From 4490d8b679c18b7ed9b8585304abaa7902b702cc Mon Sep 17 00:00:00 2001 From: "pramodbelal8@gmail.com" Date: Fri, 23 Sep 2022 20:40:50 +0530 Subject: [PATCH 1/7] [MOSIP-15265] Added changes for postgres and config-server --- charts/config-server/Chart.lock | 6 +- charts/config-server/templates/_overides.tpl | 100 ++++++++++++- charts/config-server/values.yaml | 2 +- charts/postgres-init/Chart.lock | 6 +- charts/postgres-init/templates/audit-job.yaml | 4 +- .../templates/authdevice-job.yaml | 4 +- .../templates/common-secrets.yaml | 138 +++++++++++++++++- .../templates/credential-job.yaml | 4 +- .../templates/digitalcard-job.yaml | 4 +- .../postgres-init/templates/hotlist-job.yaml | 4 +- charts/postgres-init/templates/ida-job.yaml | 4 +- charts/postgres-init/templates/idmap-job.yaml | 4 +- .../postgres-init/templates/idrepo-job.yaml | 4 +- .../postgres-init/templates/kernel-job.yaml | 4 +- .../postgres-init/templates/keymgr-job.yaml | 4 +- .../postgres-init/templates/master-job.yaml | 4 +- charts/postgres-init/templates/pms-job.yaml | 4 +- .../postgres-init/templates/prereg-job.yaml | 4 +- .../templates/regdevice-job.yaml | 4 +- .../postgres-init/templates/regprc-job.yaml | 4 +- .../postgres-init/templates/resident-job.yaml | 4 +- .../postgres-init/templates/toolkit-job.yaml | 4 +- charts/postgres-init/values.yaml | 34 +++++ 23 files changed, 307 insertions(+), 47 deletions(-) diff --git a/charts/config-server/Chart.lock b/charts/config-server/Chart.lock index 38e5b8b13..06f25d7de 100644 --- a/charts/config-server/Chart.lock +++ b/charts/config-server/Chart.lock @@ -1,6 +1,6 @@ dependencies: - name: common repository: https://charts.bitnami.com/bitnami - version: 1.13.0 -digest: sha256:e83af41b39942278f8389623671732e624f28c6f1ad6ac2d937e210c5f354a18 -generated: "2022-03-26T11:47:19.149601+05:30" + version: 1.17.1 +digest: sha256:dacc73770a5640c011e067ff8840ddf89631fc19016c8d0a9e5ea160e7da8690 +generated: "2022-09-22T17:43:44.902956972+05:30" diff --git a/charts/config-server/templates/_overides.tpl b/charts/config-server/templates/_overides.tpl index 86d973b33..fc142f737 100644 --- a/charts/config-server/templates/_overides.tpl +++ b/charts/config-server/templates/_overides.tpl @@ -45,11 +45,107 @@ All env variables that are accessed from mosip config properties name: {{ .Values.overrides.configmaps.global }} key: mosip-compliance-host -- name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_DB_DBUSER_PASSWORD +- name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_DB_MOSIP_MASTER_PASSWORD valueFrom: secretKeyRef: name: {{ .Values.overrides.secrets.db }} - key: db-dbuser-password + key: db-mosip-master-password + +- name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_DB_MOSIP_AUDIT_PASSWORD + valueFrom: + secretKeyRef: + name: {{ .Values.overrides.secrets.db }} + key: db-mosip-audit-password + +- name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_DB_MOSIP_KEYMGR_PASSWORD + valueFrom: + secretKeyRef: + name: {{ .Values.overrides.secrets.db }} + key: db-mosip-keymgr-password + +- name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_DB_MOSIP_KERNEL_PASSWORD + valueFrom: + secretKeyRef: + name: {{ .Values.overrides.secrets.db }} + key: db-mosip-kernel-password + +- name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_DB_IDMAP_PASSWORD + valueFrom: + secretKeyRef: + name: {{ .Values.overrides.secrets.db }} + key: db-mosip-idmap-password + +- name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_DB_MOSIP_PREREG_PASSWORD + valueFrom: + secretKeyRef: + name: {{ .Values.overrides.secrets.db }} + key: db-mosip-prereg-password + +- name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_DB_MOSIP_IDREPO_PASSWORD + valueFrom: + secretKeyRef: + name: {{ .Values.overrides.secrets.db }} + key: db-mosip-idrepo-password + +- name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_DB_MOSIP_IDA_PASSWORD + valueFrom: + secretKeyRef: + name: {{ .Values.overrides.secrets.db }} + key: db-mosip-ida-password + +- name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_DB_MOSIP_CREDENTIAL_PASSWORD + valueFrom: + secretKeyRef: + name: {{ .Values.overrides.secrets.db }} + key: db-mosip-credential-password + +- name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_DB_MOSIP-REGPRC_PASSWORD + valueFrom: + secretKeyRef: + name: {{ .Values.overrides.secrets.db }} + key: db-mosip-regprc-password + +- name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_DB_MOSIP_REGDEVICE_PASSWORD + valueFrom: + secretKeyRef: + name: {{ .Values.overrides.secrets.db }} + key: db-mosip-regdevice-password + +- name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_DB_MOSIP_AUTHDEVICE_PASSWORD + valueFrom: + secretKeyRef: + name: {{ .Values.overrides.secrets.db }} + key: db-mosip-authdevice-password + +- name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_DB_MOSIP_PMS_PASSWORD + valueFrom: + secretKeyRef: + name: {{ .Values.overrides.secrets.db }} + key: db-mosip-pms-password + +- name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_DB_MOSIP_HOTLIST_PASSWORD + valueFrom: + secretKeyRef: + name: {{ .Values.overrides.secrets.db }} + key: db-mosip-hotlist-password + +- name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_DB_MOSIP_RESIDENT_PASSWORD + valueFrom: + secretKeyRef: + name: {{ .Values.overrides.secrets.db }} + key: db-mosip-resident-password + +- name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_DB_MOSIP_TOOLKIT_PASSWORD + valueFrom: + secretKeyRef: + name: {{ .Values.overrides.secrets.db }} + key: db-mosip-toolkit-password + +- name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_DB_MOSIP_DIGITALCARD_PASSWORD + valueFrom: + secretKeyRef: + name: {{ .Values.overrides.secrets.db }} + key: db-mosip-digitalcard-password - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_KEYCLOAK_INTERNAL_URL valueFrom: diff --git a/charts/config-server/values.yaml b/charts/config-server/values.yaml index cfde4326c..d9ddd58f1 100644 --- a/charts/config-server/values.yaml +++ b/charts/config-server/values.yaml @@ -147,7 +147,7 @@ installedModules: ## Refer to instructions to install config-server helm chart in mosip-infra repo. overrides: secrets: - db: db-common-secrets + db: db-secrets keycloak: keycloak keycloakClients: keycloak-client-secrets softhsmKernel: softhsm-kernel diff --git a/charts/postgres-init/Chart.lock b/charts/postgres-init/Chart.lock index 5ee839369..f2509d59c 100644 --- a/charts/postgres-init/Chart.lock +++ b/charts/postgres-init/Chart.lock @@ -1,6 +1,6 @@ dependencies: - name: common repository: https://charts.bitnami.com/bitnami - version: 1.13.0 -digest: sha256:e83af41b39942278f8389623671732e624f28c6f1ad6ac2d937e210c5f354a18 -generated: "2022-03-26T11:50:47.463553+05:30" + version: 1.17.1 +digest: sha256:dacc73770a5640c011e067ff8840ddf89631fc19016c8d0a9e5ea160e7da8690 +generated: "2022-09-22T12:57:36.060140563+05:30" diff --git a/charts/postgres-init/templates/audit-job.yaml b/charts/postgres-init/templates/audit-job.yaml index 430150f7c..48bd73921 100644 --- a/charts/postgres-init/templates/audit-job.yaml +++ b/charts/postgres-init/templates/audit-job.yaml @@ -37,8 +37,8 @@ spec: - name: DBUSER_PWD valueFrom: secretKeyRef: - name: db-common-secrets - key: db-dbuser-password + name: db-secrets + key: db-mosip-audit-password envFrom: - configMapRef: diff --git a/charts/postgres-init/templates/authdevice-job.yaml b/charts/postgres-init/templates/authdevice-job.yaml index f90ee90bf..2f3fe6cf3 100644 --- a/charts/postgres-init/templates/authdevice-job.yaml +++ b/charts/postgres-init/templates/authdevice-job.yaml @@ -37,8 +37,8 @@ spec: - name: DBUSER_PWD valueFrom: secretKeyRef: - name: db-common-secrets - key: db-dbuser-password + name: db-secrets + key: db-mosip-authdevice-password envFrom: - configMapRef: diff --git a/charts/postgres-init/templates/common-secrets.yaml b/charts/postgres-init/templates/common-secrets.yaml index 774cf423a..c84dbfb54 100644 --- a/charts/postgres-init/templates/common-secrets.yaml +++ b/charts/postgres-init/templates/common-secrets.yaml @@ -1,7 +1,7 @@ apiVersion: v1 kind: Secret metadata: - name: db-common-secrets + name: db-secrets namespace: {{ .Release.Namespace }} labels: {{- include "common.labels.standard" . | nindent 4 }} app.kubernetes.io/component: postgres @@ -13,9 +13,139 @@ metadata: {{- end }} type: Opaque data: - {{- if .Values.dbUserPasswords.dbuserPassword }} - db-dbuser-password: {{ .Values.dbUserPasswords.dbuserPassword | b64enc | quote}} + {{- if .Values.databases.mosip_master.enabled }} + {{- if .Values.databases.mosip_master.dbuser.password }} + db-mosip-master-password: {{ .Values.databases.mosip_master.dbuser.password | b64enc | quote}} {{- else }} - db-dbuser-password: {{ randAlphaNum 10 | b64enc | quote }} + db-mosip-master-password: {{ randAlphaNum 10 | b64enc | quote }} + {{- end }} + {{- end }} + + + {{- if .Values.databases.mosip_audit.enabled }} + {{- if .Values.databases.mosip_audit.dbuser.password }} + db-mosip-audit-password: {{ .Values.databases.mosip_audit.dbuser.password | b64enc | quote}} + {{- else }} + db-mosip-audit-password: {{ randAlphaNum 10 | b64enc | quote }} + {{- end }} + {{- end }} + + {{- if .Values.databases.mosip_keymgr.enabled }} + {{- if .Values.databases.mosip_keymgr.dbuser.password }} + db-mosip-keymgr-password: {{ .Values.databases.mosip_keymgr.dbuser.password | b64enc | quote}} + {{- else }} + db-mosip-keymgr-password: {{ randAlphaNum 10 | b64enc | quote }} + {{- end }} + {{- end }} + + {{- if .Values.databases.mosip_kernel.enabled }} + {{- if .Values.databases.mosip_kernel.dbuser.password }} + db-mosip-kernel-password: {{ .Values.databases.mosip_kernel.dbuser.password | b64enc | quote}} + {{- else }} + db-mosip-kernel-password: {{ randAlphaNum 10 | b64enc | quote }} + {{- end }} + {{- end }} + + {{- if .Values.databases.mosip_idmap.enabled }} + {{- if .Values.databases.mosip_idmap.dbuser.password }} + db-mosip-idmap-password: {{ .Values.databases.mosip_idmap.dbuser.password | b64enc | quote}} + {{- else }} + db-mosip-idmap-password: {{ randAlphaNum 10 | b64enc | quote }} + {{- end }} + {{- end }} + + {{- if .Values.databases.mosip_prereg.enabled }} + {{- if .Values.databases.mosip_prereg.dbuser.password }} + db-mosip-prereg-password: {{ .Values.databases.mosip_prereg.dbuser.password | b64enc | quote}} + {{- else }} + db-mosip-prereg-password: {{ randAlphaNum 10 | b64enc | quote }} + {{- end }} + {{- end }} + + {{- if .Values.databases.mosip_idrepo.enabled }} + {{- if .Values.databases.mosip_idrepo.dbuser.password }} + db-mosip-idrepo-password: {{ .Values.databases.mosip_idrepo.dbuser.password | b64enc | quote}} + {{- else }} + db-mosip-idrepo-password: {{ randAlphaNum 10 | b64enc | quote }} + {{- end }} + {{- end }} + + {{- if .Values.databases.mosip_ida.enabled }} + {{- if .Values.databases.mosip_ida.dbuser.password }} + db-mosip-ida-password: {{ .Values.databases.mosip_ida.dbuser.password | b64enc | quote}} + {{- else }} + db-mosip-ida-password: {{ randAlphaNum 10 | b64enc | quote }} + {{- end }} + {{- end }} + + {{- if .Values.databases.mosip_credential.enabled }} + {{- if .Values.databases.mosip_credential.dbuser.password }} + db-mosip-credential-password: {{ .Values.databases.mosip_credential.dbuser.password | b64enc | quote}} + {{- else }} + db-mosip-credential-password: {{ randAlphaNum 10 | b64enc | quote }} + {{- end }} + {{- end }} + + {{- if .Values.databases.mosip_regprc.enabled }} + {{- if .Values.databases.mosip_regprc.dbuser.password }} + db-mosip-regprc-password: {{ .Values.databases.mosip_regprc.dbuser.password | b64enc | quote}} + {{- else }} + db-mosip-regprc-password: {{ randAlphaNum 10 | b64enc | quote }} + {{- end }} + {{- end }} + + {{- if .Values.databases.mosip_regdevice.enabled }} + {{- if .Values.databases.mosip_regdevice.dbuser.password }} + db-mosip-regdevice-password: {{ .Values.databases.mosip_regdevice.dbuser.password | b64enc | quote}} + {{- else }} + db-mosip-regdevice-password: {{ randAlphaNum 10 | b64enc | quote }} + {{- end }} + {{- end }} + + {{- if .Values.databases.mosip_authdevice.enabled }} + {{- if .Values.databases.mosip_authdevice.dbuser.password }} + db-mosip-authdevice-password: {{ .Values.databases.mosip_authdevice.dbuser.password | b64enc | quote}} + {{- else }} + db-mosip-authdevice-password: {{ randAlphaNum 10 | b64enc | quote }} + {{- end }} + {{- end }} + + {{- if .Values.databases.mosip_pms.enabled }} + {{- if .Values.databases.mosip_pms.dbuser.password }} + db-mosip-pms-password: {{ .Values.databases.mosip_pms.dbuser.password | b64enc | quote}} + {{- else }} + db-mosip-pms-password: {{ randAlphaNum 10 | b64enc | quote }} + {{- end }} + {{- end }} + + {{- if .Values.databases.mosip_hotlist.enabled }} + {{- if .Values.databases.mosip_hotlist.dbuser.password }} + db-mosip-hotlist-password: {{ .Values.databases.mosip_hotlist.dbuser.password | b64enc | quote}} + {{- else }} + db-mosip-hotlist-password: {{ randAlphaNum 10 | b64enc | quote }} + {{- end }} + {{- end }} + + {{- if .Values.databases.mosip_resident.enabled }} + {{- if .Values.databases.mosip_resident.dbuser.password }} + db-mosip-resident-password: {{ .Values.databases.mosip_resident.dbuser.password | b64enc | quote}} + {{- else }} + db-mosip-resident-password: {{ randAlphaNum 10 | b64enc | quote }} + {{- end }} + {{- end }} + + {{- if .Values.databases.mosip_toolkit.enabled }} + {{- if .Values.databases.mosip_toolkit.dbuser.password }} + db-mosip-toolkit-password: {{ .Values.databases.mosip_toolkit.dbuser.password | b64enc | quote}} + {{- else }} + db-mosip-toolkit-password: {{ randAlphaNum 10 | b64enc | quote }} + {{- end }} {{- end }} + {{- if .Values.databases.mosip_digitalcard.enabled }} + {{- if .Values.databases.mosip_digitalcard.dbuser.password }} + db-mosip-digitalcard-password: {{ .Values.databases.mosip_digitalcard.dbuser.password | b64enc | quote}} + {{- else }} + db-mosip-digitalcard-password: {{ randAlphaNum 10 | b64enc | quote }} + {{- end }} + {{- end }} \ No newline at end of file diff --git a/charts/postgres-init/templates/credential-job.yaml b/charts/postgres-init/templates/credential-job.yaml index 3014ffd8a..448655786 100644 --- a/charts/postgres-init/templates/credential-job.yaml +++ b/charts/postgres-init/templates/credential-job.yaml @@ -37,8 +37,8 @@ spec: - name: DBUSER_PWD valueFrom: secretKeyRef: - name: db-common-secrets - key: db-dbuser-password + name: db-secrets + key: db-mosip-credential-password envFrom: - configMapRef: diff --git a/charts/postgres-init/templates/digitalcard-job.yaml b/charts/postgres-init/templates/digitalcard-job.yaml index 1a090d72a..48ff7a65a 100644 --- a/charts/postgres-init/templates/digitalcard-job.yaml +++ b/charts/postgres-init/templates/digitalcard-job.yaml @@ -37,8 +37,8 @@ spec: - name: DBUSER_PWD valueFrom: secretKeyRef: - name: db-common-secrets - key: db-dbuser-password + name: db-secrets + key: db-mosip-digitalcard-password envFrom: - configMapRef: diff --git a/charts/postgres-init/templates/hotlist-job.yaml b/charts/postgres-init/templates/hotlist-job.yaml index 4761968e5..bb3f53476 100644 --- a/charts/postgres-init/templates/hotlist-job.yaml +++ b/charts/postgres-init/templates/hotlist-job.yaml @@ -37,8 +37,8 @@ spec: - name: DBUSER_PWD valueFrom: secretKeyRef: - name: db-common-secrets - key: db-dbuser-password + name: db-secrets + key: db-mosip-hotlist-password envFrom: - configMapRef: diff --git a/charts/postgres-init/templates/ida-job.yaml b/charts/postgres-init/templates/ida-job.yaml index 62424d8f1..ac758d981 100644 --- a/charts/postgres-init/templates/ida-job.yaml +++ b/charts/postgres-init/templates/ida-job.yaml @@ -37,8 +37,8 @@ spec: - name: DBUSER_PWD valueFrom: secretKeyRef: - name: db-common-secrets - key: db-dbuser-password + name: db-secrets + key: db-mosip-ida-password envFrom: - configMapRef: diff --git a/charts/postgres-init/templates/idmap-job.yaml b/charts/postgres-init/templates/idmap-job.yaml index 97c9f4aa3..cf06292eb 100644 --- a/charts/postgres-init/templates/idmap-job.yaml +++ b/charts/postgres-init/templates/idmap-job.yaml @@ -37,8 +37,8 @@ spec: - name: DBUSER_PWD valueFrom: secretKeyRef: - name: db-common-secrets - key: db-dbuser-password + name: db-secrets + key: db-mosip-idmap-password envFrom: - configMapRef: diff --git a/charts/postgres-init/templates/idrepo-job.yaml b/charts/postgres-init/templates/idrepo-job.yaml index 64d109fc4..956159972 100644 --- a/charts/postgres-init/templates/idrepo-job.yaml +++ b/charts/postgres-init/templates/idrepo-job.yaml @@ -37,8 +37,8 @@ spec: - name: DBUSER_PWD valueFrom: secretKeyRef: - name: db-common-secrets - key: db-dbuser-password + name: db-secrets + key: db-mosip-idrepo-password envFrom: - configMapRef: diff --git a/charts/postgres-init/templates/kernel-job.yaml b/charts/postgres-init/templates/kernel-job.yaml index 3bbfb52dc..968dd3bb4 100644 --- a/charts/postgres-init/templates/kernel-job.yaml +++ b/charts/postgres-init/templates/kernel-job.yaml @@ -37,8 +37,8 @@ spec: - name: DBUSER_PWD valueFrom: secretKeyRef: - name: db-common-secrets - key: db-dbuser-password + name: db-secrets + key: db-mosip-kernel-password envFrom: - configMapRef: diff --git a/charts/postgres-init/templates/keymgr-job.yaml b/charts/postgres-init/templates/keymgr-job.yaml index b554dbf61..88f28c546 100644 --- a/charts/postgres-init/templates/keymgr-job.yaml +++ b/charts/postgres-init/templates/keymgr-job.yaml @@ -37,8 +37,8 @@ spec: - name: DBUSER_PWD valueFrom: secretKeyRef: - name: db-common-secrets - key: db-dbuser-password + name: db-secrets + key: db-mosip-keymgr-password envFrom: - configMapRef: diff --git a/charts/postgres-init/templates/master-job.yaml b/charts/postgres-init/templates/master-job.yaml index eb811b78a..432e6315b 100644 --- a/charts/postgres-init/templates/master-job.yaml +++ b/charts/postgres-init/templates/master-job.yaml @@ -37,8 +37,8 @@ spec: - name: DBUSER_PWD valueFrom: secretKeyRef: - name: db-common-secrets - key: db-dbuser-password + name: db-secrets + key: db-mosip-master-password envFrom: - configMapRef: diff --git a/charts/postgres-init/templates/pms-job.yaml b/charts/postgres-init/templates/pms-job.yaml index a87f6cb67..d34415767 100644 --- a/charts/postgres-init/templates/pms-job.yaml +++ b/charts/postgres-init/templates/pms-job.yaml @@ -37,8 +37,8 @@ spec: - name: DBUSER_PWD valueFrom: secretKeyRef: - name: db-common-secrets - key: db-dbuser-password + name: db-secrets + key: db-mosip-pms-password envFrom: - configMapRef: diff --git a/charts/postgres-init/templates/prereg-job.yaml b/charts/postgres-init/templates/prereg-job.yaml index 5900fbf40..3a47e7013 100644 --- a/charts/postgres-init/templates/prereg-job.yaml +++ b/charts/postgres-init/templates/prereg-job.yaml @@ -37,8 +37,8 @@ spec: - name: DBUSER_PWD valueFrom: secretKeyRef: - name: db-common-secrets - key: db-dbuser-password + name: db-secrets + key: db-mosip-prereg-password envFrom: - configMapRef: diff --git a/charts/postgres-init/templates/regdevice-job.yaml b/charts/postgres-init/templates/regdevice-job.yaml index 407753d7e..97d75b838 100644 --- a/charts/postgres-init/templates/regdevice-job.yaml +++ b/charts/postgres-init/templates/regdevice-job.yaml @@ -37,8 +37,8 @@ spec: - name: DBUSER_PWD valueFrom: secretKeyRef: - name: db-common-secrets - key: db-dbuser-password + name: db-secrets + key: db-mosip-regdevice-password envFrom: - configMapRef: diff --git a/charts/postgres-init/templates/regprc-job.yaml b/charts/postgres-init/templates/regprc-job.yaml index c9784690f..63de643d6 100644 --- a/charts/postgres-init/templates/regprc-job.yaml +++ b/charts/postgres-init/templates/regprc-job.yaml @@ -37,8 +37,8 @@ spec: - name: DBUSER_PWD valueFrom: secretKeyRef: - name: db-common-secrets - key: db-dbuser-password + name: db-secrets + key: db-mosip-regprc-password envFrom: - configMapRef: diff --git a/charts/postgres-init/templates/resident-job.yaml b/charts/postgres-init/templates/resident-job.yaml index 93f37813a..7cecc3f20 100644 --- a/charts/postgres-init/templates/resident-job.yaml +++ b/charts/postgres-init/templates/resident-job.yaml @@ -37,8 +37,8 @@ spec: - name: DBUSER_PWD valueFrom: secretKeyRef: - name: db-common-secrets - key: db-dbuser-password + name: db-secrets + key: db-mosip-resident-password envFrom: - configMapRef: diff --git a/charts/postgres-init/templates/toolkit-job.yaml b/charts/postgres-init/templates/toolkit-job.yaml index 125b7a42b..471be7cd4 100644 --- a/charts/postgres-init/templates/toolkit-job.yaml +++ b/charts/postgres-init/templates/toolkit-job.yaml @@ -37,8 +37,8 @@ spec: - name: DBUSER_PWD valueFrom: secretKeyRef: - name: db-common-secrets - key: db-dbuser-password + name: db-secrets + key: db-mosip-toolkit-password envFrom: - configMapRef: diff --git a/charts/postgres-init/values.yaml b/charts/postgres-init/values.yaml index 873e0feb8..2d58741dc 100644 --- a/charts/postgres-init/values.yaml +++ b/charts/postgres-init/values.yaml @@ -94,6 +94,8 @@ databases: secret: name: postgres-postgresql key: postgresql-password + dbuser: + password: "" dml: 0 mosip_audit: @@ -105,6 +107,8 @@ databases: secret: name: postgres-postgresql key: postgresql-password + dbuser: + password: "" dml: 0 mosip_keymgr: @@ -116,6 +120,8 @@ databases: secret: name: postgres-postgresql key: postgresql-password + dbuser: + password: "" dml: 1 mosip_kernel: @@ -127,6 +133,8 @@ databases: secret: name: postgres-postgresql key: postgresql-password + dbuser: + password: "" dml: 0 mosip_idmap: @@ -138,6 +146,8 @@ databases: secret: name: postgres-postgresql key: postgresql-password + dbuser: + password: "" dml: 0 mosip_prereg: @@ -149,6 +159,8 @@ databases: secret: name: postgres-postgresql key: postgresql-password + dbuser: + password: "" dml: 0 mosip_idrepo: @@ -160,6 +172,8 @@ databases: secret: name: postgres-postgresql key: postgresql-password + dbuser: + password: "" dml: 0 mosip_ida: @@ -171,6 +185,8 @@ databases: secret: name: postgres-postgresql key: postgresql-password + dbuser: + password: "" dml: 1 mosip_credential: @@ -182,6 +198,8 @@ databases: secret: name: postgres-postgresql key: postgresql-password + dbuser: + password: "" dml: 0 mosip_regprc: @@ -193,6 +211,8 @@ databases: secret: name: postgres-postgresql key: postgresql-password + dbuser: + password: "" dml: 1 mosip_regdevice: @@ -204,6 +224,8 @@ databases: secret: name: postgres-postgresql key: postgresql-password + dbuser: + password: "" dml: 1 mosip_authdevice: @@ -215,6 +237,8 @@ databases: secret: name: postgres-postgresql key: postgresql-password + dbuser: + password: "" dml: 1 mosip_pms: @@ -229,6 +253,8 @@ databases: secret: name: postgres-postgresql key: postgresql-password + dbuser: + password: "" dml: 1 mosip_hotlist: @@ -240,6 +266,8 @@ databases: secret: name: postgres-postgresql key: postgresql-password + dbuser: + password: "" dml: 0 mosip_resident: @@ -251,6 +279,8 @@ databases: secret: name: postgres-postgresql key: postgresql-password + dbuser: + password: "" dml: 0 mosip_toolkit: @@ -262,6 +292,8 @@ databases: secret: name: postgres-postgresql key: postgresql-password + dbuser: + password: "" dml: 0 mosip_digitalcard: @@ -273,4 +305,6 @@ databases: secret: name: postgres-postgresql key: postgresql-password + dbuser: + password: "" dml: 0 From ca414648968e38fda0a28a3b9c3cc2a3e7420e38 Mon Sep 17 00:00:00 2001 From: "pramodbelal8@gmail.com" Date: Fri, 30 Sep 2022 17:24:34 +0530 Subject: [PATCH 2/7] [MOSIP-15265] updated _overides.tpl for config-server file and values.yaml for masterdata loader. --- charts/config-server/templates/_overides.tpl | 4 ++-- charts/masterdata-loader/values.yaml | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/config-server/templates/_overides.tpl b/charts/config-server/templates/_overides.tpl index fc142f737..f5ec7c005 100644 --- a/charts/config-server/templates/_overides.tpl +++ b/charts/config-server/templates/_overides.tpl @@ -69,7 +69,7 @@ All env variables that are accessed from mosip config properties name: {{ .Values.overrides.secrets.db }} key: db-mosip-kernel-password -- name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_DB_IDMAP_PASSWORD +- name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_DB_MOSIP_IDMAP_PASSWORD valueFrom: secretKeyRef: name: {{ .Values.overrides.secrets.db }} @@ -99,7 +99,7 @@ All env variables that are accessed from mosip config properties name: {{ .Values.overrides.secrets.db }} key: db-mosip-credential-password -- name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_DB_MOSIP-REGPRC_PASSWORD +- name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_DB_MOSIP_REGPRC_PASSWORD valueFrom: secretKeyRef: name: {{ .Values.overrides.secrets.db }} diff --git a/charts/masterdata-loader/values.yaml b/charts/masterdata-loader/values.yaml index c8207d084..910579b7f 100644 --- a/charts/masterdata-loader/values.yaml +++ b/charts/masterdata-loader/values.yaml @@ -76,7 +76,7 @@ db: port: 5432 user: masteruser secret: - name: db-common-secrets - key: db-dbuser-password + name: db-secrets + key: db-mosip-master-password mosipDataGithubBranch: develop From 37c9965f1605593939ed1c485fa0edaef3ed0412 Mon Sep 17 00:00:00 2001 From: "pramodbelal8@gmail.com" Date: Fri, 30 Sep 2022 19:12:00 +0530 Subject: [PATCH 3/7] [MOSIP-15265] updated idp service details to postgres-init and config-server helm-charts. --- charts/config-server/templates/_overides.tpl | 6 ++++++ charts/postgres-init/templates/common-secrets.yaml | 11 ++++++++++- charts/postgres-init/templates/idp-job.yaml | 4 ++-- charts/postgres-init/values.yaml | 2 ++ 4 files changed, 20 insertions(+), 3 deletions(-) diff --git a/charts/config-server/templates/_overides.tpl b/charts/config-server/templates/_overides.tpl index f95f230df..346cfd876 100644 --- a/charts/config-server/templates/_overides.tpl +++ b/charts/config-server/templates/_overides.tpl @@ -147,6 +147,12 @@ All env variables that are accessed from mosip config properties name: {{ .Values.overrides.secrets.db }} key: db-mosip-digitalcard-password +- name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_DB_MOSIP_IDP_PASSWORD + valueFrom: + secretKeyRef: + name: {{ .Values.overrides.secrets.db }} + key: db-mosip-idp-password + - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_KEYCLOAK_INTERNAL_URL valueFrom: configMapKeyRef: diff --git a/charts/postgres-init/templates/common-secrets.yaml b/charts/postgres-init/templates/common-secrets.yaml index c84dbfb54..afd8f5b90 100644 --- a/charts/postgres-init/templates/common-secrets.yaml +++ b/charts/postgres-init/templates/common-secrets.yaml @@ -148,4 +148,13 @@ data: {{- else }} db-mosip-digitalcard-password: {{ randAlphaNum 10 | b64enc | quote }} {{- end }} - {{- end }} \ No newline at end of file + {{- end }} + + {{- if .Values.databases.mosip_idp.enabled }} + {{- if .Values.databases.mosip_idp.dbuser.password }} + db-mosip-idp-password: {{ .Values.databases.mosip_idp.dbuser.password | b64enc | quote}} + {{- else }} + db-mosip-idp-password: {{ randAlphaNum 10 | b64enc | quote }} + {{- end }} + {{- end }} + diff --git a/charts/postgres-init/templates/idp-job.yaml b/charts/postgres-init/templates/idp-job.yaml index 80061e1a8..61dc3813e 100644 --- a/charts/postgres-init/templates/idp-job.yaml +++ b/charts/postgres-init/templates/idp-job.yaml @@ -37,8 +37,8 @@ spec: - name: DBUSER_PWD valueFrom: secretKeyRef: - name: db-common-secrets - key: db-dbuser-password + name: db-secrets + key: db-mosip-idp-password envFrom: - configMapRef: diff --git a/charts/postgres-init/values.yaml b/charts/postgres-init/values.yaml index 0ae712a90..784d08830 100644 --- a/charts/postgres-init/values.yaml +++ b/charts/postgres-init/values.yaml @@ -318,4 +318,6 @@ databases: secret: name: postgres-postgresql key: postgresql-password + dbuser: + password: "" dml: 1 From c3ed3cd73e6369e3e2b9912b71a22cc9dcdedd7b Mon Sep 17 00:00:00 2001 From: "pramodbelal8@gmail.com" Date: Tue, 11 Oct 2022 20:19:27 +0530 Subject: [PATCH 4/7] [MOSIP-15265] Updated postgres-init and config-server helm-charts and created new db-password-gen/helm-chart to create db-secrets in seperate NS. --- charts/config-server/templates/_overides.tpl | 36 ++-- charts/config-server/values.yaml | 19 ++- charts/db-password-gen/.gitignore | 1 + charts/db-password-gen/.helmignore | 23 +++ charts/db-password-gen/Chart.yaml | 20 +++ charts/db-password-gen/README.md | 14 ++ .../db-password-gen/templates/db-secrets.yaml | 29 ++++ charts/db-password-gen/values.yaml | 91 ++++++++++ charts/masterdata-loader/Chart.lock | 6 +- charts/masterdata-loader/templates/job.yaml | 4 +- charts/masterdata-loader/values.yaml | 2 +- charts/postgres-init/templates/audit-job.yaml | 2 +- .../templates/authdevice-job.yaml | 2 +- .../templates/common-secrets.yaml | 160 ------------------ .../templates/credential-job.yaml | 2 +- .../templates/digitalcard-job.yaml | 2 +- .../postgres-init/templates/hotlist-job.yaml | 2 +- charts/postgres-init/templates/ida-job.yaml | 2 +- charts/postgres-init/templates/idmap-job.yaml | 2 +- charts/postgres-init/templates/idp-job.yaml | 2 +- .../postgres-init/templates/idrepo-job.yaml | 2 +- .../postgres-init/templates/kernel-job.yaml | 2 +- .../postgres-init/templates/keymgr-job.yaml | 2 +- .../postgres-init/templates/master-job.yaml | 2 +- charts/postgres-init/templates/pms-job.yaml | 2 +- .../postgres-init/templates/prereg-job.yaml | 2 +- .../templates/regdevice-job.yaml | 2 +- .../postgres-init/templates/regprc-job.yaml | 2 +- .../postgres-init/templates/resident-job.yaml | 2 +- .../postgres-init/templates/toolkit-job.yaml | 2 +- charts/postgres-init/values.yaml | 34 ---- 31 files changed, 238 insertions(+), 237 deletions(-) create mode 100644 charts/db-password-gen/.gitignore create mode 100644 charts/db-password-gen/.helmignore create mode 100644 charts/db-password-gen/Chart.yaml create mode 100644 charts/db-password-gen/README.md create mode 100644 charts/db-password-gen/templates/db-secrets.yaml create mode 100644 charts/db-password-gen/values.yaml delete mode 100644 charts/postgres-init/templates/common-secrets.yaml diff --git a/charts/config-server/templates/_overides.tpl b/charts/config-server/templates/_overides.tpl