From 6b7f362dc5346b1198ac22dc30babdd11d3b44b1 Mon Sep 17 00:00:00 2001
From: saladgg <saladguyo60@gmail.com>
Date: Tue, 12 Sep 2023 17:11:18 +0300
Subject: [PATCH] chore: consolidate environment variables

---
 .gitignore                                  |  1 +
 cloudbuild.yaml                             |  4 +++
 deploy/templates/pg-bouncer/deployment.yaml | 29 +++++++++++++++++++++
 deploy/values.yaml                          |  1 +
 4 files changed, 35 insertions(+)

diff --git a/.gitignore b/.gitignore
index 7035ddb..7dfd538 100644
--- a/.gitignore
+++ b/.gitignore
@@ -305,3 +305,4 @@ media/
 local.sh
 secrets/*
 cloud_sql_proxy
+deploy_copy
diff --git a/cloudbuild.yaml b/cloudbuild.yaml
index 68a055a..7900fb4 100644
--- a/cloudbuild.yaml
+++ b/cloudbuild.yaml
@@ -95,6 +95,8 @@ steps:
       - --values
       - values.yaml
       - --set
+      - project_id=$PROJECT_ID
+      - --set
       - namespace=${_NAMESPACE}
       - --set
       - django.image.repository=${_IMAGE_NAME}
@@ -132,6 +134,8 @@ steps:
       - --values
       - values.yaml
       - --set
+      - project_id=$PROJECT_ID
+      - --set
       - namespace=${_NAMESPACE}
       - --set
       - django.image.repository=${_IMAGE_NAME}
diff --git a/deploy/templates/pg-bouncer/deployment.yaml b/deploy/templates/pg-bouncer/deployment.yaml
index d5a3c0c..09dddb7 100644
--- a/deploy/templates/pg-bouncer/deployment.yaml
+++ b/deploy/templates/pg-bouncer/deployment.yaml
@@ -22,6 +22,7 @@ spec:
             - configMapRef:
                 name: {{ .Values.pg_bouncer.app_name }}-db-config
           volumeMounts:
+            # mountPath should be the same as `auth_file` in `pgb_configmap.yml`
             - name: user-config
               mountPath: /bitnami/pgbouncer/conf/userlist.txt
               subPath: userlist.txt
@@ -41,6 +42,30 @@ spec:
             - name: sa-secret-vol
               mountPath: /secrets/service_account_secrets
               readOnly: true
+
+        - name: configmap-populator
+          image: google/cloud-sdk:446.0.0-alpine
+          env:
+            - name: GCP_PROJECT
+              value: {{ .Values.project_id }}
+          command: ["sh", "-c"]
+          args:
+            - |
+              gcloud auth activate-service-account --key-file=/secrets/service_account_secrets/service_account.json &&
+              export CONN_MAX_AGE=$(gcloud secrets versions access latest --secret="idr_server_k8ts_test_settings" --project={{ .Values.project_id }}) &&
+              export COMPRESS_ENABLED=$(gcloud secrets versions access latest --secret="idr_server_k8ts_test_settings" --project={{ .Values.project_id }}) &&
+              export DJANGO_ACCOUNT_ALLOW_REGISTRATION=$(gcloud secrets versions access latest --secret="idr_server_k8ts_test_settings" --project={{ .Values.project_id }}) &&
+              export DJANGO_ADMIN_URL=$(gcloud secrets versions access latest --secret="idr_server_k8ts_test_settings" --project={{ .Values.project_id }}) &&
+              kubectl create configmap fake-config-map \
+              --from-literal=CONN_MAX_AGE="$CONN_MAX_AGE" \
+              --from-literal=COMPRESS_ENABLED="$COMPRESS_ENABLED" \
+              --from-literal=DJANGO_ACCOUNT_ALLOW_REGISTRATION="$DJANGO_ACCOUNT_ALLOW_REGISTRATION" \
+              --from-literal=DJANGO_ADMIN_URL="$DJANGO_ADMIN_URL"
+          volumeMounts:
+            - name: test-secrets
+              mountPath: /secrets/test_secrets
+              readOnly: true
+
       volumes:
         - name: user-config
           configMap:
@@ -53,3 +78,7 @@ spec:
         - name: sa-secret-vol
           secret:
             secretName: {{ .Values.namespace }}-sa-secrets
+
+        - name: test-secrets
+          configMap:
+            name: gcp-secret
diff --git a/deploy/values.yaml b/deploy/values.yaml
index 5e66c1f..04bd040 100644
--- a/deploy/values.yaml
+++ b/deploy/values.yaml
@@ -1,4 +1,5 @@
 namespace: cluster_namespace
+project_id: fyj
 
 django:
   app_name: django