From edcbe8726b9a23cd376b4cab8cbbeae0ad04e18d Mon Sep 17 00:00:00 2001 From: Marijus Date: Wed, 9 Jul 2025 20:37:51 +0200 Subject: [PATCH 01/10] Generate db secret --- helm/pharos/templates/secret-postgres.yaml | 23 ++++++++++++++++++++++ helm/pharos/values.yaml | 2 ++ 2 files changed, 25 insertions(+) create mode 100644 helm/pharos/templates/secret-postgres.yaml diff --git a/helm/pharos/templates/secret-postgres.yaml b/helm/pharos/templates/secret-postgres.yaml new file mode 100644 index 00000000..d1cca032 --- /dev/null +++ b/helm/pharos/templates/secret-postgres.yaml @@ -0,0 +1,23 @@ +{{- if and .Values.postgresql.enabled .Values.postgresql.auth.generateSecret }} +apiVersion: v1 +kind: Secret +metadata: + name: {{ .Values.postgresql.auth.existingSecret }} + labels: + {{- include "pharos.labels" . | nindent 4 }} +type: Opaque +data: + {{- $postgresPassword := randAlphaNum 16 }} + {{- $postgresUsername := "pharos" }} + {{- $postgresPort := "5432" }} + {{- $postgresEndpoint := printf "%s-postgres.%s.svc.cluster.local" .Release.Name .Release.Namespace }} + {{- $postgresDSN := printf "postgres://%s:%s@%s:%s/%s?sslmode=disable" $postgresUsername $postgresPassword $postgresEndpoint $postgresPort $postgresUsername }} + + # Store the generated values + postgres-password: {{ $postgresPassword | b64enc }} + password: {{ $postgresPassword | b64enc }} + username: {{ $postgresUsername | b64enc }} + port: {{ $postgresPort | b64enc }} + endpoint: {{ $postgresEndpoint | b64enc }} + dsn: {{ $postgresDSN | b64enc }} +{{- end }} diff --git a/helm/pharos/values.yaml b/helm/pharos/values.yaml index 990331d8..a3102901 100644 --- a/helm/pharos/values.yaml +++ b/helm/pharos/values.yaml @@ -55,6 +55,8 @@ postgres: enabled: true # -- PostgreSQL authentication auth: + # -- Generate a secret for PostgreSQL connection + generateSecret: true # -- Use an existing secret for PostgreSQL connection existingSecret: "postgres-connection" primary: From 7760e04f6b7e9175b02f65943109e95d6a2fcef6 Mon Sep 17 00:00:00 2001 From: Marijus Date: Wed, 9 Jul 2025 20:43:46 +0200 Subject: [PATCH 02/10] Generate helm --- .github/workflows/build.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index ae942ed6..5a4e928d 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -3,7 +3,7 @@ on: push: branches: - main - - PH-52/* + - 85-* - PH-47/* - PH-54/* - PH-79/* From fbd1cc85f954ffa1670add2d672c9afe35af6a76 Mon Sep 17 00:00:00 2001 From: Marijus Date: Wed, 9 Jul 2025 20:46:20 +0200 Subject: [PATCH 03/10] Set generate false --- helm/pharos/values.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/helm/pharos/values.yaml b/helm/pharos/values.yaml index a3102901..8b3704f9 100644 --- a/helm/pharos/values.yaml +++ b/helm/pharos/values.yaml @@ -56,7 +56,7 @@ postgres: # -- PostgreSQL authentication auth: # -- Generate a secret for PostgreSQL connection - generateSecret: true + generateSecret: false # -- Use an existing secret for PostgreSQL connection existingSecret: "postgres-connection" primary: From e8ef6975e77da940d2a336a1fe1c1572bb5819ee Mon Sep 17 00:00:00 2001 From: Marijus Date: Thu, 10 Jul 2025 12:31:31 +0200 Subject: [PATCH 04/10] Try bitnami password update --- helm/pharos/values.yaml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/helm/pharos/values.yaml b/helm/pharos/values.yaml index 8b3704f9..72f515cc 100644 --- a/helm/pharos/values.yaml +++ b/helm/pharos/values.yaml @@ -54,6 +54,10 @@ postgres: # -- Enable PostgreSQL deployment enabled: true # -- PostgreSQL authentication + + passwordUpdateJob: + enabled: true + auth: # -- Generate a secret for PostgreSQL connection generateSecret: false From ae93685954ec8e91f213d9b6cf22beadd100227d Mon Sep 17 00:00:00 2001 From: Marijus Date: Thu, 10 Jul 2025 12:41:39 +0200 Subject: [PATCH 05/10] Remove wrong path --- helm/pharos/templates/secret-postgres.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/helm/pharos/templates/secret-postgres.yaml b/helm/pharos/templates/secret-postgres.yaml index d1cca032..f5d101ed 100644 --- a/helm/pharos/templates/secret-postgres.yaml +++ b/helm/pharos/templates/secret-postgres.yaml @@ -1,8 +1,8 @@ -{{- if and .Values.postgresql.enabled .Values.postgresql.auth.generateSecret }} +{{- if .Values.auth.generateSecret }} apiVersion: v1 kind: Secret metadata: - name: {{ .Values.postgresql.auth.existingSecret }} + name: {{ .Values.auth.existingSecret }} labels: {{- include "pharos.labels" . | nindent 4 }} type: Opaque From 0002f3b3a9ca6fac21d25d7d0049274d300d081e Mon Sep 17 00:00:00 2001 From: Marijus Date: Thu, 10 Jul 2025 13:03:27 +0200 Subject: [PATCH 06/10] Use lookup --- helm/pharos/templates/secret-postgres.yaml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/helm/pharos/templates/secret-postgres.yaml b/helm/pharos/templates/secret-postgres.yaml index f5d101ed..7c5423c7 100644 --- a/helm/pharos/templates/secret-postgres.yaml +++ b/helm/pharos/templates/secret-postgres.yaml @@ -1,12 +1,13 @@ -{{- if .Values.auth.generateSecret }} +{{- if .Values.postgres.auth.generateSecret }} apiVersion: v1 kind: Secret metadata: - name: {{ .Values.auth.existingSecret }} + name: {{ .Values.postgres.auth.existingSecret }} labels: {{- include "pharos.labels" . | nindent 4 }} type: Opaque data: + {{- $secret := (lookup "v1" "Secret" .Release.Namespace .Values.postgres.auth.existingSecret) -}} {{- $postgresPassword := randAlphaNum 16 }} {{- $postgresUsername := "pharos" }} {{- $postgresPort := "5432" }} From 4dd5246dfad66c87168edf9ff8441f8b473b3de8 Mon Sep 17 00:00:00 2001 From: Marijus Date: Thu, 10 Jul 2025 13:10:34 +0200 Subject: [PATCH 07/10] Generate secret --- helm/pharos/values.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/helm/pharos/values.yaml b/helm/pharos/values.yaml index 72f515cc..49e729d6 100644 --- a/helm/pharos/values.yaml +++ b/helm/pharos/values.yaml @@ -60,7 +60,7 @@ postgres: auth: # -- Generate a secret for PostgreSQL connection - generateSecret: false + generateSecret: true # -- Use an existing secret for PostgreSQL connection existingSecret: "postgres-connection" primary: From 4795bead40649c035b9a86582cb70768a0da2378 Mon Sep 17 00:00:00 2001 From: Marijus Date: Thu, 10 Jul 2025 13:17:27 +0200 Subject: [PATCH 08/10] Save lookup --- helm/pharos/templates/secret-postgres.yaml | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/helm/pharos/templates/secret-postgres.yaml b/helm/pharos/templates/secret-postgres.yaml index 7c5423c7..5477aac2 100644 --- a/helm/pharos/templates/secret-postgres.yaml +++ b/helm/pharos/templates/secret-postgres.yaml @@ -8,7 +8,11 @@ metadata: type: Opaque data: {{- $secret := (lookup "v1" "Secret" .Release.Namespace .Values.postgres.auth.existingSecret) -}} - {{- $postgresPassword := randAlphaNum 16 }} + {{- if $secret }} + {{- $postgresPassword := index $secret.data "password" }} + {{- else }} + {{- $postgresPassword := randAlphaNum 16 }} + {{- end }} {{- $postgresUsername := "pharos" }} {{- $postgresPort := "5432" }} {{- $postgresEndpoint := printf "%s-postgres.%s.svc.cluster.local" .Release.Name .Release.Namespace }} From 9538b7e1e8602ca95769792e0f98fb213b75462f Mon Sep 17 00:00:00 2001 From: Marijus Date: Thu, 10 Jul 2025 15:05:53 +0200 Subject: [PATCH 09/10] Define secret --- helm/pharos/templates/secret-postgres.yaml | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/helm/pharos/templates/secret-postgres.yaml b/helm/pharos/templates/secret-postgres.yaml index 5477aac2..6f32f227 100644 --- a/helm/pharos/templates/secret-postgres.yaml +++ b/helm/pharos/templates/secret-postgres.yaml @@ -1,4 +1,4 @@ -{{- if .Values.postgres.auth.generateSecret }} +{{- if .Values.postgres.auth.generateSecret }} apiVersion: v1 kind: Secret metadata: @@ -7,11 +7,13 @@ metadata: {{- include "pharos.labels" . | nindent 4 }} type: Opaque data: - {{- $secret := (lookup "v1" "Secret" .Release.Namespace .Values.postgres.auth.existingSecret) -}} + {{- /* Define $postgresPassword outside the if/else blocks so it's available throughout the template */ -}} + {{- $postgresPassword := "" }} + {{- $secret := (lookup "v1" "Secret" .Release.Namespace .Values.postgres.auth.existingSecret) }} {{- if $secret }} - {{- $postgresPassword := index $secret.data "password" }} + {{- $postgresPassword = index $secret.data "password" }} {{- else }} - {{- $postgresPassword := randAlphaNum 16 }} + {{- $postgresPassword = randAlphaNum 16 }} {{- end }} {{- $postgresUsername := "pharos" }} {{- $postgresPort := "5432" }} From 07f62005c5b432817dd3c092b6ef81ff1dea7584 Mon Sep 17 00:00:00 2001 From: Marijus Date: Thu, 10 Jul 2025 15:22:07 +0200 Subject: [PATCH 10/10] Redeploy --- helm/pharos/Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/helm/pharos/Chart.yaml b/helm/pharos/Chart.yaml index 5106cb13..a2d7bea7 100644 --- a/helm/pharos/Chart.yaml +++ b/helm/pharos/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: pharos version: 0.0.1 description: Helm chart for pharos -appVersion: 0.0.1-testtesttesttesttesttesttesttesttesttesttesttesttest1234567890 +appVersion: 0.0.1 dependencies: - name: redis alias: redis