index 346cfd876..7ef51c47f 100644 --- a/charts/config-server/templates/_overides.tpl +++ b/charts/config-server/templates/_overides.tpl @@ -48,109 +48,109 @@ All env variables that are accessed from mosip config properties - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_DB_MOSIP_MASTER_PASSWORD valueFrom: secretKeyRef: - name: {{ .Values.overrides.secrets.db }} + name: db-mosip-master-secret key: db-mosip-master-password - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_DB_MOSIP_AUDIT_PASSWORD valueFrom: secretKeyRef: - name: {{ .Values.overrides.secrets.db }} + name: db-mosip-audit-secret key: db-mosip-audit-password - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_DB_MOSIP_KEYMGR_PASSWORD valueFrom: secretKeyRef: - name: {{ .Values.overrides.secrets.db }} + name: db-mosip-keymgr-secret key: db-mosip-keymgr-password - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_DB_MOSIP_KERNEL_PASSWORD valueFrom: secretKeyRef: - name: {{ .Values.overrides.secrets.db }} + name: db-mosip-kernel-secret key: db-mosip-kernel-password - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_DB_MOSIP_IDMAP_PASSWORD valueFrom: secretKeyRef: - name: {{ .Values.overrides.secrets.db }} + name: db-mosip-idmap-secret key: db-mosip-idmap-password - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_DB_MOSIP_PREREG_PASSWORD valueFrom: secretKeyRef: - name: {{ .Values.overrides.secrets.db }} + name: db-mosip-prereg-secret key: db-mosip-prereg-password - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_DB_MOSIP_IDREPO_PASSWORD valueFrom: secretKeyRef: - name: {{ .Values.overrides.secrets.db }} + name: db-mosip-idrepo-secret key: db-mosip-idrepo-password - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_DB_MOSIP_IDA_PASSWORD valueFrom: secretKeyRef: - name: {{ .Values.overrides.secrets.db }} + name: db-mosip-ida-secret key: db-mosip-ida-password - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_DB_MOSIP_CREDENTIAL_PASSWORD valueFrom: secretKeyRef: - name: {{ .Values.overrides.secrets.db }} + name: db-mosip-credential-secret key: db-mosip-credential-password - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_DB_MOSIP_REGPRC_PASSWORD valueFrom: secretKeyRef: - name: {{ .Values.overrides.secrets.db }} + name: db-mosip-regprc-secret key: db-mosip-regprc-password - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_DB_MOSIP_REGDEVICE_PASSWORD valueFrom: secretKeyRef: - name: {{ .Values.overrides.secrets.db }} + name: db-mosip-regdevice-secret key: db-mosip-regdevice-password - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_DB_MOSIP_AUTHDEVICE_PASSWORD valueFrom: secretKeyRef: - name: {{ .Values.overrides.secrets.db }} + name: db-mosip-authdevice-secret key: db-mosip-authdevice-password - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_DB_MOSIP_PMS_PASSWORD valueFrom: secretKeyRef: - name: {{ .Values.overrides.secrets.db }} + name: db-mosip-pms-secret key: db-mosip-pms-password - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_DB_MOSIP_HOTLIST_PASSWORD valueFrom: secretKeyRef: - name: {{ .Values.overrides.secrets.db }} + name: db-mosip-hotlist-secret key: db-mosip-hotlist-password - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_DB_MOSIP_RESIDENT_PASSWORD valueFrom: secretKeyRef: - name: {{ .Values.overrides.secrets.db }} + name: db-mosip-resident-secret key: db-mosip-resident-password - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_DB_MOSIP_TOOLKIT_PASSWORD valueFrom: secretKeyRef: - name: {{ .Values.overrides.secrets.db }} + name: db-mosip-toolkit-secret key: db-mosip-toolkit-password - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_DB_MOSIP_DIGITALCARD_PASSWORD valueFrom: secretKeyRef: - name: {{ .Values.overrides.secrets.db }} + name: db-mosip-digitalcard-secret key: db-mosip-digitalcard-password - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_DB_MOSIP_IDP_PASSWORD valueFrom: secretKeyRef: - name: {{ .Values.overrides.secrets.db }} + name: db-mosip-idp-secret key: db-mosip-idp-password - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_KEYCLOAK_INTERNAL_URL diff --git a/charts/config-server/values.yaml b/charts/config-server/values.yaml index d9ddd58f1..d0c6e291c 100644 --- a/charts/config-server/values.yaml +++ b/charts/config-server/values.yaml @@ -147,7 +147,24 @@ installedModules: ## Refer to instructions to install config-server helm chart in mosip-infra repo. overrides: secrets: - db: db-secrets + dbMosipAuditSecret: db-mosip-audit-secret + dbMosipAuthdeviceSecret: db-mosip-authdevice-secret + dbMosipCredentialSecret: db-mosip-credential-secret + dbMosipDigitalcardSecret: db-mosip-digitalcard-secret + dbMosipHotlistSecret: db-mosip-hotlist-secret + dbMosipIdaSecret: db-mosip-ida-secret + dbMosipIdmapSecret: db-mosip-idmap-secret + dbMosipIdpSecret: db-mosip-idp-secret + dbMosipIdrepoSecret: db-mosip-idrepo-secret + dbMosipKernelSecret: db-mosip-kernel-secret + dbMosipKeymgrSecret: db-mosip-keymgr-secret + dbMosipMasterSecret: db-mosip-master-secret + dbMosipPmsSecret: db-mosip-pms-secret + dbMosipPreregSecret: db-mosip-prereg-secret + dbMosipRegdeviceSecret: db-mosip-regdevice-secret + dbMosipRegprcSecret: db-mosip-regprc-secret + dbMosipResidentSecret: db-mosip-resident-secret + dbMosipToolkitSecret: db-mosip-toolkit-secret keycloak: keycloak keycloakClients: keycloak-client-secrets softhsmKernel: softhsm-kernel diff --git a/charts/db-password-gen/.gitignore b/charts/db-password-gen/.gitignore new file mode 100644 index 000000000..ee3892e87 --- /dev/null +++ b/charts/db-password-gen/.gitignore @@ -0,0 +1 @@ +charts/ diff --git a/charts/db-password-gen/.helmignore b/charts/db-password-gen/.helmignore new file mode 100644 index 000000000..0e8a0eb36 --- /dev/null +++ b/charts/db-password-gen/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/charts/db-password-gen/Chart.yaml b/charts/db-password-gen/Chart.yaml new file mode 100644 index 000000000..8ae054a45 --- /dev/null +++ b/charts/db-password-gen/Chart.yaml @@ -0,0 +1,20 @@ +apiVersion: v2 +name: db-password-gen +description: A Helm chart for Kubernetes to generate passwords for postgres DBs. +type: application +version: 12.0.2 +dependencies: + - name: common + repository: https://charts.bitnami.com/bitnami + tags: + - bitnami-common + version: 1.x.x + +home: https://mosip.io +keywords: + - postgres + - db-password-gen + - database +maintainers: + - email: info@mosip.io + name: MOSIP diff --git a/charts/db-password-gen/README.md b/charts/db-password-gen/README.md new file mode 100644 index 000000000..bbf1a86e5 --- /dev/null +++ b/charts/db-password-gen/README.md @@ -0,0 +1,14 @@ +# Postgres Init + +* Make sure Postgre server(s) are running +* Update all database parameters in `values.yaml` +* Add mosip helm repo +``` +* Update helm dependencies using: +``` +$ helm dependency update +``` +* Run the helm chart +``` +$ helm -n postgres install postgres-init postgres-init +``` diff --git a/charts/db-password-gen/templates/db-secrets.yaml b/charts/db-password-gen/templates/db-secrets.yaml new file mode 100644 index 000000000..ec95ea72a --- /dev/null +++ b/charts/db-password-gen/templates/db-secrets.yaml @@ -0,0 +1,29 @@ +{{- if .Values.databases }} +{{- range $key, $value := .Values.databases }} +{{- $key := $key | replace "_" "-" }} +--- +apiVersion: v1 +kind: Secret +metadata: + name: db-{{ $key }}-secret + namespace: {{ $.Release.Namespace }} + labels: {{- include "common.labels.standard" $ | nindent 4 }} + app.kubernetes.io/component: db-password-gen + {{- if $.Values.commonLabels }} + {{- include "common.tplvalues.render" ( dict "value" $.Values.commonLabels "context" $ ) | nindent 4 }} + {{- end }} + {{- if $.Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" $.Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +type: Opaque +data: + {{- if $value.enabled }} + {{- if and $value.dbuser $value.dbuser.password }} + db-{{$key}}-password: {{ $value.dbuser.password | b64enc | quote}} + {{- else }} + db-{{$key}}-password: {{ randAlphaNum 10 | b64enc | quote }} + {{- end }} + {{- end }} + +{{- end }} +{{- end }} diff --git a/charts/db-password-gen/values.yaml b/charts/db-password-gen/values.yaml new file mode 100644 index 000000000..37a70b270 --- /dev/null +++ b/charts/db-password-gen/values.yaml @@ -0,0 +1,91 @@ +databases: + mosip_master: + enabled: true + dbuser: + password: "" + + mosip_audit: + enabled: true + dbuser: + password: "" + + + mosip_keymgr: + enabled: true + dbuser: + password: "" + + mosip_kernel: + enabled: true + dbuser: + password: "" + + mosip_idmap: + enabled: true + dbuser: + password: "" + + mosip_prereg: + enabled: true + dbuser: + password: "" + + mosip_idrepo: + enabled: true + dbuser: + password: "" + + mosip_ida: + enabled: true + dbuser: + password: "" + + mosip_credential: + enabled: true + dbuser: + password: "" + + mosip_regprc: + enabled: true + dbuser: + password: "" + + mosip_regdevice: + enabled: true + dbuser: + password: "" + + mosip_authdevice: + enabled: true + dbuser: + password: "" + + mosip_pms: + enabled: true + dbuser: + password: "" + + mosip_hotlist: + enabled: true + dbuser: + password: "" + + mosip_resident: + enabled: true + dbuser: + password: "" + + mosip_toolkit: + enabled: true + dbuser: + password: "" + + mosip_digitalcard: + enabled: true + dbuser: + password: "" + + mosip_idp: + enabled: true + dbuser: + password: "" diff --git a/charts/masterdata-loader/Chart.lock b/charts/masterdata-loader/Chart.lock index 5ee839369..055abff3c 100644 --- a/charts/masterdata-loader/Chart.lock +++ b/charts/masterdata-loader/Chart.lock @@ -1,6 +1,6 @@ dependencies: - name: common repository: https://charts.bitnami.com/bitnami - version: 1.13.0 -digest: sha256:e83af41b39942278f8389623671732e624f28c6f1ad6ac2d937e210c5f354a18 -generated: "2022-03-26T11:50:47.463553+05:30" + version: 1.17.1 +digest: sha256:dacc73770a5640c011e067ff8840ddf89631fc19016c8d0a9e5ea160e7da8690 +generated: "2022-10-11T12:45:29.234004317+05:30" diff --git a/charts/masterdata-loader/templates/job.yaml b/charts/masterdata-loader/templates/job.yaml index abbf97a6d..def047e5e 100644 --- a/charts/masterdata-loader/templates/job.yaml +++ b/charts/masterdata-loader/templates/job.yaml @@ -30,8 +30,8 @@ spec: - name: DB_PWD valueFrom: secretKeyRef: - name: {{ .Values.db.secret.name }} - key: {{ .Values.db.secret.key }} + name: db-mosip-master-secret + key: db-mosip-master-password envFrom: - configMapRef: diff --git a/charts/masterdata-loader/values.yaml b/charts/masterdata-loader/values.yaml index 910579b7f..b99a7ac12 100644 --- a/charts/masterdata-loader/values.yaml +++ b/charts/masterdata-loader/values.yaml @@ -76,7 +76,7 @@ db: port: 5432 user: masteruser secret: - name: db-secrets + name: db-mosip-master-secret key: db-mosip-master-password mosipDataGithubBranch: develop diff --git a/charts/postgres-init/templates/audit-job.yaml b/charts/postgres-init/templates/audit-job.yaml index 48bd73921..50b0b60a0 100644 --- a/charts/postgres-init/templates/audit-job.yaml +++ b/charts/postgres-init/templates/audit-job.yaml @@ -37,7 +37,7 @@ spec: - name: DBUSER_PWD valueFrom: secretKeyRef: - name: db-secrets + name: db-mosip-audit-secret key: db-mosip-audit-password envFrom: diff --git a/charts/postgres-init/templates/authdevice-job.yaml b/charts/postgres-init/templates/authdevice-job.yaml index 2f3fe6cf3..e7fce9823 100644 --- a/charts/postgres-init/templates/authdevice-job.yaml +++ b/charts/postgres-init/templates/authdevice-job.yaml @@ -37,7 +37,7 @@ spec: - name: DBUSER_PWD valueFrom: secretKeyRef: - name: db-secrets + name: db-mosip-authdevice-secret key: db-mosip-authdevice-password envFrom: diff --git a/charts/postgres-init/templates/common-secrets.yaml b/charts/postgres-init/templates/common-secrets.yaml deleted file mode 100644 index afd8f5b90..000000000 --- a/charts/postgres-init/templates/common-secrets.yaml +++ /dev/null @@ -1,160 +0,0 @@ -apiVersion: v1 -kind: Secret -metadata: - name: db-secrets - namespace: {{ .Release.Namespace }} - labels: {{- include "common.labels.standard" . | nindent 4 }} - app.kubernetes.io/component: postgres - {{- if .Values.commonLabels }} - {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} - {{- end }} - {{- if .Values.commonAnnotations }} - annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} - {{- end }} -type: Opaque -data: - {{- if .Values.databases.mosip_master.enabled }} - {{- if .Values.databases.mosip_master.dbuser.password }} - db-mosip-master-password: {{ .Values.databases.mosip_master.dbuser.password | b64enc | quote}} - {{- else }} - db-mosip-master-password: {{ randAlphaNum 10 | b64enc | quote }} - {{- end }} - {{- end }} - - - {{- if .Values.databases.mosip_audit.enabled }} - {{- if .Values.databases.mosip_audit.dbuser.password }} - db-mosip-audit-password: {{ .Values.databases.mosip_audit.dbuser.password | b64enc | quote}} - {{- else }} - db-mosip-audit-password: {{ randAlphaNum 10 | b64enc | quote }} - {{- end }} - {{- end }} - - {{- if .Values.databases.mosip_keymgr.enabled }} - {{- if .Values.databases.mosip_keymgr.dbuser.password }} - db-mosip-keymgr-password: {{ .Values.databases.mosip_keymgr.dbuser.password | b64enc | quote}} - {{- else }} - db-mosip-keymgr-password: {{ randAlphaNum 10 | b64enc | quote }} - {{- end }} - {{- end }} - - {{- if .Values.databases.mosip_kernel.enabled }} - {{- if .Values.databases.mosip_kernel.dbuser.password }} - db-mosip-kernel-password: {{ .Values.databases.mosip_kernel.dbuser.password | b64enc | quote}} - {{- else }} - db-mosip-kernel-password: {{ randAlphaNum 10 | b64enc | quote }} - {{- end }} - {{- end }} - - {{- if .Values.databases.mosip_idmap.enabled }} - {{- if .Values.databases.mosip_idmap.dbuser.password }} - db-mosip-idmap-password: {{ .Values.databases.mosip_idmap.dbuser.password | b64enc | quote}} - {{- else }} - db-mosip-idmap-password: {{ randAlphaNum 10 | b64enc | quote }} - {{- end }} - {{- end }} - - {{- if .Values.databases.mosip_prereg.enabled }} - {{- if .Values.databases.mosip_prereg.dbuser.password }} - db-mosip-prereg-password: {{ .Values.databases.mosip_prereg.dbuser.password | b64enc | quote}} - {{- else }} - db-mosip-prereg-password: {{ randAlphaNum 10 | b64enc | quote }} - {{- end }} - {{- end }} - - {{- if .Values.databases.mosip_idrepo.enabled }} - {{- if .Values.databases.mosip_idrepo.dbuser.password }} - db-mosip-idrepo-password: {{ .Values.databases.mosip_idrepo.dbuser.password | b64enc | quote}} - {{- else }} - db-mosip-idrepo-password: {{ randAlphaNum 10 | b64enc | quote }} - {{- end }} - {{- end }} - - {{- if .Values.databases.mosip_ida.enabled }} - {{- if .Values.databases.mosip_ida.dbuser.password }} - db-mosip-ida-password: {{ .Values.databases.mosip_ida.dbuser.password | b64enc | quote}} - {{- else }} - db-mosip-ida-password: {{ randAlphaNum 10 | b64enc | quote }} - {{- end }} - {{- end }} - - {{- if .Values.databases.mosip_credential.enabled }} - {{- if .Values.databases.mosip_credential.dbuser.password }} - db-mosip-credential-password: {{ .Values.databases.mosip_credential.dbuser.password | b64enc | quote}} - {{- else }} - db-mosip-credential-password: {{ randAlphaNum 10 | b64enc | quote }} - {{- end }} - {{- end }} - - {{- if .Values.databases.mosip_regprc.enabled }} - {{- if .Values.databases.mosip_regprc.dbuser.password }} - db-mosip-regprc-password: {{ .Values.databases.mosip_regprc.dbuser.password | b64enc | quote}} - {{- else }} - db-mosip-regprc-password: {{ randAlphaNum 10 | b64enc | quote }} - {{- end }} - {{- end }} - - {{- if .Values.databases.mosip_regdevice.enabled }} - {{- if .Values.databases.mosip_regdevice.dbuser.password }} - db-mosip-regdevice-password: {{ .Values.databases.mosip_regdevice.dbuser.password | b64enc | quote}} - {{- else }} - db-mosip-regdevice-password: {{ randAlphaNum 10 | b64enc | quote }} - {{- end }} - {{- end }} - - {{- if .Values.databases.mosip_authdevice.enabled }} - {{- if .Values.databases.mosip_authdevice.dbuser.password }} - db-mosip-authdevice-password: {{ .Values.databases.mosip_authdevice.dbuser.password | b64enc | quote}} - {{- else }} - db-mosip-authdevice-password: {{ randAlphaNum 10 | b64enc | quote }} - {{- end }} - {{- end }} - - {{- if .Values.databases.mosip_pms.enabled }} - {{- if .Values.databases.mosip_pms.dbuser.password }} - db-mosip-pms-password: {{ .Values.databases.mosip_pms.dbuser.password | b64enc | quote}} - {{- else }} - db-mosip-pms-password: {{ randAlphaNum 10 | b64enc | quote }} - {{- end }} - {{- end }} - - {{- if .Values.databases.mosip_hotlist.enabled }} - {{- if .Values.databases.mosip_hotlist.dbuser.password }} - db-mosip-hotlist-password: {{ .Values.databases.mosip_hotlist.dbuser.password | b64enc | quote}} - {{- else }} - db-mosip-hotlist-password: {{ randAlphaNum 10 | b64enc | quote }} - {{- end }} - {{- end }} - - {{- if .Values.databases.mosip_resident.enabled }} - {{- if .Values.databases.mosip_resident.dbuser.password }} - db-mosip-resident-password: {{ .Values.databases.mosip_resident.dbuser.password | b64enc | quote}} - {{- else }} - db-mosip-resident-password: {{ randAlphaNum 10 | b64enc | quote }} - {{- end }} - {{- end }} - - {{- if .Values.databases.mosip_toolkit.enabled }} - {{- if .Values.databases.mosip_toolkit.dbuser.password }} - db-mosip-toolkit-password: {{ .Values.databases.mosip_toolkit.dbuser.password | b64enc | quote}} - {{- else }} - db-mosip-toolkit-password: {{ randAlphaNum 10 | b64enc | quote }} - {{- end }} - {{- end }} - - {{- if .Values.databases.mosip_digitalcard.enabled }} - {{- if .Values.databases.mosip_digitalcard.dbuser.password }} - db-mosip-digitalcard-password: {{ .Values.databases.mosip_digitalcard.dbuser.password | b64enc | quote}} - {{- else }} - db-mosip-digitalcard-password: {{ randAlphaNum 10 | b64enc | quote }} - {{- end }} - {{- end }} - - {{- if .Values.databases.mosip_idp.enabled }} - {{- if .Values.databases.mosip_idp.dbuser.password }} - db-mosip-idp-password: {{ .Values.databases.mosip_idp.dbuser.password | b64enc | quote}} - {{- else }} - db-mosip-idp-password: {{ randAlphaNum 10 | b64enc | quote }} - {{- end }} - {{- end }} - diff --git a/charts/postgres-init/templates/credential-job.yaml b/charts/postgres-init/templates/credential-job.yaml index 448655786..80c4f9cf6 100644 --- a/charts/postgres-init/templates/credential-job.yaml +++ b/charts/postgres-init/templates/credential-job.yaml @@ -37,7 +37,7 @@ spec: - name: DBUSER_PWD valueFrom: secretKeyRef: - name: db-secrets + name: db-mosip-credential-secret key: db-mosip-credential-password envFrom: diff --git a/charts/postgres-init/templates/digitalcard-job.yaml b/charts/postgres-init/templates/digitalcard-job.yaml index 48ff7a65a..c7d3e0a0d 100644 --- a/charts/postgres-init/templates/digitalcard-job.yaml +++ b/charts/postgres-init/templates/digitalcard-job.yaml @@ -37,7 +37,7 @@ spec: - name: DBUSER_PWD valueFrom: secretKeyRef: - name: db-secrets + name: db-mosip-digitalcard-secret key: db-mosip-digitalcard-password envFrom: diff --git a/charts/postgres-init/templates/hotlist-job.yaml b/charts/postgres-init/templates/hotlist-job.yaml index bb3f53476..f749c35ea 100644 --- a/charts/postgres-init/templates/hotlist-job.yaml +++ b/charts/postgres-init/templates/hotlist-job.yaml @@ -37,7 +37,7 @@ spec: - name: DBUSER_PWD valueFrom: secretKeyRef: - name: db-secrets + name: db-mosip-hotlist-secret key: db-mosip-hotlist-password envFrom: diff --git a/charts/postgres-init/templates/ida-job.yaml b/charts/postgres-init/templates/ida-job.yaml index ac758d981..a92f74759 100644 --- a/charts/postgres-init/templates/ida-job.yaml +++ b/charts/postgres-init/templates/ida-job.yaml @@ -37,7 +37,7 @@ spec: - name: DBUSER_PWD valueFrom: secretKeyRef: - name: db-secrets + name: db-mosip-ida-secret key: db-mosip-ida-password envFrom: diff --git a/charts/postgres-init/templates/idmap-job.yaml b/charts/postgres-init/templates/idmap-job.yaml index cf06292eb..38e3f90d2 100644 --- a/charts/postgres-init/templates/idmap-job.yaml +++ b/charts/postgres-init/templates/idmap-job.yaml @@ -37,7 +37,7 @@ spec: - name: DBUSER_PWD valueFrom: secretKeyRef: - name: db-secrets + name: db-mosip-idmap-secret key: db-mosip-idmap-password envFrom: diff --git a/charts/postgres-init/templates/idp-job.yaml b/charts/postgres-init/templates/idp-job.yaml index 61dc3813e..3da74855e 100644 --- a/charts/postgres-init/templates/idp-job.yaml +++ b/charts/postgres-init/templates/idp-job.yaml @@ -37,7 +37,7 @@ spec: - name: DBUSER_PWD valueFrom: secretKeyRef: - name: db-secrets + name: db-mosip-idp-secret key: db-mosip-idp-password envFrom: diff --git a/charts/postgres-init/templates/idrepo-job.yaml b/charts/postgres-init/templates/idrepo-job.yaml index 956159972..1168ed3ee 100644 --- a/charts/postgres-init/templates/idrepo-job.yaml +++ b/charts/postgres-init/templates/idrepo-job.yaml @@ -37,7 +37,7 @@ spec: - name: DBUSER_PWD valueFrom: secretKeyRef: - name: db-secrets + name: db-mosip-idrepo-secret key: db-mosip-idrepo-password envFrom: diff --git a/charts/postgres-init/templates/kernel-job.yaml b/charts/postgres-init/templates/kernel-job.yaml index 968dd3bb4..a4ed03636 100644 --- a/charts/postgres-init/templates/kernel-job.yaml +++ b/charts/postgres-init/templates/kernel-job.yaml @@ -37,7 +37,7 @@ spec: - name: DBUSER_PWD valueFrom: secretKeyRef: - name: db-secrets + name: db-mosip-kernel-secret key: db-mosip-kernel-password envFrom: diff --git a/charts/postgres-init/templates/keymgr-job.yaml b/charts/postgres-init/templates/keymgr-job.yaml index 88f28c546..bd2dabe13 100644 --- a/charts/postgres-init/templates/keymgr-job.yaml +++ b/charts/postgres-init/templates/keymgr-job.yaml @@ -37,7 +37,7 @@ spec: - name: DBUSER_PWD valueFrom: secretKeyRef: - name: db-secrets + name: db-mosip-keymgr-secret key: db-mosip-keymgr-password envFrom: diff --git a/charts/postgres-init/templates/master-job.yaml b/charts/postgres-init/templates/master-job.yaml index 432e6315b..717d41922 100644 --- a/charts/postgres-init/templates/master-job.yaml +++ b/charts/postgres-init/templates/master-job.yaml @@ -37,7 +37,7 @@ spec: - name: DBUSER_PWD valueFrom: secretKeyRef: - name: db-secrets + name: db-mosip-master-secret key: db-mosip-master-password envFrom: diff --git a/charts/postgres-init/templates/pms-job.yaml b/charts/postgres-init/templates/pms-job.yaml index d34415767..ad24b595a 100644 --- a/charts/postgres-init/templates/pms-job.yaml +++ b/charts/postgres-init/templates/pms-job.yaml @@ -37,7 +37,7 @@ spec: - name: DBUSER_PWD valueFrom: secretKeyRef: - name: db-secrets + name: db-mosip-pms-secret key: db-mosip-pms-password envFrom: diff --git a/charts/postgres-init/templates/prereg-job.yaml b/charts/postgres-init/templates/prereg-job.yaml index 3a47e7013..60d6dbcc0 100644 --- a/charts/postgres-init/templates/prereg-job.yaml +++ b/charts/postgres-init/templates/prereg-job.yaml @@ -37,7 +37,7 @@ spec: - name: DBUSER_PWD valueFrom: secretKeyRef: - name: db-secrets + name: db-mosip-prereg-secret key: db-mosip-prereg-password envFrom: diff --git a/charts/postgres-init/templates/regdevice-job.yaml b/charts/postgres-init/templates/regdevice-job.yaml index 97d75b838..bea39d85a 100644 --- a/charts/postgres-init/templates/regdevice-job.yaml +++ b/charts/postgres-init/templates/regdevice-job.yaml @@ -37,7 +37,7 @@ spec: - name: DBUSER_PWD valueFrom: secretKeyRef: - name: db-secrets + name: db-mosip-regdevice-secret key: db-mosip-regdevice-password envFrom: diff --git a/charts/postgres-init/templates/regprc-job.yaml b/charts/postgres-init/templates/regprc-job.yaml index 63de643d6..421bbb5b2 100644 --- a/charts/postgres-init/templates/regprc-job.yaml +++ b/charts/postgres-init/templates/regprc-job.yaml @@ -37,7 +37,7 @@ spec: - name: DBUSER_PWD valueFrom: secretKeyRef: - name: db-secrets + name: db-mosip-regprc-secret key: db-mosip-regprc-password envFrom: diff --git a/charts/postgres-init/templates/resident-job.yaml b/charts/postgres-init/templates/resident-job.yaml index 7cecc3f20..7ec179d13 100644 --- a/charts/postgres-init/templates/resident-job.yaml +++ b/charts/postgres-init/templates/resident-job.yaml @@ -37,7 +37,7 @@ spec: - name: DBUSER_PWD valueFrom: secretKeyRef: - name: db-secrets + name: db-mosip-resident-secret key: db-mosip-resident-password envFrom: diff --git a/charts/postgres-init/templates/toolkit-job.yaml b/charts/postgres-init/templates/toolkit-job.yaml index 471be7cd4..301243e91 100644 --- a/charts/postgres-init/templates/toolkit-job.yaml +++ b/charts/postgres-init/templates/toolkit-job.yaml @@ -37,7 +37,7 @@ spec: - name: DBUSER_PWD valueFrom: secretKeyRef: - name: db-secrets + name: db-mosip-toolkit-secret key: db-mosip-toolkit-password envFrom: diff --git a/charts/postgres-init/values.yaml b/charts/postgres-init/values.yaml index 784d08830..b5b7854b7 100644 --- a/charts/postgres-init/values.yaml +++ b/charts/postgres-init/values.yaml @@ -94,8 +94,6 @@ databases: secret: name: postgres-postgresql key: postgresql-password - dbuser: - password: "" dml: 0 mosip_audit: @@ -107,8 +105,6 @@ databases: secret: name: postgres-postgresql key: postgresql-password - dbuser: - password: "" dml: 0 mosip_keymgr: @@ -133,8 +129,6 @@ databases: secret: name: postgres-postgresql key: postgresql-password - dbuser: - password: "" dml: 0 mosip_idmap: @@ -146,8 +140,6 @@ databases: secret: name: postgres-postgresql key: postgresql-password - dbuser: - password: "" dml: 0 mosip_prereg: @@ -159,8 +151,6 @@ databases: secret: name: postgres-postgresql key: postgresql-password - dbuser: - password: "" dml: 0 mosip_idrepo: @@ -172,8 +162,6 @@ databases: secret: name: postgres-postgresql key: postgresql-password - dbuser: - password: "" dml: 0 mosip_ida: @@ -185,8 +173,6 @@ databases: secret: name: postgres-postgresql key: postgresql-password - dbuser: - password: "" dml: 1 mosip_credential: @@ -198,8 +184,6 @@ databases: secret: name: postgres-postgresql key: postgresql-password - dbuser: - password: "" dml: 0 mosip_regprc: @@ -211,8 +195,6 @@ databases: secret: name: postgres-postgresql key: postgresql-password - dbuser: - password: "" dml: 1 mosip_regdevice: @@ -224,8 +206,6 @@ databases: secret: name: postgres-postgresql key: postgresql-password - dbuser: - password: "" dml: 1 mosip_authdevice: @@ -237,8 +217,6 @@ databases: secret: name: postgres-postgresql key: postgresql-password - dbuser: - password: "" dml: 1 mosip_pms: @@ -253,8 +231,6 @@ databases: secret: name: postgres-postgresql key: postgresql-password - dbuser: - password: "" dml: 1 mosip_hotlist: @@ -266,8 +242,6 @@ databases: secret: name: postgres-postgresql key: postgresql-password - dbuser: - password: "" dml: 0 mosip_resident: @@ -279,8 +253,6 @@ databases: secret: name: postgres-postgresql key: postgresql-password - dbuser: - password: "" dml: 0 mosip_toolkit: @@ -292,8 +264,6 @@ databases: secret: name: postgres-postgresql key: postgresql-password - dbuser: - password: "" dml: 0 mosip_digitalcard: @@ -305,8 +275,6 @@ databases: secret: name: postgres-postgresql key: postgresql-password - dbuser: - password: "" dml: 0 mosip_idp: @@ -318,6 +286,4 @@ databases: secret: name: postgres-postgresql key: postgresql-password - dbuser: - password: "" dml: 1 From c80bc030b63cdc3efa70ca637df47c4361266ebc Mon Sep 17 00:00:00 2001 From: "pramodbelal8@gmail.com" Date: Wed, 12 Oct 2022 10:38:15 +0530 Subject: [PATCH 5/7] [MOSIP-15265] Updated README.md file for db-password-gen. --- charts/db-password-gen/README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/charts/db-password-gen/README.md b/charts/db-password-gen/README.md index bbf1a86e5..a17391bac 100644 --- a/charts/db-password-gen/README.md +++ b/charts/db-password-gen/README.md @@ -1,4 +1,4 @@ -# Postgres Init +# db-password-gen * Make sure Postgre server(s) are running * Update all database parameters in `values.yaml` @@ -10,5 +10,5 @@ $ helm dependency update ``` * Run the helm chart ``` -$ helm -n postgres install postgres-init postgres-init +$ helm -n postgres install db-password-gen db-password-gen ``` From 08dd9e4f08b72f3834ac3c6931a25c00f467581a Mon Sep 17 00:00:00 2001 From: "pramodbelal8@gmail.com" Date: Wed, 12 Oct 2022 13:34:17 +0530 Subject: [PATCH 6/7] [MOSIP-15265] Updated config-server helm-chart. --- charts/config-server/values.yaml | 18 ------------------ 1 file changed, 18 deletions(-) diff --git a/charts/config-server/values.yaml b/charts/config-server/values.yaml index d0c6e291c..17442b15f 100644 --- a/charts/config-server/values.yaml +++ b/charts/config-server/values.yaml @@ -147,24 +147,6 @@ installedModules: ## Refer to instructions to install config-server helm chart in mosip-infra repo. overrides: secrets: - dbMosipAuditSecret: db-mosip-audit-secret - dbMosipAuthdeviceSecret: db-mosip-authdevice-secret - dbMosipCredentialSecret: db-mosip-credential-secret - dbMosipDigitalcardSecret: db-mosip-digitalcard-secret - dbMosipHotlistSecret: db-mosip-hotlist-secret - dbMosipIdaSecret: db-mosip-ida-secret - dbMosipIdmapSecret: db-mosip-idmap-secret - dbMosipIdpSecret: db-mosip-idp-secret - dbMosipIdrepoSecret: db-mosip-idrepo-secret - dbMosipKernelSecret: db-mosip-kernel-secret - dbMosipKeymgrSecret: db-mosip-keymgr-secret - dbMosipMasterSecret: db-mosip-master-secret - dbMosipPmsSecret: db-mosip-pms-secret - dbMosipPreregSecret: db-mosip-prereg-secret - dbMosipRegdeviceSecret: db-mosip-regdevice-secret - dbMosipRegprcSecret: db-mosip-regprc-secret - dbMosipResidentSecret: db-mosip-resident-secret - dbMosipToolkitSecret: db-mosip-toolkit-secret keycloak: keycloak keycloakClients: keycloak-client-secrets softhsmKernel: softhsm-kernel From 6d9d8bb9ec844ea45667e491d55d5c84fad4227c Mon Sep 17 00:00:00 2001 From: "pramodbelal8@gmail.com" Date: Thu, 13 Oct 2022 12:50:46 +0530 Subject: [PATCH 7/7] [MOSIP-15265] updated postgres-init values.yaml. --- charts/postgres-init/values.yaml | 2 -- 1 file changed, 2 deletions(-) diff --git a/charts/postgres-init/values.yaml b/charts/postgres-init/values.yaml index b5b7854b7..2c50fd916 100644 --- a/charts/postgres-init/values.yaml +++ b/charts/postgres-init/values.yaml @@ -116,8 +116,6 @@ databases: secret: name: postgres-postgresql key: postgresql-password - dbuser: - password: "" dml: 1 mosip_kernel: