Skip to content

Commit

Permalink
External database password now managed as secret
Browse files Browse the repository at this point in the history
  • Loading branch information
wtripp180901 committed Aug 29, 2023
1 parent 5a98be5 commit 7f8a25d
Show file tree
Hide file tree
Showing 4 changed files with 13 additions and 11 deletions.
11 changes: 2 additions & 9 deletions slurm-cluster-chart/templates/database-auth-secret.yaml
Original file line number Diff line number Diff line change
@@ -1,18 +1,11 @@
{{ if not .Values.databaseConnection.passwordSecretName }}

apiVersion: v1
kind: Secret
metadata:
name: database-auth-secret
{{ if not .Values.databaseConnection.password }}
annotations:
helm.sh/hook: pre-install
{{ end }}

{{ if .Values.databaseConnection.password }}

stringData:
password: {{ .Values.databaseConnection.password }}

{{ else }}

data:
password: {{ randAlphaNum 32 | b64enc }}
Expand Down
4 changes: 4 additions & 0 deletions slurm-cluster-chart/templates/mysql-deployment.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,11 @@ spec:
- name: MYSQL_PASSWORD
valueFrom:
secretKeyRef:
{{ if .Values.database.passwordSecretName }}
name: {{ .Values.database.passwordSecretName }}
{{ else }}
name: database-auth-secret
{{ end }}
key: password
- name: MYSQL_RANDOM_ROOT_PASSWORD
value: "yes"
Expand Down
4 changes: 4 additions & 0 deletions slurm-cluster-chart/templates/slurmdbd-deployment.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -44,7 +44,11 @@ spec:
- name: StoragePass
valueFrom:
secretKeyRef:
{{ if .Values.database.passwordSecretName }}
name: {{ .Values.database.passwordSecretName }}
{{ else }}
name: database-auth-secret
{{ end }}
key: password
hostname: slurmdbd
restartPolicy: Always
Expand Down
5 changes: 3 additions & 2 deletions slurm-cluster-chart/values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -72,8 +72,9 @@ databaseConnection:
# If using the internal database, changing this field will have no effect
# If using the external database, this user must exist on it
user: slurm
# Password for database user. If left as nil, one will be randomly generated (recommended for internal database)
password:
# Name of secret containing database password. Secret should contain a 'password' key. If left as nil, a secret will be created
# automatically with a randomly generated password (recommended for internal database)
passwordSecretName:

# Configmap resource names
configmaps:
Expand Down

0 comments on commit 7f8a25d

Please sign in to comment.