allow uuid being created and managed by kubernetes

We utilize Helm's `lookup` command to store a generated `uuid` in an "internal" secret in Kubernetes. This allows generating the `uuid`, making it persistent, and notifying the user (in `NOTES.txt`) that this auto-generation happened. We also tell the user how to disable the message by making that value persistent in values. close #39
apache · Dec 12, 2022 · 8649cd3 · 8649cd3
1 parent 814dd34
commit 8649cd3
Show file tree

Hide file tree

Showing 3 changed files with 43 additions and 3 deletions.
diff --git a/couchdb/templates/NOTES.txt b/couchdb/templates/NOTES.txt
@@ -30,3 +30,14 @@ NOTE: You are using an auto-generated value for the Erlang Cookie
 kubectl -n {{ $.Release.Namespace }} get secret {{ include "couchdb.fullname" . }} --template='{{print "{{" }}index .data "erlangCookie" | base64decode{{ print "}}" }}'
 ```
 {{- end }}
+
+{{- $uuidVar := index (.Values.couchdbConfig.couchdb | default dict) "uuid" -}}
+{{- if (empty $uuidVar) }}
+NOTE: You are using an auto-generated value for the Couch DB UUID
+  - We recommend making this value persistent by setting it in: `couchdbConfig.couchdb.uuid`
+  - Changing this value can cause problems for the Couch DB installation
+  - You can get the current value with:
+```
+kubectl -n {{ $.Release.Namespace }} get secret {{ include "couchdb.fullname" . }}-internal --template='{{print "{{" }}index .data "uuid" | base64decode{{ print "}}" }}'
+```
+{{- end }}
diff --git a/couchdb/templates/_helpers.tpl b/couchdb/templates/_helpers.tpl
@@ -97,8 +97,24 @@ If serviceAccount.name is specified, use that, else use the couchdb instance nam
 {{- end -}}
 
 {{/*
-Fail if couchdbConfig.couchdb.uuid is undefined
+    If couchdb UUID value is undefined:
+      - if the configmap already exists, look it up
+      - if not found or "dangerRegenerateAutomatedValues" is set, generate it
+        - otherwise use the previous value
+    Otherwise use what is defined in the chart
+
+    Also warn in NOTES.txt if this value is not persistent
 */}}
 {{- define "couchdb.uuid" -}}
-{{- required "A value for couchdbConfig.couchdb.uuid must be set" (.Values.couchdbConfig.couchdb | default dict).uuid -}}
+  {{- $uuidVar := index (.Values.couchdbConfig.couchdb | default dict) "uuid" -}}
+  {{- if (empty $uuidVar) }}
+    {{- $secretName := print (include "couchdb.fullname" .) "-internal" }}
+    {{- $currentSecret := lookup "v1" "Secret" $.Release.Namespace $secretName}}
+    {{- if and $currentSecret (not .Values.dangerRegenerateAutomatedValues ) }}
+      {{- $uuidVar = get $currentSecret.data "uuid" | b64dec }}
+    {{- else }}
+      {{- $uuidVar = uuidv4 -}}
+    {{- end }}
+  {{- end }}
+  {{- print $uuidVar -}}
 {{- end -}}
diff --git a/couchdb/templates/secrets.yaml b/couchdb/templates/secrets.yaml
@@ -18,4 +18,17 @@ data:
 {{- if  .Values.adminHash  }}
   password.ini: {{ tpl (.Files.Get "password.ini") . | b64enc }}
 {{- end -}}
-{{- end -}}
+{{- end }}
+---
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ template "couchdb.fullname" . }}-internal
+  labels:
+    app: {{ template "couchdb.fullname" . }}
+    chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
+    release: "{{ .Release.Name }}"
+    heritage: "{{ .Release.Service }}"
+type: Opaque
+data:
+  uuid: {{- include "couchdb.uuid" . }}