forked from percona/percona-server-mongodb-operator
-
Notifications
You must be signed in to change notification settings - Fork 0
/
secrets.go
66 lines (60 loc) · 1.9 KB
/
secrets.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
package perconaservermongodb
import (
"context"
"fmt"
api "github.com/percona/percona-server-mongodb-operator/pkg/apis/psmdb/v1"
"github.com/percona/percona-server-mongodb-operator/pkg/psmdb/secret"
corev1 "k8s.io/api/core/v1"
"k8s.io/apimachinery/pkg/api/errors"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
"k8s.io/apimachinery/pkg/types"
)
func (r *ReconcilePerconaServerMongoDB) reconcileUsersSecret(cr *api.PerconaServerMongoDB) error {
secretObj := corev1.Secret{}
err := r.client.Get(context.TODO(),
types.NamespacedName{
Namespace: cr.Namespace,
Name: cr.Spec.Secrets.Users,
},
&secretObj,
)
if err == nil {
return nil
} else if !errors.IsNotFound(err) {
return fmt.Errorf("get users secret: %v", err)
}
data := make(map[string][]byte)
data["MONGODB_BACKUP_USER"] = []byte("backup")
data["MONGODB_BACKUP_PASSWORD"], err = secret.GeneratePassword()
if err != nil {
return fmt.Errorf("create backup users pass: %v", err)
}
data["MONGODB_CLUSTER_ADMIN_USER"] = []byte("clusterAdmin")
data["MONGODB_CLUSTER_ADMIN_PASSWORD"], err = secret.GeneratePassword()
if err != nil {
return fmt.Errorf("create cluster admin users pass: %v", err)
}
data["MONGODB_CLUSTER_MONITOR_USER"] = []byte("clusterMonitor")
data["MONGODB_CLUSTER_MONITOR_PASSWORD"], err = secret.GeneratePassword()
if err != nil {
return fmt.Errorf("create cluster monitor users pass: %v", err)
}
data["MONGODB_USER_ADMIN_USER"] = []byte("userAdmin")
data["MONGODB_USER_ADMIN_PASSWORD"], err = secret.GeneratePassword()
if err != nil {
return fmt.Errorf("create admin users pass: %v", err)
}
secretObj = corev1.Secret{
ObjectMeta: metav1.ObjectMeta{
Name: cr.Spec.Secrets.Users,
Namespace: cr.Namespace,
},
Data: data,
Type: corev1.SecretTypeOpaque,
}
err = r.client.Create(context.TODO(), &secretObj)
if err != nil {
return fmt.Errorf("create Users secret: %v", err)
}
return nil
}