From 439073d98bd6916fb49c6061be14389bcba9de87 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ga=C3=ABtan=20Lehmann?= Date: Thu, 29 Sep 2022 15:12:50 +0200 Subject: [PATCH] allow to provide the users password in an existing secret --- cockroachdb/templates/job.init.yaml | 8 +++++++- cockroachdb/values.yaml | 4 ++++ 2 files changed, 11 insertions(+), 1 deletion(-) diff --git a/cockroachdb/templates/job.init.yaml b/cockroachdb/templates/job.init.yaml index 72ddaf1b..63074750 100644 --- a/cockroachdb/templates/job.init.yaml +++ b/cockroachdb/templates/job.init.yaml @@ -145,7 +145,7 @@ spec: {{- range $user := .Values.init.provisioning.users }} CREATE USER IF NOT EXISTS {{ $user.name }} WITH - {{- if $user.password }} + {{- if or $user.password $user.passwordSecretName }} PASSWORD '${{ $user.name }}_PASSWORD' {{- else }} PASSWORD null @@ -211,6 +211,12 @@ spec: secretKeyRef: name: {{ $secretName }} key: {{ $user.name }}-password + {{- else if $user.passwordSecretName }} + - name: {{ $user.name }}_PASSWORD + valueFrom: + secretKeyRef: + name: {{ $user.passwordSecretName }} + key: {{ $user.passwordSecretKey | default (printf "%s-password" $user.name) }} {{- end }} {{- end }} {{- range $clusterSetting, $clusterSettingValue := .Values.init.provisioning.clusterSettings }} diff --git a/cockroachdb/values.yaml b/cockroachdb/values.yaml index e8e0ff7e..f5716d78 100644 --- a/cockroachdb/values.yaml +++ b/cockroachdb/values.yaml @@ -407,6 +407,10 @@ init: # password: # # https://www.cockroachlabs.com/docs/stable/create-user.html#parameters # options: [LOGIN] + # # existing secret name containing the password. Ignored in password is defined. + # passwordSecretName: + # # password secret key. Defaults to $name-password. Ignored in password is defined. + # passwordSecretKey: databases: [] # - name: # # https://www.cockroachlabs.com/docs/stable/create-database.html#parameters