.mongoUrlSecret }} --namespace {{ .Release.Namespace }} --from-file=./mongo-url-secret +{{- end }} diff --git a/chart/monocular/templates/_helpers.tpl b/chart/monocular/templates/_helpers.tpl index 40664695a..a6b86488f 100644 --- a/chart/monocular/templates/_helpers.tpl +++ b/chart/monocular/templates/_helpers.tpl @@ -30,6 +30,18 @@ Render image reference {{ .registry }}/{{ .repository }}:{{ .tag }} {{- end -}} +{{/* +MongoDB URL argument. +*/}} +{{- define "mongodb.url" -}} +{{- if $global.Values.mongodb.enabled }} +{{ template "mongodb.fullname" $global }} +{{- else if $global.Values.global.mongoUrlSecret }} +{{ "$MONGO_URL" }} +{{- else if $global.Values.global.mongoUrl }} +{{ $global.Values.global.mongoUrl }} +{{- end -}} + {{/* Sync job pod template */}} @@ -49,28 +61,33 @@ spec: args: - sync - --user-agent-comment=monocular/{{ $global.Chart.AppVersion }} - {{- if and $global.Values.global.mongoUrl (not $global.Values.mongodb.enabled) }} - - --mongo-url={{ $global.Values.global.mongoUrl }} - {{- else }} - - --mongo-url={{ template "mongodb.fullname" $global }} + - --mongo-url={{ template "mongodb.url" $global }} + {{- if $global.Values.mongodb.enabled }} - --mongo-user=root {{- end }} - {{ $repo.name }} - {{ $repo.url }} command: - /chart-repo - {{- if $global.Values.mongodb.enabled }} env: - name: HTTP_PROXY value: {{ $global.Values.sync.httpProxy }} - name: HTTPS_PROXY value: {{ $global.Values.sync.httpsProxy }} + {{- if $global.Values.mongodb.enabled }} - name: MONGO_PASSWORD valueFrom: secretKeyRef: key: mongodb-root-password name: {{ template "mongodb.fullname" $global }} {{- end }} + {{- if $global.Values.global.mongoUrlSecret }} + - name: MONGO_URL + valueFrom: + secretKeyRef: + name: {{ $global.Values.global.mongoUrlSecret }} + key: mongo-url-secret + {{- end }} resources: {{ toYaml $global.Values.sync.resources | indent 6 }} {{- with $global.Values.sync.nodeSelector }} diff --git a/chart/monocular/templates/chartsvc-deployment.yaml b/chart/monocular/templates/chartsvc-deployment.yaml index 4419cf950..f4104eabf 100644 --- a/chart/monocular/templates/chartsvc-deployment.yaml +++ b/chart/monocular/templates/chartsvc-deployment.yaml @@ -25,11 +25,9 @@ spec: command: - /chartsvc args: - {{- if and .Values.global.mongoUrl (not .Values.mongodb.enabled) }} - - --mongo-url={{ .Values.global.mongoUrl }} - {{- else }} + - --mongo-url={{ template "mongodb.url" . }} + {{- if .Values.mongodb.enabled }} - --mongo-user=root - - --mongo-url={{ template "mongodb.fullname" . }} env: - name: MONGO_PASSWORD valueFrom: @@ -37,6 +35,14 @@ spec: name: {{ template "mongodb.fullname" . }} key: mongodb-root-password {{- end }} + {{- if .Values.global.mongoUrlSecret }} + env: + - name: MONGO_URL + valueFrom: + secretKeyRef: + name: {{ .Values.global.mongoUrlSecret }} + key: mongo-url-secret + {{- end }} ports: - name: http containerPort: {{ .Values.chartsvc.service.port }} diff --git a/chart/monocular/values.yaml b/chart/monocular/values.yaml index dee102192..1bf090ed7 100644 --- a/chart/monocular/values.yaml +++ b/chart/monocular/values.yaml @@ -148,5 +148,10 @@ mongodb: # This must be set if mongodb.enabled is set to false, following the pattern: # `mongodb://${MONGODB_USER}:${MONGODB_ROOT_PASSWORD}@${MONGODB_DNS}:${MONGODB_PORT}/${MONGODB_DATABASE}` # ref: https://docs.mongodb.com/manual/reference/connection-string/ +# You may set the connection URL in one of two ways: +# - mongoUrl: store the connection string directly in Helm values +# - mongoUrlSecret: name of the secret where the connection string is stored, +# where the key is "mongo-url-secret". See NOTES.txt. global: mongoUrl: + mongoUrlSecret: