Merge pull request #65 from akash4sh/main

config: Add user and db creation in external postgresql

charts/quality-trace/Chart.yaml

@@ -11,4 +11,4 @@ name: quality-trace
 sources:
 - https://github.com/kubeshop/helm-charts/tree/main/charts
 type: application
-version: 1.0.4
+version: 1.0.5

charts/quality-trace/templates/configmap-db.yaml

@@ -9,14 +9,12 @@ metadata:
     "helm.sh/hook-delete-policy": before-hook-creation
 data:
   create-database.sql: |
-    SELECT 'CREATE DATABASE {{ .Values.externalPostgresql.database }}'
-    WHERE NOT EXISTS (SELECT FROM pg_database WHERE datname='{{ .Values.externalPostgresql.database }}')\gexec
-
-    SELECT 'CREATE USER {{ .Values.externalPostgresql.username }} WITH PASSWORD ''{{ .Values.externalPostgresql.password }}'''
-    WHERE NOT EXISTS (SELECT 1 FROM pg_roles WHERE rolname='{{ .Values.externalPostgresql.username }}')\gexec
-
-    ALTER DATABASE {{ .Values.externalPostgresql.database }} OWNER TO {{ .Values.externalPostgresql.username }};
-
-    ALTER ROLE {{ .Values.externalPostgresql.username }} CREATEDB;
+    SELECT 'CREATE DATABASE {{ .Values.externalPostgresql.qualitytrace.database }}'
+    WHERE NOT EXISTS (SELECT FROM pg_database WHERE datname='{{ .Values.externalPostgresql.qualitytrace.database }}')\gexec
 
+    SELECT 'CREATE USER {{ .Values.externalPostgresql.qualitytrace.username }} WITH PASSWORD ''' || :'db_password' || ''''
+    WHERE NOT EXISTS (SELECT 1 FROM pg_roles WHERE rolname='{{ .Values.externalPostgresql.qualitytrace.username }}')\gexec
+    
+    ALTER DATABASE {{ .Values.externalPostgresql.qualitytrace.database }} OWNER TO {{ .Values.externalPostgresql.qualitytrace.username }};
+    ALTER ROLE {{ .Values.externalPostgresql.qualitytrace.username }} CREATEDB;
 {{- end }}

charts/quality-trace/templates/configmap.yaml

@@ -17,8 +17,12 @@ data:
       password: {{.Values.postgresql.auth.password}}
     {{- else }}
       host: {{ .Values.externalPostgresql.host }}
-      user: {{ .Values.externalPostgresql.username }}
-      password: {{ .Values.externalPostgresql.password }}
+      user: {{ .Values.externalPostgresql.qualitytrace.username }}
+      {{- if not .Values.externalPostgresql.qualitytrace.existingSecret }}
+      password: {{ .Values.externalPostgresql.qualitytrace.password }}
+      {{- else }}
+      password: 'db_password'
+      {{- end }}
     {{- end }}
       port: 5432
       params: sslmode=disable

charts/quality-trace/templates/job.yaml → charts/quality-trace/templates/create-user-db-job.yaml

@@ -2,15 +2,15 @@
 apiVersion: batch/v1
 kind: Job
 metadata:
-  name: create-users-databases
+  name: create-user-database
   annotations:
     "helm.sh/hook": pre-install
     "helm.sh/hook-weight": "2"
     "helm.sh/hook-delete-policy": hook-succeeded
 spec:
   template:
     metadata:
-      name: create-users-databases
+      name: create-user-database
     spec:
       containers:
       - name: postgresql-client
@@ -19,8 +19,7 @@ spec:
           - "/bin/bash"
           - "-c"
           - |
-            psql -h {{ .Values.externalPostgresql.host }} -p 5432 -U postgres -f /scripts/create-database.sql
-
+            psql -h {{ .Values.externalPostgresql.host }} -p 5432 -U postgres -v db_password=$DB_PASSWORD -f /script/create-database.sql
         env:
           - name: PGPASSWORD
             {{- if not .Values.externalPostgresql.existingSecret }}
@@ -31,9 +30,18 @@ spec:
                 name: {{ .Values.externalPostgresql.existingSecret.name }}
                 key: {{ .Values.externalPostgresql.existingSecret.passwordKey }}
             {{- end }}
+          - name: DB_PASSWORD
+            {{- if not .Values.externalPostgresql.qualitytrace.existingSecret }}
+            value: "{{ .Values.externalPostgresql.qualitytrace.password }}"
+            {{- else }}
+            valueFrom:
+              secretKeyRef:
+                name: {{ .Values.externalPostgresql.qualitytrace.existingSecret.name }}
+                key: {{ .Values.externalPostgresql.qualitytrace.existingSecret.passwordKey }}
+            {{- end }}
         volumeMounts:
           - name: script-volume
-            mountPath: /scripts
+            mountPath: /script
             readOnly: true
       restartPolicy: Never
       volumes:
@@ -42,4 +50,3 @@ spec:
             name: postgresql-query
 {{- end }}
 
-

charts/quality-trace/templates/deployment.yaml

@@ -33,13 +33,30 @@ spec:
             {{- toYaml .Values.securityContext | nindent 12 }}
           image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
           env:
-          - name: TRACETEST_DEV
+          {{- if and (not .Values.postgresql.enabled) (.Values.externalPostgresql.qualitytrace.existingSecret) }}
+          - name: DB_PASSWORD
+            valueFrom:
+              secretKeyRef:
+                name: {{ .Values.externalPostgresql.qualitytrace.existingSecret.name }}
+                key: {{ .Values.externalPostgresql.qualitytrace.existingSecret.passwordKey }}
+          {{- end }}
+          - name: TRACETEST_DEV 
             value: "{{ .Values.env.tracetestDev }}"
+          {{- if and (not .Values.postgresql.enabled) (.Values.externalPostgresql.qualitytrace.existingSecret) }}
+          command:
+            - sh
+            - -c
+            - |
+              cp /app/config/config.yaml /processed-config/
+              sed -i 's/db_password/'"$DB_PASSWORD"'/g' /processed-config/config.yaml
+              /app/quality-trace-server serve --config /processed-config/config.yaml --provisioning-file /app/config/provisioning.yaml
+          {{- else }}
           args:
-          - --config
-          - '/app/config/config.yaml'
-          - --provisioning-file
-          - '/app/config/provisioning.yaml'
+          - "--config"
+          - "/app/config/config.yaml"
+          - "--provisioning-file"
+          - "/app/config/provisioning.yaml"
+          {{- end }}
           imagePullPolicy: {{ .Values.image.pullPolicy }}
           ports:
             - name: http
@@ -64,10 +81,18 @@ spec:
           volumeMounts:
           - name: config
             mountPath: /app/config
+          {{- if and (not .Values.postgresql.enabled) (.Values.externalPostgresql.qualitytrace.existingSecret) }}
+          - name: processed-config-volume
+            mountPath: /processed-config
+          {{- end}}
       volumes:
       - name: config
         configMap:
           name: {{ include "tracetest.fullname" . }}
+      {{- if and (not .Values.postgresql.enabled) (.Values.externalPostgresql.qualitytrace.existingSecret) }}
+      - name: processed-config-volume
+        emptyDir: {}
+      {{- end}}
       {{- with .Values.nodeSelector }}
       nodeSelector:
         {{- toYaml . | nindent 8 }}

charts/quality-trace/values.yaml

@@ -185,8 +185,8 @@ affinity: {}
 otelCollector:
   name: "otel-collector"
   image:
-    repository: otel/opentelemetry-collector-contrib
-    tag: 0.70.0
+    repository: ghcr.io/kube-tarian/helmrepo-supporting-tools/opentelemetry-collector-contrib
+    tag: 0.79.0
     pullPolicy: Always
 
   # -- Image Registry Secret Names for OtelCollector
@@ -358,10 +358,20 @@ otelCollector:
 
 externalPostgresql:
   host: postgresql
-  database: ""
-  username: ""
-  password: ""
+  # password for accessing the postgres user. Ignored if existingSecret is set
   postgresqlPassword: ""
+  # -- Name and key of an existing Kubernetes secret object containing the password
   existingSecret: {}
-    # name:
-    # passwordKey:
+    # name:      
+    # passwordKey:  
+
+  # User and database creation 
+  qualitytrace:
+    database: "tracetest"
+    username: "tracetest"
+    # password for accessing the database. Ignored if existingSecret is set
+    password: ""   
+    # -- Name and key of an existing Kubernetes secret object containing the password
+    existingSecret: {}
+      # name: 
+      # passwordKey: