diff --git a/helm/secrets.yaml b/helm/secrets.yaml new file mode 100644 index 0000000..4112218 --- /dev/null +++ b/helm/secrets.yaml @@ -0,0 +1,4 @@ +secrets: + username: "username" + password: "password1234" + database-url: "postgresql://username:password1234@exam-db/api_prod" diff --git a/helm/templates/_helpers.tpl b/helm/templates/_helpers.tpl index 501fe2a..e7032a9 100644 --- a/helm/templates/_helpers.tpl +++ b/helm/templates/_helpers.tpl @@ -91,4 +91,11 @@ Search already generated TLS secret {{- if $value -}} {{- printf "%s" $value -}} {{- end -}} +{{- end -}} + +{{/* +Get host +*/}} +{{- define "exam.host" -}} +{{- default "kube-exam.local" .Values.tls.host -}} {{- end -}} \ No newline at end of file diff --git a/helm/templates/secrets.yaml b/helm/templates/secrets.yaml index 228e2ba..bcc5f8a 100644 --- a/helm/templates/secrets.yaml +++ b/helm/templates/secrets.yaml @@ -5,16 +5,16 @@ metadata: labels: {{- include "exam.labels" . | nindent 4 }} data: - password: {{ required "secrets.password is required" .Values.secrets.password - | b64enc | quote }} - username: {{ required "secrets.username is required" .Values.secrets.username - | b64enc | quote }} + {{- range $key, $val := .Values.secrets }} + {{- $envKey := $key }} + {{ $envKey }}: {{ required "$envKey" $val | b64enc | quote }} + {{- end }} type: Opaque --- {{- if (include "exam.createTlsSecret" . ) }} {{- $secretName := printf "%s-crt" (include "exam.fullname" .) }} {{- $ca := genCA "ingress-ca" 365 }} -{{- $fullname := "kube-exam.local" }} +{{- $fullname := (include "exam.host" . ) }} {{- $cert := genSignedCert $fullname nil nil 365 $ca }} apiVersion: v1 kind: Secret diff --git a/helm/templates/tests/test-connection.yaml b/helm/templates/tests/test-connection.yaml index c7af556..47cc045 100644 --- a/helm/templates/tests/test-connection.yaml +++ b/helm/templates/tests/test-connection.yaml @@ -8,8 +8,12 @@ metadata: "helm.sh/hook": test spec: containers: - - name: wget + - name: wget-client image: busybox command: ['wget'] - args: ['{{ include "exam.fullname" . }}:5000'] + args: ['http://{{ include "exam.host" . }}'] + - name: wget-api + image: busybox + command: ['wget'] + args: ['http://{{ include "exam.host" $ }}/api/ping'] restartPolicy: Never diff --git a/helm/values.yaml b/helm/values.yaml index 3154066..7f7cd80 100644 --- a/helm/values.yaml +++ b/helm/values.yaml @@ -1,5 +1,6 @@ tls: enabled: true + host: kube.slc.ar ingress: className: "" @@ -8,7 +9,7 @@ ingress: nginx.ingress.kubernetes.io/ssl-redirect: "true" nginx.ingress.kubernetes.io/use-regex: "true" hosts: - - host: kube-exam.local + - host: kube.slc.ar paths: - path: /()(.*) pathType: ImplementationSpecific @@ -21,7 +22,7 @@ ingress: tls: - secretName: exam-crt hosts: - - kube-exam.local + - kube.slc.ar services: - api: @@ -44,8 +45,9 @@ services: type: ClusterIP secrets: - password: "username" - username: "password1234" + username: "username" + password: "password1234" + database-url: "postgresql://username:password1234@exam-db/api_prod" pvc: class: local-storage @@ -58,17 +60,14 @@ deployments: env: nonsecrets: app-settings: src.config.ProductionConfig - database-url: postgresql://$(POSTGRES_USER):$(POSTGRES_PASS)@api-db/$(POSTGRES_DB) port: "5000" - postgres-db: api-db secrets: - postgres-password: password - postgres-user: username + database-url: database-url image: repository: api tag: prod port: 5000 - replicas: 3 + replicas: 1 - client: tier: "frontend" name: "client" @@ -83,7 +82,6 @@ deployments: env: nonsecrets: pgdata: /var/lib/postgresql/data/pgdata - postgresDb: db secrets: postgres-password: password postgres-user: username diff --git a/run.sh b/run.sh new file mode 100644 index 0000000..e241c84 --- /dev/null +++ b/run.sh @@ -0,0 +1,6 @@ +#!/usr/bin/env bash + +minikube start +./build.sh -b +minikube addons enable ingress +helm install exam ./helm