chore: consolidate environment variables

savannahghi · Sep 13, 2023 · 6b7f362 · 6b7f362
1 parent b1aa91d
commit 6b7f362
Show file tree

Hide file tree

Showing 4 changed files with 35 additions and 0 deletions.
diff --git a/.gitignore b/.gitignore
@@ -305,3 +305,4 @@ media/
 local.sh
 secrets/*
 cloud_sql_proxy
+deploy_copy
diff --git a/cloudbuild.yaml b/cloudbuild.yaml
@@ -95,6 +95,8 @@ steps:
       - --values
       - values.yaml
       - --set
+      - project_id=$PROJECT_ID
+      - --set
       - namespace=${_NAMESPACE}
       - --set
       - django.image.repository=${_IMAGE_NAME}
@@ -132,6 +134,8 @@ steps:
       - --values
       - values.yaml
       - --set
+      - project_id=$PROJECT_ID
+      - --set
       - namespace=${_NAMESPACE}
       - --set
       - django.image.repository=${_IMAGE_NAME}

diff --git a/deploy/templates/pg-bouncer/deployment.yaml b/deploy/templates/pg-bouncer/deployment.yaml
@@ -22,6 +22,7 @@ spec:
             - configMapRef:
                 name: {{ .Values.pg_bouncer.app_name }}-db-config
           volumeMounts:
+            # mountPath should be the same as `auth_file` in `pgb_configmap.yml`
             - name: user-config
               mountPath: /bitnami/pgbouncer/conf/userlist.txt
               subPath: userlist.txt
@@ -41,6 +42,30 @@ spec:
             - name: sa-secret-vol
               mountPath: /secrets/service_account_secrets
               readOnly: true
+
+        - name: configmap-populator
+          image: google/cloud-sdk:446.0.0-alpine
+          env:
+            - name: GCP_PROJECT
+              value: {{ .Values.project_id }}
+          command: ["sh", "-c"]
+          args:
+            - |
+              gcloud auth activate-service-account --key-file=/secrets/service_account_secrets/service_account.json &&
+              export CONN_MAX_AGE=$(gcloud secrets versions access latest --secret="idr_server_k8ts_test_settings" --project={{ .Values.project_id }}) &&
+              export COMPRESS_ENABLED=$(gcloud secrets versions access latest --secret="idr_server_k8ts_test_settings" --project={{ .Values.project_id }}) &&
+              export DJANGO_ACCOUNT_ALLOW_REGISTRATION=$(gcloud secrets versions access latest --secret="idr_server_k8ts_test_settings" --project={{ .Values.project_id }}) &&
+              export DJANGO_ADMIN_URL=$(gcloud secrets versions access latest --secret="idr_server_k8ts_test_settings" --project={{ .Values.project_id }}) &&
+              kubectl create configmap fake-config-map \
+              --from-literal=CONN_MAX_AGE="$CONN_MAX_AGE" \
+              --from-literal=COMPRESS_ENABLED="$COMPRESS_ENABLED" \
+              --from-literal=DJANGO_ACCOUNT_ALLOW_REGISTRATION="$DJANGO_ACCOUNT_ALLOW_REGISTRATION" \
+              --from-literal=DJANGO_ADMIN_URL="$DJANGO_ADMIN_URL"
+          volumeMounts:
+            - name: test-secrets
+              mountPath: /secrets/test_secrets
+              readOnly: true
+
       volumes:
         - name: user-config
           configMap:
@@ -53,3 +78,7 @@ spec:
         - name: sa-secret-vol
           secret:
             secretName: {{ .Values.namespace }}-sa-secrets
+
+        - name: test-secrets
+          configMap:
+            name: gcp-secret
diff --git a/deploy/values.yaml b/deploy/values.yaml
@@ -1,4 +1,5 @@
 namespace: cluster_namespace
+project_id: fyj
 
 django:
   app_name: django