jlengrand/engine
1
0
Fork 0
mirror of https://github.com/jlengrand/engine.git synced 2026-03-10 08:11:21 +00:00
Code Issues Packages Projects Releases Wiki Activity

Revert "chore(ENG_927): use official mysql chart (#704)"

Browse Source 
This reverts commit d589dd420f.
This commit is contained in:
Romain GERARD
2022-05-11 12:40:59 +02:00
parent 5a698f89e1
commit b6e14aadaa
62 changed files with 2048 additions and 4562 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
lib/common/bootstrap/charts/kube-prometheus-stack/values.yaml
View File

@@ -1377,7 +1377,7 @@ prometheusOperator:
# Use certmanager to generate webhook certs # Use certmanager to generate webhook certs
certManager: certManager:
enabled: false enabled: true
# issuerRef: # issuerRef:
# name: "issuer" # name: "issuer"
# kind: "ClusterIssuer" # kind: "ClusterIssuer"

6
lib/common/services/mysql/Chart.lock
View File

@@ -1,6 +0,0 @@
dependencies:
- name: common
repository: https://charts.bitnami.com/bitnami
version: 1.13.1
digest: sha256:1056dac8da880ed967a191e8d9eaf04766f77bda66a5715456d5dd4494a4a942
generated: "2022-04-26T23:27:43.795807925Z"

23
lib/common/services/mysql/Chart.yaml
View File

@@ -1,28 +1,19 @@
annotations: apiVersion: v1
category: Database appVersion: 8.0.20
apiVersion: v2 description: Chart to create a Highly available MySQL cluster
appVersion: 8.0.29 engine: gotpl
dependencies: home: https://mysql.com
- name: common
repository: https://charts.bitnami.com/bitnami
tags:
- bitnami-common
version: 1.x.x
description: MySQL is a fast, reliable, scalable, and easy to use open source relational
database system. Designed to handle mission-critical, heavy-load production applications.
home: https://github.com/bitnami/charts/tree/master/bitnami/mysql
icon: https://bitnami.com/assets/stacks/mysql/img/mysql-stack-220x234.png icon: https://bitnami.com/assets/stacks/mysql/img/mysql-stack-220x234.png
keywords: keywords:
- mysql - mysql
- database - database
- sql - sql
- cluster - cluster
- high availability - high availablity
maintainers: maintainers:
- email: containers@bitnami.com - email: containers@bitnami.com
name: Bitnami name: Bitnami
name: mysql name: mysql
sources: sources:
- https://github.com/bitnami/bitnami-docker-mysql - https://github.com/bitnami/bitnami-docker-mysql
- https://mysql.com version: 6.14.2
version: 8.9.6

560
lib/common/services/mysql/README.md
View File

@@ -1,14 +1,8 @@
<!--- app-name: MySQL --> # MySQL
# MySQL packaged by Bitnami [MySQL](https://mysql.com) is a fast, reliable, scalable, and easy to use open-source relational database system. MySQL Server is intended for mission-critical, heavy-load production systems as well as for embedding into mass-deployed software.
MySQL is a fast, reliable, scalable, and easy to use open source relational database system. Designed to handle mission-critical, heavy-load production applications. ## TL;DR;
[Overview of MySQL](http://www.mysql.com)
Trademarks: This software listing is packaged by Bitnami. The respective trademarks mentioned in the offering are owned by the respective companies, and use of them does not imply any affiliation or endorsement.
## TL;DR
```bash ```bash
$ helm repo add bitnami https://charts.bitnami.com/bitnami $ helm repo add bitnami https://charts.bitnami.com/bitnami
@@ -17,14 +11,14 @@ $ helm install my-release bitnami/mysql
## Introduction ## Introduction
This chart bootstraps a [MySQL](https://github.com/bitnami/bitnami-docker-mysql) replication cluster deployment on a [Kubernetes](https://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. This chart bootstraps a [MySQL](https://github.com/bitnami/bitnami-docker-mysql) replication cluster deployment on a [Kubernetes](http://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager.
Bitnami charts can be used with [Kubeapps](https://kubeapps.com/) for deployment and management of Helm Charts in clusters. This Helm chart has been tested on top of [Bitnami Kubernetes Production Runtime](https://kubeprod.io/) (BKPR). Deploy BKPR to get automated TLS certificates, logging and monitoring for your applications. Bitnami charts can be used with [Kubeapps](https://kubeapps.com/) for deployment and management of Helm Charts in clusters. This Helm chart has been tested on top of [Bitnami Kubernetes Production Runtime](https://kubeprod.io/) (BKPR). Deploy BKPR to get automated TLS certificates, logging and monitoring for your applications.
## Prerequisites ## Prerequisites
- Kubernetes 1.19+ - Kubernetes 1.12+
- Helm 3.2.0+ - Helm 2.12+ or Helm 3.0-beta3+
- PV provisioner support in the underlying infrastructure - PV provisioner support in the underlying infrastructure
## Installing the Chart ## Installing the Chart
@@ -52,292 +46,141 @@ The command removes all the Kubernetes components associated with the chart and
## Parameters ## Parameters
### Global parameters The following tables lists the configurable parameters of the MySQL chart and their default values.
| Parameter | Description | Default | |
| Name | Description | Value | |---------------------------------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-------------------------------------------------------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| ------------------------- | ----------------------------------------------- | ----- | | `global.imageRegistry` | Global Docker image registry | `nil` | |
| `global.imageRegistry` | Global Docker image registry | `""` | | `global.imagePullSecrets` | Global Docker registry secret names as an array | `[]` (does not add image pull secrets to deployed pods) | |
| `global.imagePullSecrets` | Global Docker registry secret names as an array | `[]` | | `global.storageClass` | Global storage class for dynamic provisioning | `nil` | |
| `global.storageClass` | Global StorageClass for Persistent Volume(s) | `""` | | `image.registry` | MySQL image registry | `docker.io` | |
| `image.repository` | MySQL Image name | `bitnami/mysql` | |
| `image.tag` | MySQL Image tag | `{TAG_NAME}` | |
### Common parameters | `image.pullPolicy` | MySQL image pull policy | `IfNotPresent` | |
| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` (does not add image pull secrets to deployed pods) | |
| Name | Description | Value | | `image.debug` | Specify if debug logs should be enabled | `false` | |
| ------------------------ | --------------------------------------------------------------------------------------------------------- | --------------- | | `nameOverride` | String to partially override mysql.fullname template with a string (will prepend the release name) | `nil` | |
| `nameOverride` | String to partially override common.names.fullname template (will maintain the release name) | `""` | | `fullnameOverride` | String to fully override mysql.fullname template with a string | `nil` | |
| `fullnameOverride` | String to fully override common.names.fullname template | `""` | | `clusterDomain` | Kubernetes DNS Domain name to use | `cluster.local` | |
| `clusterDomain` | Cluster domain | `cluster.local` | | `volumePermissions.enabled` | Enable init container that changes volume permissions in the data directory (for cases where the default k8s `runAsUser` and `fsUser` values do not work) | `false` | |
| `commonAnnotations` | Common annotations to add to all MySQL resources (sub-charts are not considered). Evaluated as a template | `{}` | | `volumePermissions.image.registry` | Init container volume-permissions image registry | `docker.io` | |
| `commonLabels` | Common labels to add to all MySQL resources (sub-charts are not considered). Evaluated as a template | `{}` | | `volumePermissions.image.repository` | Init container volume-permissions image name | `bitnami/minideb` | |
| `extraDeploy` | Array with extra yaml to deploy with the chart. Evaluated as a template | `[]` | | `volumePermissions.image.tag` | Init container volume-permissions image tag | `buster` | |
| `schedulerName` | Use an alternate scheduler, e.g. "stork". | `""` | | `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `Always` | |
| `diagnosticMode.enabled` | Enable diagnostic mode (all probes will be disabled and the command will be overridden) | `false` | | `volumePermissions.resources` | Init container resource requests/limit | `nil` | |
| `diagnosticMode.command` | Command to override all containers in the deployment | `["sleep"]` | | `existingSecret` | Specify the name of an existing secret for password details (`root.password`, `db.password`, `replication.password` will be ignored and picked up from this secret). The secret has to contain the keys `mysql-root-password`, `mysql-replication-password` and `mysql-password`. | `nil` | |
| `diagnosticMode.args` | Args to override all containers in the deployment | `["infinity"]` | | `root.password` | Password for the `root` user | _random 10 character alphanumeric string_ | |
| `root.forcePassword` | Force users to specify a password. That is required for 'helm upgrade' to work properly | `false` | |
| `root.injectSecretsAsVolume` | Mount admin user password as a file instead of using an environment variable | `false` | |
### MySQL common parameters | `db.user` | Username of new user to create (should be different from replication.user) | `nil` | |
| `db.password` | Password for the new user | _random 10 character alphanumeric string if `db.user` is defined_ | |
| Name | Description | Value | | `db.name` | Name for new database to create | `my_database` | |
| -------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------- | | `db.forcePassword` | Force users to specify a password. That is required for 'helm upgrade' to work properly | `false` | |
| `image.registry` | MySQL image registry | `docker.io` | | `db.injectSecretsAsVolume` | Mount user password as a file instead of using an environment variable | `false` | |
| `image.repository` | MySQL image repository | `bitnami/mysql` | | `replication.enabled` | MySQL replication enabled | `true` | |
| `image.tag` | MySQL image tag (immutable tags are recommended) | `8.0.29-debian-10-r0` | | `replication.user` | MySQL replication user (should be different from db.user) | `replicator` | |
| `image.pullPolicy` | MySQL image pull policy | `IfNotPresent` | | `replication.password` | MySQL replication user password | _random 10 character alphanumeric string_ | |
| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | | `replication.forcePassword` | Force users to specify a password. That is required for 'helm upgrade' to work properly | `false` | |
| `image.debug` | Specify if debug logs should be enabled | `false` | | `replication.injectSecretsAsVolume` | Mount user password as a file instead of using an environment variable | `false` | |
| `architecture` | MySQL architecture (`standalone` or `replication`) | `standalone` | | `initdbScripts` | Dictionary of initdb scripts | `nil` | |
| `auth.rootPassword` | Password for the `root` user. Ignored if existing secret is provided | `""` | | `initdbScriptsConfigMap` | ConfigMap with the initdb scripts (Note: Overrides `initdbScripts`) | `nil` | |
| `auth.database` | Name for a custom database to create | `my_database` | | `serviceAccount.create` | Specifies whether a ServiceAccount should be created | `true` | |
| `auth.username` | Name for a custom user to create | `""` | | `serviceAccount.name` | If serviceAccount.create is enabled, what should the serviceAccount name be - otherwise defaults to the fullname | `nil` | |
| `auth.password` | Password for the new user. Ignored if existing secret is provided | `""` | | `master.config` | Config file for the MySQL Master server | `_default values in the values.yaml file_` | |
| `auth.replicationUser` | MySQL replication user | `replicator` | | `master.updateStrategy.type` | Master statefulset update strategy policy | `RollingUpdate` | |
| `auth.replicationPassword` | MySQL replication user password. Ignored if existing secret is provided | `""` | | `master.podAnnotations` | Pod annotations for master nodes | `{}` | |
| `auth.existingSecret` | Use existing secret for password details. The secret has to contain the keys `mysql-root-password`, `mysql-replication-password` and `mysql-password` | `""` | | `master.affinity` | Map of node/pod affinities for master nodes | `{}` (The value is evaluated as a template) | |
| `auth.forcePassword` | Force users to specify required passwords | `false` | | `master.nodeSelector` | Node labels for pod assignment on master nodes | `{}` (The value is evaluated as a template) | |
| `auth.usePasswordFiles` | Mount credentials as files instead of using an environment variable | `false` | | `master.tolerations` | Tolerations for pod assignment on master nodes | `[]` (The value is evaluated as a template) | |
| `auth.customPasswordFiles` | Use custom password files when `auth.usePasswordFiles` is set to `true`. Define path for keys `root` and `user`, also define `replicator` if `architecture` is set to `replication` | `{}` | | `master.securityContext.enabled` | Enable security context for master nodes | `true` | |
| `initdbScripts` | Dictionary of initdb scripts | `{}` | | `master.securityContext.fsGroup` | Group ID for the master nodes' containers | `1001` | |
| `initdbScriptsConfigMap` | ConfigMap with the initdb scripts (Note: Overrides `initdbScripts`) | `""` | | `master.securityContext.runAsUser` | User ID for the master nodes' containers | `1001` | |
| `master.containerSecurityContext` | Container security context for master nodes' containers | `{}` | |
| `master.resources` | CPU/Memory resource requests/limits for master nodes' containers | `{}` | |
### MySQL Primary parameters | `master.livenessProbe.enabled` | Turn on and off liveness probe (master nodes) | `true` | |
| `master.livenessProbe.initialDelaySeconds` | Delay before liveness probe is initiated (master nodes) | `120` | |
| Name | Description | Value | | `master.livenessProbe.periodSeconds` | How often to perform the probe (master nodes) | `10` | |
| -------------------------------------------- | --------------------------------------------------------------------------------------------------------------- | ------------------- | | `master.livenessProbe.timeoutSeconds` | When the probe times out (master nodes) | `1` | |
| `primary.command` | Override default container command on MySQL Primary container(s) (useful when using custom images) | `[]` | | `master.livenessProbe.successThreshold` | Minimum consecutive successes for the probe (master nodes) | `1` | |
| `primary.args` | Override default container args on MySQL Primary container(s) (useful when using custom images) | `[]` | | `master.livenessProbe.failureThreshold` | Minimum consecutive failures for the probe (master nodes) | `3` | |
| `primary.hostAliases` | Deployment pod host aliases | `[]` | | `master.readinessProbe.enabled` | Turn on and off readiness probe (master nodes) | `true` | |
| `primary.configuration` | Configure MySQL Primary with a custom my.cnf file | `""` | | `master.readinessProbe.initialDelaySeconds` | Delay before readiness probe is initiated (master nodes) | `30` | |
| `primary.existingConfigmap` | Name of existing ConfigMap with MySQL Primary configuration. | `""` | | `master.readinessProbe.periodSeconds` | How often to perform the probe (master nodes) | `10` | |
| `primary.updateStrategy` | Update strategy type for the MySQL primary statefulset | `RollingUpdate` | | `master.readinessProbe.timeoutSeconds` | When the probe times out (master nodes) | `1` | |
| `primary.rollingUpdatePartition` | Partition update strategy for MySQL Primary statefulset | `""` | | `master.readinessProbe.successThreshold` | Minimum consecutive successes for the probe (master nodes) | `1` | |
| `primary.podAnnotations` | Additional pod annotations for MySQL primary pods | `{}` | | `master.readinessProbe.failureThreshold` | Minimum consecutive failures for the probe (master nodes) | `3` | |
| `primary.podAffinityPreset` | MySQL primary pod affinity preset. Ignored if `primary.affinity` is set. Allowed values: `soft` or `hard` | `""` | | `master.extraEnvVars` | Array containing extra env vars to configure MySQL master replicas | `nil` | |
| `primary.podAntiAffinityPreset` | MySQL primary pod anti-affinity preset. Ignored if `primary.affinity` is set. Allowed values: `soft` or `hard` | `soft` | | `master.extraEnvVarsCM` | Configmap containing extra env vars to configure MySQL master replicas | `nil` | |
| `primary.nodeAffinityPreset.type` | MySQL primary node affinity preset type. Ignored if `primary.affinity` is set. Allowed values: `soft` or `hard` | `""` | | `master.extraEnvVarsSecret` | Secret containing extra env vars to configure MySQL master replicas | `nil` | |
| `primary.nodeAffinityPreset.key` | MySQL primary node label key to match Ignored if `primary.affinity` is set. | `""` | | `master.persistence.enabled` | Enable persistence using a `PersistentVolumeClaim` (master nodes) | `true` | |
| `primary.nodeAffinityPreset.values` | MySQL primary node label values to match. Ignored if `primary.affinity` is set. | `[]` | | `master.persistence.mountPath` | Configure `PersistentVolumeClaim` mount path (master nodes) | `/bitnami/mysql` | |
| `primary.affinity` | Affinity for MySQL primary pods assignment | `{}` | | `master.persistence.annotations` | Persistent Volume Claim annotations (master nodes) | `{}` | |
| `primary.nodeSelector` | Node labels for MySQL primary pods assignment | `{}` | | `master.persistence.storageClass` | Persistent Volume Storage Class (master nodes) | `` | |
| `primary.tolerations` | Tolerations for MySQL primary pods assignment | `[]` | | `master.persistence.accessModes` | Persistent Volume Access Modes (master nodes) | `[ReadWriteOnce]` | |
| `primary.podSecurityContext.enabled` | Enable security context for MySQL primary pods | `true` | | `master.persistence.size` | Persistent Volume Size (master nodes) | `8Gi` | |
| `primary.podSecurityContext.fsGroup` | Group ID for the mounted volumes' filesystem | `1001` | | `master.persistence.existingClaim` | Provide an existing `PersistentVolumeClaim` (master nodes) | `nil` | |
| `primary.containerSecurityContext.enabled` | MySQL primary container securityContext | `true` | | `slave.replicas` | Desired number of slave replicas | `1` | |
| `primary.containerSecurityContext.runAsUser` | User ID for the MySQL primary container | `1001` | | `slave.updateStrategy.type` | Slave statefulset update strategy policy | `RollingUpdate` | |
| `primary.resources.limits` | The resources limits for MySQL primary containers | `{}` | | `slave.podAnnotations` | Pod annotations for slave nodes | `{}` | |
| `primary.resources.requests` | The requested resources for MySQL primary containers | `{}` | | `slave.affinity` | Map of node/pod affinities for slave nodes | `{}` (The value is evaluated as a template) | |
| `primary.livenessProbe.enabled` | Enable livenessProbe | `true` | | `slave.nodeSelector` | Node labels for pod assignment on slave nodes | `{}` (The value is evaluated as a template) | |
| `primary.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `5` | | `slave.tolerations` | Tolerations for pod assignment on slave nodes | `[]` (The value is evaluated as a template) | |
| `primary.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | | `slave.extraEnvVars` | Array containing extra env vars to configure MySQL slave replicas | `nil` | |
| `primary.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `1` | | `slave.extraEnvVarsCM` | ConfigMap containing extra env vars to configure MySQL slave replicas | `nil` | |
| `primary.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `3` | | `slave.extraEnvVarsSecret` | Secret containing extra env vars to configure MySQL slave replicas | `nil` | |
| `primary.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | | `slave.securityContext.enabled` | Enable security context for slave nodes | `true` | |
| `primary.readinessProbe.enabled` | Enable readinessProbe | `true` | | `slave.securityContext.fsGroup` | Group ID for the slave nodes' containers | `1001` | |
| `primary.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `5` | | `slave.securityContext.runAsUser` | User ID for the slave nodes' containers | `1001` | |
| `primary.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | | `slave.containerSecurityContext` | Container security context for slave nodes' containers | `{}` | |
| `primary.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `1` | | `slave.resources` | CPU/Memory resource requests/limits for slave nodes' containers | `{}` | |
| `primary.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `3` | | `slave.livenessProbe.enabled` | Turn on and off liveness probe (slave nodes) | `true` | |
| `primary.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | | `slave.livenessProbe.initialDelaySeconds` | Delay before liveness probe is initiated (slave nodes) | `120` | |
| `primary.startupProbe.enabled` | Enable startupProbe | `true` | | `slave.livenessProbe.periodSeconds` | How often to perform the probe (slave nodes) | `10` | |
| `primary.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `15` | | `slave.livenessProbe.timeoutSeconds` | When the probe times out (slave nodes) | `1` | |
| `primary.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | | `slave.livenessProbe.successThreshold` | Minimum consecutive successes for the probe (slave nodes) | `1` | |
| `primary.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `1` | | `slave.livenessProbe.failureThreshold` | Minimum consecutive failures for the probe (slave nodes) | `3` | |
| `primary.startupProbe.failureThreshold` | Failure threshold for startupProbe | `10` | | `slave.readinessProbe.enabled` | Turn on and off readiness probe (slave nodes) | `true` | |
| `primary.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | | `slave.readinessProbe.initialDelaySeconds` | Delay before readiness probe is initiated (slave nodes) | `30` | |
| `primary.customLivenessProbe` | Override default liveness probe for MySQL primary containers | `{}` | | `slave.readinessProbe.periodSeconds` | How often to perform the probe (slave nodes) | `10` | |
| `primary.customReadinessProbe` | Override default readiness probe for MySQL primary containers | `{}` | | `slave.readinessProbe.timeoutSeconds` | When the probe times out (slave nodes) | `1` | |
| `primary.customStartupProbe` | Override default startup probe for MySQL primary containers | `{}` | | `slave.readinessProbe.successThreshold` | Minimum consecutive successes for the probe (slave nodes) | `1` | |
| `primary.extraFlags` | MySQL primary additional command line flags | `""` | | `slave.readinessProbe.failureThreshold` | Minimum consecutive failures for the probe (slave nodes) | `3` | |
| `primary.extraEnvVars` | Extra environment variables to be set on MySQL primary containers | `[]` | | `slave.persistence.enabled` | Enable persistence using a `PersistentVolumeClaim` (slave nodes) | `true` | |
| `primary.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for MySQL primary containers | `""` | | `slave.persistence.mountPath` | Configure `PersistentVolumeClaim` mount path (slave nodes) | `/bitnami/mysql` | |
| `primary.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for MySQL primary containers | `""` | | `slave.persistence.annotations` | Persistent Volume Claim annotations (slave nodes) | `{}` | |
| `primary.persistence.enabled` | Enable persistence on MySQL primary replicas using a `PersistentVolumeClaim`. If false, use emptyDir | `true` | | `slave.persistence.storageClass` | Persistent Volume Storage Class (slave nodes) | `` | |
| `primary.persistence.existingClaim` | Name of an existing `PersistentVolumeClaim` for MySQL primary replicas | `""` | | `slave.persistence.accessModes` | Persistent Volume Access Modes (slave nodes) | `[ReadWriteOnce]` | |
| `primary.persistence.storageClass` | MySQL primary persistent volume storage Class | `""` | | `slave.persistence.size` | Persistent Volume Size (slave nodes) | `8Gi` | |
| `primary.persistence.annotations` | MySQL primary persistent volume claim annotations | `{}` | | `slave.persistence.existingClaim` | Provide an existing `PersistentVolumeClaim` (slave nodes) | `nil` | |
| `primary.persistence.accessModes` | MySQL primary persistent volume access Modes | `["ReadWriteOnce"]` | | `service.type` | Kubernetes service type | `ClusterIP` | |
| `primary.persistence.size` | MySQL primary persistent volume size | `8Gi` | | `service.port` | MySQL service port | `3306` | |
| `primary.persistence.selector` | Selector to match an existing Persistent Volume | `{}` | | `service.nodePort.master` | Port to bind to for NodePort service type (master service) | `nil` | |
| `primary.extraVolumes` | Optionally specify extra list of additional volumes to the MySQL Primary pod(s) | `[]` | | `service.nodePort.slave` | Port to bind to for NodePort service type (slave service) | `nil` | |
| `primary.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the MySQL Primary container(s) | `[]` | | `service.loadBalancerIP.master` | Static IP Address to use for master LoadBalancer service type | `nil` | |
| `primary.initContainers` | Add additional init containers for the MySQL Primary pod(s) | `[]` | | `service.loadBalancerIP.slave` | Static IP Address to use for slaves LoadBalancer service type | `nil` | |
| `primary.sidecars` | Add additional sidecar containers for the MySQL Primary pod(s) | `[]` | | `service.annotations` | Kubernetes service annotations | `{}` | |
| `primary.service.type` | MySQL Primary K8s service type | `ClusterIP` | | `metrics.enabled` | Start a side-car prometheus exporter | `false` | |
| `primary.service.port` | MySQL Primary K8s service port | `3306` | | `metrics.image` | Exporter image name | `bitnami/mysqld-exporter` | |
| `primary.service.nodePort` | MySQL Primary K8s service node port | `""` | | `metrics.imageTag` | Exporter image tag | `{TAG_NAME}` | |
| `primary.service.clusterIP` | MySQL Primary K8s service clusterIP IP | `""` | | `metrics.imagePullPolicy` | Exporter image pull policy | `IfNotPresent` | |
| `primary.service.loadBalancerIP` | MySQL Primary loadBalancerIP if service type is `LoadBalancer` | `""` | | `metrics.resources` | Exporter resource requests/limit | `nil` | |
| `primary.service.externalTrafficPolicy` | Enable client source IP preservation | `Cluster` | | `metrics.service.type` | Kubernetes service type for MySQL Prometheus Exporter | `ClusterIP` | |
| `primary.service.loadBalancerSourceRanges` | Addresses that are allowed when MySQL Primary service is LoadBalancer | `[]` | | `metrics.service.port` | MySQL Prometheus Exporter service port | `9104` | |
| `primary.service.annotations` | Provide any additional annotations which may be required | `{}` | | `metrics.service.annotations` | Prometheus exporter svc annotations | `{prometheus.io/scrape: "true", prometheus.io/port: "9104"}` | |
| `primary.pdb.enabled` | Enable/disable a Pod Disruption Budget creation for MySQL primary pods | `false` | | `metrics.serviceMonitor.enabled` | if `true`, creates a Prometheus Operator ServiceMonitor (also requires `metrics.enabled` to be `true`) | `false` | |
| `primary.pdb.minAvailable` | Minimum number/percentage of MySQL primary pods that should remain scheduled | `1` | | `metrics.serviceMonitor.namespace` | Optional namespace which Prometheus is running in | `nil` | |
| `primary.pdb.maxUnavailable` | Maximum number/percentage of MySQL primary pods that may be made unavailable | `""` | | `metrics.serviceMonitor.interval` | How frequently to scrape metrics (use by default, falling back to Prometheus' default) | `nil` | |
| `primary.podLabels` | MySQL Primary pod label. If labels are same as commonLabels , this will take precedence | `{}` | | `metrics.serviceMonitor.selector` | Default to kube-prometheus install (CoreOS recommended), but should be set according to Prometheus install | `nil` | The above parameters map to the env variables defined in [bitnami/mysql](http://github.com/bitnami/bitnami-docker-mysql). For more information please refer to the [bitnami/mysql](http://github.com/bitnami/bitnami-docker-mysql) image documentation. |
### MySQL Secondary parameters
| Name | Description | Value |
| ---------------------------------------------- | ------------------------------------------------------------------------------------------------------------------- | ------------------- |
| `secondary.replicaCount` | Number of MySQL secondary replicas | `1` |
| `secondary.hostAliases` | Deployment pod host aliases | `[]` |
| `secondary.command` | Override default container command on MySQL Secondary container(s) (useful when using custom images) | `[]` |
| `secondary.args` | Override default container args on MySQL Secondary container(s) (useful when using custom images) | `[]` |
| `secondary.configuration` | Configure MySQL Secondary with a custom my.cnf file | `""` |
| `secondary.existingConfigmap` | Name of existing ConfigMap with MySQL Secondary configuration. | `""` |
| `secondary.updateStrategy` | Update strategy type for the MySQL secondary statefulset | `RollingUpdate` |
| `secondary.rollingUpdatePartition` | Partition update strategy for MySQL Secondary statefulset | `""` |
| `secondary.podAnnotations` | Additional pod annotations for MySQL secondary pods | `{}` |
| `secondary.podAffinityPreset` | MySQL secondary pod affinity preset. Ignored if `secondary.affinity` is set. Allowed values: `soft` or `hard` | `""` |
| `secondary.podAntiAffinityPreset` | MySQL secondary pod anti-affinity preset. Ignored if `secondary.affinity` is set. Allowed values: `soft` or `hard` | `soft` |
| `secondary.nodeAffinityPreset.type` | MySQL secondary node affinity preset type. Ignored if `secondary.affinity` is set. Allowed values: `soft` or `hard` | `""` |
| `secondary.nodeAffinityPreset.key` | MySQL secondary node label key to match Ignored if `secondary.affinity` is set. | `""` |
| `secondary.nodeAffinityPreset.values` | MySQL secondary node label values to match. Ignored if `secondary.affinity` is set. | `[]` |
| `secondary.affinity` | Affinity for MySQL secondary pods assignment | `{}` |
| `secondary.nodeSelector` | Node labels for MySQL secondary pods assignment | `{}` |
| `secondary.tolerations` | Tolerations for MySQL secondary pods assignment | `[]` |
| `secondary.podSecurityContext.enabled` | Enable security context for MySQL secondary pods | `true` |
| `secondary.podSecurityContext.fsGroup` | Group ID for the mounted volumes' filesystem | `1001` |
| `secondary.containerSecurityContext.enabled` | MySQL secondary container securityContext | `true` |
| `secondary.containerSecurityContext.runAsUser` | User ID for the MySQL secondary container | `1001` |
| `secondary.resources.limits` | The resources limits for MySQL secondary containers | `{}` |
| `secondary.resources.requests` | The requested resources for MySQL secondary containers | `{}` |
| `secondary.livenessProbe.enabled` | Enable livenessProbe | `true` |
| `secondary.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `5` |
| `secondary.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` |
| `secondary.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `1` |
| `secondary.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `3` |
| `secondary.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` |
| `secondary.readinessProbe.enabled` | Enable readinessProbe | `true` |
| `secondary.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `5` |
| `secondary.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` |
| `secondary.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `1` |
| `secondary.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `3` |
| `secondary.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` |
| `secondary.startupProbe.enabled` | Enable startupProbe | `true` |
| `secondary.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `15` |
| `secondary.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` |
| `secondary.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `1` |
| `secondary.startupProbe.failureThreshold` | Failure threshold for startupProbe | `15` |
| `secondary.startupProbe.successThreshold` | Success threshold for startupProbe | `1` |
| `secondary.customLivenessProbe` | Override default liveness probe for MySQL secondary containers | `{}` |
| `secondary.customReadinessProbe` | Override default readiness probe for MySQL secondary containers | `{}` |
| `secondary.customStartupProbe` | Override default startup probe for MySQL secondary containers | `{}` |
| `secondary.extraFlags` | MySQL secondary additional command line flags | `""` |
| `secondary.extraEnvVars` | An array to add extra environment variables on MySQL secondary containers | `[]` |
| `secondary.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for MySQL secondary containers | `""` |
| `secondary.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for MySQL secondary containers | `""` |
| `secondary.persistence.enabled` | Enable persistence on MySQL secondary replicas using a `PersistentVolumeClaim` | `true` |
| `secondary.persistence.storageClass` | MySQL secondary persistent volume storage Class | `""` |
| `secondary.persistence.annotations` | MySQL secondary persistent volume claim annotations | `{}` |
| `secondary.persistence.accessModes` | MySQL secondary persistent volume access Modes | `["ReadWriteOnce"]` |
| `secondary.persistence.size` | MySQL secondary persistent volume size | `8Gi` |
| `secondary.persistence.selector` | Selector to match an existing Persistent Volume | `{}` |
| `secondary.extraVolumes` | Optionally specify extra list of additional volumes to the MySQL secondary pod(s) | `[]` |
| `secondary.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the MySQL secondary container(s) | `[]` |
| `secondary.initContainers` | Add additional init containers for the MySQL secondary pod(s) | `[]` |
| `secondary.sidecars` | Add additional sidecar containers for the MySQL secondary pod(s) | `[]` |
| `secondary.service.type` | MySQL secondary Kubernetes service type | `ClusterIP` |
| `secondary.service.port` | MySQL secondary Kubernetes service port | `3306` |
| `secondary.service.nodePort` | MySQL secondary Kubernetes service node port | `""` |
| `secondary.service.clusterIP` | MySQL secondary Kubernetes service clusterIP IP | `""` |
| `secondary.service.loadBalancerIP` | MySQL secondary loadBalancerIP if service type is `LoadBalancer` | `""` |
| `secondary.service.externalTrafficPolicy` | Enable client source IP preservation | `Cluster` |
| `secondary.service.loadBalancerSourceRanges` | Addresses that are allowed when MySQL secondary service is LoadBalancer | `[]` |
| `secondary.service.annotations` | Provide any additional annotations which may be required | `{}` |
| `secondary.pdb.enabled` | Enable/disable a Pod Disruption Budget creation for MySQL secondary pods | `false` |
| `secondary.pdb.minAvailable` | Minimum number/percentage of MySQL secondary pods that should remain scheduled | `1` |
| `secondary.pdb.maxUnavailable` | Maximum number/percentage of MySQL secondary pods that may be made unavailable | `""` |
| `secondary.podLabels` | Additional pod labels for MySQL secondary pods | `{}` |
### RBAC parameters
| Name | Description | Value |
| ---------------------------- | ------------------------------------------------------ | ------- |
| `serviceAccount.create` | Enable the creation of a ServiceAccount for MySQL pods | `true` |
| `serviceAccount.name` | Name of the created ServiceAccount | `""` |
| `serviceAccount.annotations` | Annotations for MySQL Service Account | `{}` |
| `rbac.create` | Whether to create & use RBAC resources or not | `false` |
### Network Policy
| Name | Description | Value |
| ------------------------------------------ | --------------------------------------------------------------------------------------------------------------- | ------- |
| `networkPolicy.enabled` | Enable creation of NetworkPolicy resources | `false` |
| `networkPolicy.allowExternal` | The Policy model to apply. | `true` |
| `networkPolicy.explicitNamespacesSelector` | A Kubernetes LabelSelector to explicitly select namespaces from which ingress traffic could be allowed to MySQL | `{}` |
### Volume Permissions parameters
| Name | Description | Value |
| ------------------------------------- | -------------------------------------------------------------------------------------------------------------------- | ----------------------- |
| `volumePermissions.enabled` | Enable init container that changes the owner and group of the persistent volume(s) mountpoint to `runAsUser:fsGroup` | `false` |
| `volumePermissions.image.registry` | Init container volume-permissions image registry | `docker.io` |
| `volumePermissions.image.repository` | Init container volume-permissions image repository | `bitnami/bitnami-shell` |
| `volumePermissions.image.tag` | Init container volume-permissions image tag (immutable tags are recommended) | `10-debian-10-r408` |
| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` |
| `volumePermissions.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` |
| `volumePermissions.resources` | Init container volume-permissions resources | `{}` |
### Metrics parameters
| Name | Description | Value |
| -------------------------------------------- | --------------------------------------------------------------------------------------------------------------------- | ------------------------- |
| `metrics.enabled` | Start a side-car prometheus exporter | `false` |
| `metrics.image.registry` | Exporter image registry | `docker.io` |
| `metrics.image.repository` | Exporter image repository | `bitnami/mysqld-exporter` |
| `metrics.image.tag` | Exporter image tag (immutable tags are recommended) | `0.14.0-debian-10-r52` |
| `metrics.image.pullPolicy` | Exporter image pull policy | `IfNotPresent` |
| `metrics.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` |
| `metrics.service.type` | Kubernetes service type for MySQL Prometheus Exporter | `ClusterIP` |
| `metrics.service.port` | MySQL Prometheus Exporter service port | `9104` |
| `metrics.service.annotations` | Prometheus exporter service annotations | `{}` |
| `metrics.extraArgs.primary` | Extra args to be passed to mysqld_exporter on Primary pods | `[]` |
| `metrics.extraArgs.secondary` | Extra args to be passed to mysqld_exporter on Secondary pods | `[]` |
| `metrics.resources.limits` | The resources limits for MySQL prometheus exporter containers | `{}` |
| `metrics.resources.requests` | The requested resources for MySQL prometheus exporter containers | `{}` |
| `metrics.livenessProbe.enabled` | Enable livenessProbe | `true` |
| `metrics.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `120` |
| `metrics.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` |
| `metrics.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `1` |
| `metrics.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `3` |
| `metrics.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` |
| `metrics.readinessProbe.enabled` | Enable readinessProbe | `true` |
| `metrics.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `30` |
| `metrics.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` |
| `metrics.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `1` |
| `metrics.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `3` |
| `metrics.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` |
| `metrics.serviceMonitor.enabled` | Create ServiceMonitor Resource for scraping metrics using PrometheusOperator | `false` |
| `metrics.serviceMonitor.namespace` | Specify the namespace in which the serviceMonitor resource will be created | `""` |
| `metrics.serviceMonitor.interval` | Specify the interval at which metrics should be scraped | `30s` |
| `metrics.serviceMonitor.scrapeTimeout` | Specify the timeout after which the scrape is ended | `""` |
| `metrics.serviceMonitor.relabellings` | Specify Metric Relabellings to add to the scrape endpoint | `[]` |
| `metrics.serviceMonitor.honorLabels` | Specify honorLabels parameter to add the scrape endpoint | `false` |
| `metrics.serviceMonitor.additionalLabels` | Used to pass Labels that are used by the Prometheus installed in your cluster to select Service Monitors to work with | `{}` |
The above parameters map to the env variables defined in [bitnami/mysql](https://github.com/bitnami/bitnami-docker-mysql). For more information please refer to the [bitnami/mysql](https://github.com/bitnami/bitnami-docker-mysql) image documentation.
Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example, Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example,
```bash ```bash
$ helm install my-release \ $ helm install my-release \
--set auth.rootPassword=secretpassword,auth.database=app_database \ --set root.password=secretpassword,user.database=app_database \
bitnami/mysql bitnami/mysql
``` ```
The above command sets the MySQL `root` account password to `secretpassword`. Additionally it creates a database named `app_database`. The above command sets the MySQL `root` account password to `secretpassword`. Additionally it creates a database named `app_database`.
> NOTE: Once this chart is deployed, it is not possible to change the application's access credentials, such as usernames or passwords, using Helm. To change these application credentials after deployment, delete any persistent volumes (PVs) used by the chart and re-deploy it, or use the application's built-in administrative tools if available.
Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example, Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example,
```bash ```bash
@@ -354,115 +197,64 @@ It is strongly recommended to use immutable tags in a production environment. Th
Bitnami will release a new chart updating its containers if a new version of the main container, significant changes, or critical vulnerabilities exist. Bitnami will release a new chart updating its containers if a new version of the main container, significant changes, or critical vulnerabilities exist.
### Use a different MySQL version ### Production configuration
To modify the application version used in this chart, specify a different version of the image using the `image.tag` parameter and/or a different repository using the `image.repository` parameter. Refer to the [chart documentation for more information on these parameters and how to use them with images from a private registry](https://docs.bitnami.com/kubernetes/infrastructure/mysql/configuration/change-image-version/). This chart includes a `values-production.yaml` file where you can find some parameters oriented to production configuration in comparison to the regular `values.yaml`. You can use this file instead of the default one.
### Customize a new MySQL instance - Force users to specify a password:
```diff
- root.forcePassword: false
+ root.forcePassword: true
The [Bitnami MySQL](https://github.com/bitnami/bitnami-docker-mysql) image allows you to use your custom scripts to initialize a fresh instance. Custom scripts may be specified using the `initdbScripts` parameter. Alternatively, an external ConfigMap may be created with all the initialization scripts and the ConfigMap passed to the chart via the `initdbScriptsConfigMap` parameter. Note that this will override the `initdbScripts` parameter. - db.forcePassword: false
+ db.forcePassword: true
- replication.forcePassword: false
+ replication.forcePassword: true
```
- Desired number of slave replicas:
```diff
- slave.replicas: 1
+ slave.replicas: 2
```
- Start a side-car prometheus exporter:
```diff
- metrics.enabled: false
+ metrics.enabled: true
```
### Initialize a fresh instance
The [Bitnami MySQL](https://github.com/bitnami/bitnami-docker-mysql) image allows you to use your custom scripts to initialize a fresh instance. In order to execute the scripts, they must be located inside the chart folder `files/docker-entrypoint-initdb.d` so they can be consumed as a ConfigMap.
The allowed extensions are `.sh`, `.sql` and `.sql.gz`. The allowed extensions are `.sh`, `.sql` and `.sql.gz`.
These scripts are treated differently depending on their extension. While `.sh` scripts are executed on all the nodes, `.sql` and `.sql.gz` scripts are only executed on the primary nodes. This is because `.sh` scripts support conditional tests to identify the type of node they are running on, while such tests are not supported in `.sql` or `sql.gz` files.
Refer to the [chart documentation for more information and a usage example](http://docs.bitnami.com/kubernetes/infrastructure/mysql/configuration/customize-new-instance/).
### Sidecars and Init Containers
If you have a need for additional containers to run within the same pod as MySQL, you can do so via the `sidecars` config parameter. Simply define your container according to the Kubernetes container spec.
```yaml
sidecars:
- name: your-image-name
image: your-image
imagePullPolicy: Always
ports:
- name: portname
containerPort: 1234
```
Similarly, you can add extra init containers using the `initContainers` parameter.
```yaml
initContainers:
- name: your-image-name
image: your-image
imagePullPolicy: Always
ports:
- name: portname
containerPort: 1234
```
## Persistence ## Persistence
The [Bitnami MySQL](https://github.com/bitnami/bitnami-docker-mysql) image stores the MySQL data and configurations at the `/bitnami/mysql` path of the container. The [Bitnami MySQL](https://github.com/bitnami/bitnami-docker-mysql) image stores the MySQL data and configurations at the `/bitnami/mysql` path of the container.
The chart mounts a [Persistent Volume](https://kubernetes.io/docs/concepts/storage/persistent-volumes/) volume at this location. The volume is created using dynamic volume provisioning by default. An existing PersistentVolumeClaim can also be defined for this purpose. The chart mounts a [Persistent Volume](kubernetes.io/docs/user-guide/persistent-volumes/) volume at this location. The volume is created using dynamic volume provisioning by default. An existing PersistentVolumeClaim can be defined.
If you encounter errors when working with persistent volumes, refer to our [troubleshooting guide for persistent volumes](https://docs.bitnami.com/kubernetes/faq/troubleshooting/troubleshooting-persistence-volumes/). ### Adjust permissions of persistent volume mountpoint
## Network Policy As the image run as non-root by default, it is necessary to adjust the ownership of the persistent volume so that the container can write data into it.
To enable network policy for MySQL, install [a networking plugin that implements the Kubernetes NetworkPolicy spec](https://kubernetes.io/docs/tasks/administer-cluster/declare-network-policy#before-you-begin), and set `networkPolicy.enabled` to `true`. By default, the chart is configured to use Kubernetes Security Context to automatically change the ownership of the volume. However, this feature does not work in all Kubernetes distributions.
As an alternative, this chart supports using an initContainer to change the ownership of the volume before mounting it in the final destination.
For Kubernetes v1.5 & v1.6, you must also turn on NetworkPolicy by setting the DefaultDeny namespace annotation. Note: this will enforce policy for _all_ pods in the namespace: You can enable this initContainer by setting `volumePermissions.enabled` to `true`.
```console
$ kubectl annotate namespace default "net.beta.kubernetes.io/network-policy={\"ingress\":{\"isolation\":\"DefaultDeny\"}}"
```
With NetworkPolicy enabled, traffic will be limited to just port 3306.
For more precise policy, set `networkPolicy.allowExternal=false`. This will only allow pods with the generated client label to connect to MySQL.
This label will be displayed in the output of a successful install.
## Pod affinity
This chart allows you to set your custom affinity using the `XXX.affinity` parameter(s). Find more information about Pod affinity in the [Kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity).
As an alternative, you can use the preset configurations for pod affinity, pod anti-affinity, and node affinity available at the [bitnami/common](https://github.com/bitnami/charts/tree/master/bitnami/common#affinities) chart. To do so, set the `XXX.podAffinityPreset`, `XXX.podAntiAffinityPreset`, or `XXX.nodeAffinityPreset` parameters.
## Troubleshooting
Find more information about how to deal with common errors related to Bitnami's Helm charts in [this troubleshooting guide](https://docs.bitnami.com/general/how-to/troubleshoot-helm-chart-issues).
## Upgrading ## Upgrading
It's necessary to set the `auth.rootPassword` parameter when upgrading for readiness/liveness probes to work properly. When you install this chart for the first time, some notes will be displayed providing the credentials you must use under the 'Administrator credentials' section. Please note down the password and run the command below to upgrade your chart: It's necessary to set the `root.password` parameter when upgrading for readiness/liveness probes to work properly. When you install this chart for the first time, some notes will be displayed providing the credentials you must use under the 'Administrator credentials' section. Please note down the password and run the command below to upgrade your chart:
```bash ```bash
$ helm upgrade my-release bitnami/mysql --set auth.rootPassword=[ROOT_PASSWORD] $ helm upgrade my-release bitnami/mysql --set root.password=[ROOT_PASSWORD]
``` ```
| Note: you need to substitute the placeholder _[ROOT_PASSWORD]_ with the value obtained in the installation notes. | Note: you need to substitue the placeholder _[ROOT_PASSWORD]_ with the value obtained in the installation notes.
### To 8.0.0
- Several parameters were renamed or disappeared in favor of new ones on this major version:
- The terms *master* and *slave* have been replaced by the terms *primary* and *secondary*. Therefore, parameters prefixed with `master` or `slave` are now prefixed with `primary` or `secondary`, respectively.
- Credentials parameters are reorganized under the `auth` parameter.
- `replication.enabled` parameter is deprecated in favor of `architecture` parameter that accepts two values: `standalone` and `replication`.
- Chart labels were adapted to follow the [Helm charts standard labels](https://helm.sh/docs/chart_best_practices/labels/#standard-labels).
- This version also introduces `bitnami/common`, a [library chart](https://helm.sh/docs/topics/library_charts/#helm) as a dependency. More documentation about this new utility could be found [here](https://github.com/bitnami/charts/tree/master/bitnami/common#bitnami-common-library-chart). Please, make sure that you have updated the chart dependencies before executing any upgrade.
Consequences:
- Backwards compatibility is not guaranteed. To upgrade to `8.0.0`, install a new release of the MySQL chart, and migrate the data from your previous release. You have 2 alternatives to do so:
- Create a backup of the database, and restore it on the new release using tools such as [mysqldump](https://dev.mysql.com/doc/refman/8.0/en/mysqldump.html).
- Reuse the PVC used to hold the master data on your previous release. To do so, use the `primary.persistence.existingClaim` parameter. The following example assumes that the release name is `mysql`:
```bash
$ helm install mysql bitnami/mysql --set auth.rootPassword=[ROOT_PASSWORD] --set primary.persistence.existingClaim=[EXISTING_PVC]
```
| Note: you need to substitute the placeholder _[EXISTING_PVC]_ with the name of the PVC used on your previous release, and _[ROOT_PASSWORD]_ with the root password used in your previous release.
### To 7.0.0
[On November 13, 2020, Helm v2 support formally ended](https://github.com/helm/charts#status-of-the-project). This major version is the result of the required changes applied to the Helm Chart to be able to incorporate the different features added in Helm v3 and to be consistent with the Helm project itself regarding the Helm v2 EOL.
[Learn more about this change and related upgrade considerations](https://docs.bitnami.com/kubernetes/infrastructure/mysql/administration/upgrade-helm3/).
### To 3.0.0 ### To 3.0.0
@@ -473,19 +265,3 @@ Use the workaround below to upgrade from versions previous to 3.0.0. The followi
$ kubectl delete statefulset mysql-master --cascade=false $ kubectl delete statefulset mysql-master --cascade=false
$ kubectl delete statefulset mysql-slave --cascade=false $ kubectl delete statefulset mysql-slave --cascade=false
``` ```
## License
Copyright &copy; 2022 Bitnami
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.

22
lib/common/services/mysql/charts/common/.helmignore
View File

@@ -1,22 +0,0 @@
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*~
# Various IDEs
.project
.idea/
*.tmproj
.vscode/

23
lib/common/services/mysql/charts/common/Chart.yaml
View File

@@ -1,23 +0,0 @@
annotations:
category: Infrastructure
apiVersion: v2
appVersion: 1.13.1
description: A Library Helm Chart for grouping common logic between bitnami charts.
This chart is not deployable by itself.
home: https://github.com/bitnami/charts/tree/master/bitnami/common
icon: https://bitnami.com/downloads/logos/bitnami-mark.png
keywords:
- common
- helper
- template
- function
- bitnami
maintainers:
- email: containers@bitnami.com
name: Bitnami
name: common
sources:
- https://github.com/bitnami/charts
- https://www.bitnami.com/
type: library
version: 1.13.1

347
lib/common/services/mysql/charts/common/README.md
View File

@@ -1,347 +0,0 @@
# Bitnami Common Library Chart
A [Helm Library Chart](https://helm.sh/docs/topics/library_charts/#helm) for grouping common logic between bitnami charts.
## TL;DR
```yaml
dependencies:
- name: common
version: 1.x.x
repository: https://charts.bitnami.com/bitnami
```
```bash
$ helm dependency update
```
```yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ include "common.names.fullname" . }}
data:
myvalue: "Hello World"
```
## Introduction
This chart provides a common template helpers which can be used to develop new charts using [Helm](https://helm.sh) package manager.
Bitnami charts can be used with [Kubeapps](https://kubeapps.com/) for deployment and management of Helm Charts in clusters. This Helm chart has been tested on top of [Bitnami Kubernetes Production Runtime](https://kubeprod.io/) (BKPR). Deploy BKPR to get automated TLS certificates, logging and monitoring for your applications.
## Prerequisites
- Kubernetes 1.19+
- Helm 3.2.0+
## Parameters
The following table lists the helpers available in the library which are scoped in different sections.
### Affinities
| Helper identifier | Description | Expected Input |
|-------------------------------|------------------------------------------------------|------------------------------------------------|
| `common.affinities.nodes.soft` | Return a soft nodeAffinity definition | `dict "key" "FOO" "values" (list "BAR" "BAZ")` |
| `common.affinities.nodes.hard` | Return a hard nodeAffinity definition | `dict "key" "FOO" "values" (list "BAR" "BAZ")` |
| `common.affinities.pods.soft` | Return a soft podAffinity/podAntiAffinity definition | `dict "component" "FOO" "context" $` |
| `common.affinities.pods.hard` | Return a hard podAffinity/podAntiAffinity definition | `dict "component" "FOO" "context" $` |
### Capabilities
| Helper identifier | Description | Expected Input |
|------------------------------------------------|------------------------------------------------------------------------------------------------|-------------------|
| `common.capabilities.kubeVersion` | Return the target Kubernetes version (using client default if .Values.kubeVersion is not set). | `.` Chart context |
| `common.capabilities.cronjob.apiVersion` | Return the appropriate apiVersion for cronjob. | `.` Chart context |
| `common.capabilities.deployment.apiVersion` | Return the appropriate apiVersion for deployment. | `.` Chart context |
| `common.capabilities.statefulset.apiVersion` | Return the appropriate apiVersion for statefulset. | `.` Chart context |
| `common.capabilities.ingress.apiVersion` | Return the appropriate apiVersion for ingress. | `.` Chart context |
| `common.capabilities.rbac.apiVersion` | Return the appropriate apiVersion for RBAC resources. | `.` Chart context |
| `common.capabilities.crd.apiVersion` | Return the appropriate apiVersion for CRDs. | `.` Chart context |
| `common.capabilities.policy.apiVersion` | Return the appropriate apiVersion for podsecuritypolicy. | `.` Chart context |
| `common.capabilities.networkPolicy.apiVersion` | Return the appropriate apiVersion for networkpolicy. | `.` Chart context |
| `common.capabilities.apiService.apiVersion` | Return the appropriate apiVersion for APIService. | `.` Chart context |
| `common.capabilities.supportsHelmVersion` | Returns true if the used Helm version is 3.3+ | `.` Chart context |
### Errors
| Helper identifier | Description | Expected Input |
|-----------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-------------------------------------------------------------------------------------|
| `common.errors.upgrade.passwords.empty` | It will ensure required passwords are given when we are upgrading a chart. If `validationErrors` is not empty it will throw an error and will stop the upgrade action. | `dict "validationErrors" (list $validationError00 $validationError01) "context" $` |
### Images
| Helper identifier | Description | Expected Input |
|-----------------------------|------------------------------------------------------|---------------------------------------------------------------------------------------------------------|
| `common.images.image` | Return the proper and full image name | `dict "imageRoot" .Values.path.to.the.image "global" $`, see [ImageRoot](#imageroot) for the structure. |
| `common.images.pullSecrets` | Return the proper Docker Image Registry Secret Names (deprecated: use common.images.renderPullSecrets instead) | `dict "images" (list .Values.path.to.the.image1, .Values.path.to.the.image2) "global" .Values.global` |
| `common.images.renderPullSecrets` | Return the proper Docker Image Registry Secret Names (evaluates values as templates) | `dict "images" (list .Values.path.to.the.image1, .Values.path.to.the.image2) "context" $` |
### Ingress
| Helper identifier | Description | Expected Input |
|-------------------------------------------|-------------------------------------------------------------------------------------------------------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| `common.ingress.backend` | Generate a proper Ingress backend entry depending on the API version | `dict "serviceName" "foo" "servicePort" "bar"`, see the [Ingress deprecation notice](https://kubernetes.io/blog/2019/07/18/api-deprecations-in-1-16/) for the syntax differences |
| `common.ingress.supportsPathType` | Prints "true" if the pathType field is supported | `.` Chart context |
| `common.ingress.supportsIngressClassname` | Prints "true" if the ingressClassname field is supported | `.` Chart context |
| `common.ingress.certManagerRequest` | Prints "true" if required cert-manager annotations for TLS signed certificates are set in the Ingress annotations | `dict "annotations" .Values.path.to.the.ingress.annotations` |
### Labels
| Helper identifier | Description | Expected Input |
|-----------------------------|-----------------------------------------------------------------------------|-------------------|
| `common.labels.standard` | Return Kubernetes standard labels | `.` Chart context |
| `common.labels.matchLabels` | Labels to use on `deploy.spec.selector.matchLabels` and `svc.spec.selector` | `.` Chart context |
### Names
| Helper identifier | Description | Expected Input |
|--------------------------|------------------------------------------------------------|-------------------|
| `common.names.name` | Expand the name of the chart or use `.Values.nameOverride` | `.` Chart context |
| `common.names.fullname` | Create a default fully qualified app name. | `.` Chart context |
| `common.names.namespace` | Allow the release namespace to be overridden | `.` Chart context |
| `common.names.chart` | Chart name plus version | `.` Chart context |
### Secrets
| Helper identifier | Description | Expected Input |
|---------------------------|--------------------------------------------------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| `common.secrets.name` | Generate the name of the secret. | `dict "existingSecret" .Values.path.to.the.existingSecret "defaultNameSuffix" "mySuffix" "context" $` see [ExistingSecret](#existingsecret) for the structure. |
| `common.secrets.key` | Generate secret key. | `dict "existingSecret" .Values.path.to.the.existingSecret "key" "keyName"` see [ExistingSecret](#existingsecret) for the structure. |
| `common.passwords.manage` | Generate secret password or retrieve one if already created. | `dict "secret" "secret-name" "key" "keyName" "providedValues" (list "path.to.password1" "path.to.password2") "length" 10 "strong" false "chartName" "chartName" "context" $`, length, strong and chartNAme fields are optional. |
| `common.secrets.exists` | Returns whether a previous generated secret already exists. | `dict "secret" "secret-name" "context" $` |
### Storage
| Helper identifier | Description | Expected Input |
|-------------------------------|---------------------------------------|---------------------------------------------------------------------------------------------------------------------|
| `common.storage.class` | Return the proper Storage Class | `dict "persistence" .Values.path.to.the.persistence "global" $`, see [Persistence](#persistence) for the structure. |
### TplValues
| Helper identifier | Description | Expected Input |
|---------------------------|----------------------------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------|
| `common.tplvalues.render` | Renders a value that contains template | `dict "value" .Values.path.to.the.Value "context" $`, value is the value should rendered as template, context frequently is the chart context `$` or `.` |
### Utils
| Helper identifier | Description | Expected Input |
|--------------------------------|------------------------------------------------------------------------------------------|------------------------------------------------------------------------|
| `common.utils.fieldToEnvVar` | Build environment variable name given a field. | `dict "field" "my-password"` |
| `common.utils.secret.getvalue` | Print instructions to get a secret value. | `dict "secret" "secret-name" "field" "secret-value-field" "context" $` |
| `common.utils.getValueFromKey` | Gets a value from `.Values` object given its key path | `dict "key" "path.to.key" "context" $` |
| `common.utils.getKeyFromList` | Returns first `.Values` key with a defined value or first of the list if all non-defined | `dict "keys" (list "path.to.key1" "path.to.key2") "context" $` |
### Validations
| Helper identifier | Description | Expected Input |
|--------------------------------------------------|-------------------------------------------------------------------------------------------------------------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| `common.validations.values.single.empty` | Validate a value must not be empty. | `dict "valueKey" "path.to.value" "secret" "secret.name" "field" "my-password" "subchart" "subchart" "context" $` secret, field and subchart are optional. In case they are given, the helper will generate a how to get instruction. See [ValidateValue](#validatevalue) |
| `common.validations.values.multiple.empty` | Validate a multiple values must not be empty. It returns a shared error for all the values. | `dict "required" (list $validateValueConf00 $validateValueConf01) "context" $`. See [ValidateValue](#validatevalue) |
| `common.validations.values.mariadb.passwords` | This helper will ensure required password for MariaDB are not empty. It returns a shared error for all the values. | `dict "secret" "mariadb-secret" "subchart" "true" "context" $` subchart field is optional and could be true or false it depends on where you will use mariadb chart and the helper. |
| `common.validations.values.postgresql.passwords` | This helper will ensure required password for PostgreSQL are not empty. It returns a shared error for all the values. | `dict "secret" "postgresql-secret" "subchart" "true" "context" $` subchart field is optional and could be true or false it depends on where you will use postgresql chart and the helper. |
| `common.validations.values.redis.passwords` | This helper will ensure required password for Redis&trade; are not empty. It returns a shared error for all the values. | `dict "secret" "redis-secret" "subchart" "true" "context" $` subchart field is optional and could be true or false it depends on where you will use redis chart and the helper. |
| `common.validations.values.cassandra.passwords` | This helper will ensure required password for Cassandra are not empty. It returns a shared error for all the values. | `dict "secret" "cassandra-secret" "subchart" "true" "context" $` subchart field is optional and could be true or false it depends on where you will use cassandra chart and the helper. |
| `common.validations.values.mongodb.passwords` | This helper will ensure required password for MongoDB&reg; are not empty. It returns a shared error for all the values. | `dict "secret" "mongodb-secret" "subchart" "true" "context" $` subchart field is optional and could be true or false it depends on where you will use mongodb chart and the helper. |
### Warnings
| Helper identifier | Description | Expected Input |
|------------------------------|----------------------------------|------------------------------------------------------------|
| `common.warnings.rollingTag` | Warning about using rolling tag. | `ImageRoot` see [ImageRoot](#imageroot) for the structure. |
## Special input schemas
### ImageRoot
```yaml
registry:
type: string
description: Docker registry where the image is located
example: docker.io
repository:
type: string
description: Repository and image name
example: bitnami/nginx
tag:
type: string
description: image tag
example: 1.16.1-debian-10-r63
pullPolicy:
type: string
description: Specify a imagePullPolicy. Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
pullSecrets:
type: array
items:
type: string
description: Optionally specify an array of imagePullSecrets (evaluated as templates).
debug:
type: boolean
description: Set to true if you would like to see extra information on logs
example: false
## An instance would be:
# registry: docker.io
# repository: bitnami/nginx
# tag: 1.16.1-debian-10-r63
# pullPolicy: IfNotPresent
# debug: false
```
### Persistence
```yaml
enabled:
type: boolean
description: Whether enable persistence.
example: true
storageClass:
type: string
description: Ghost data Persistent Volume Storage Class, If set to "-", storageClassName: "" which disables dynamic provisioning.
example: "-"
accessMode:
type: string
description: Access mode for the Persistent Volume Storage.
example: ReadWriteOnce
size:
type: string
description: Size the Persistent Volume Storage.
example: 8Gi
path:
type: string
description: Path to be persisted.
example: /bitnami
## An instance would be:
# enabled: true
# storageClass: "-"
# accessMode: ReadWriteOnce
# size: 8Gi
# path: /bitnami
```
### ExistingSecret
```yaml
name:
type: string
description: Name of the existing secret.
example: mySecret
keyMapping:
description: Mapping between the expected key name and the name of the key in the existing secret.
type: object
## An instance would be:
# name: mySecret
# keyMapping:
# password: myPasswordKey
```
#### Example of use
When we store sensitive data for a deployment in a secret, some times we want to give to users the possibility of using theirs existing secrets.
```yaml
# templates/secret.yaml
---
apiVersion: v1
kind: Secret
metadata:
name: {{ include "common.names.fullname" . }}
labels:
app: {{ include "common.names.fullname" . }}
type: Opaque
data:
password: {{ .Values.password | b64enc | quote }}
# templates/dpl.yaml
---
...
env:
- name: PASSWORD
valueFrom:
secretKeyRef:
name: {{ include "common.secrets.name" (dict "existingSecret" .Values.existingSecret "context" $) }}
key: {{ include "common.secrets.key" (dict "existingSecret" .Values.existingSecret "key" "password") }}
...
# values.yaml
---
name: mySecret
keyMapping:
password: myPasswordKey
```
### ValidateValue
#### NOTES.txt
```console
{{- $validateValueConf00 := (dict "valueKey" "path.to.value00" "secret" "secretName" "field" "password-00") -}}
{{- $validateValueConf01 := (dict "valueKey" "path.to.value01" "secret" "secretName" "field" "password-01") -}}
{{ include "common.validations.values.multiple.empty" (dict "required" (list $validateValueConf00 $validateValueConf01) "context" $) }}
```
If we force those values to be empty we will see some alerts
```console
$ helm install test mychart --set path.to.value00="",path.to.value01=""
'path.to.value00' must not be empty, please add '--set path.to.value00=$PASSWORD_00' to the command. To get the current value:
export PASSWORD_00=$(kubectl get secret --namespace default secretName -o jsonpath="{.data.password-00}" | base64 --decode)
'path.to.value01' must not be empty, please add '--set path.to.value01=$PASSWORD_01' to the command. To get the current value:
export PASSWORD_01=$(kubectl get secret --namespace default secretName -o jsonpath="{.data.password-01}" | base64 --decode)
```
## Upgrading
### To 1.0.0
[On November 13, 2020, Helm v2 support was formally finished](https://github.com/helm/charts#status-of-the-project), this major version is the result of the required changes applied to the Helm Chart to be able to incorporate the different features added in Helm v3 and to be consistent with the Helm project itself regarding the Helm v2 EOL.
**What changes were introduced in this major version?**
- Previous versions of this Helm Chart use `apiVersion: v1` (installable by both Helm 2 and 3), this Helm Chart was updated to `apiVersion: v2` (installable by Helm 3 only). [Here](https://helm.sh/docs/topics/charts/#the-apiversion-field) you can find more information about the `apiVersion` field.
- Use `type: library`. [Here](https://v3.helm.sh/docs/faq/#library-chart-support) you can find more information.
- The different fields present in the *Chart.yaml* file has been ordered alphabetically in a homogeneous way for all the Bitnami Helm Charts
**Considerations when upgrading to this version**
- If you want to upgrade to this version from a previous one installed with Helm v3, you shouldn't face any issues
- If you want to upgrade to this version using Helm v2, this scenario is not supported as this version doesn't support Helm v2 anymore
- If you installed the previous version with Helm v2 and wants to upgrade to this version with Helm v3, please refer to the [official Helm documentation](https://helm.sh/docs/topics/v2_v3_migration/#migration-use-cases) about migrating from Helm v2 to v3
**Useful links**
- https://docs.bitnami.com/tutorials/resolve-helm2-helm3-post-migration-issues/
- https://helm.sh/docs/topics/v2_v3_migration/
- https://helm.sh/blog/migrate-from-helm-v2-to-helm-v3/
## License
Copyright &copy; 2022 Bitnami
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.

102
lib/common/services/mysql/charts/common/templates/_affinities.tpl
View File

@@ -1,102 +0,0 @@
{{/* vim: set filetype=mustache: */}}
{{/*
Return a soft nodeAffinity definition
{{ include "common.affinities.nodes.soft" (dict "key" "FOO" "values" (list "BAR" "BAZ")) -}}
*/}}
{{- define "common.affinities.nodes.soft" -}}
preferredDuringSchedulingIgnoredDuringExecution:
- preference:
matchExpressions:
- key: {{ .key }}
operator: In
values:
{{- range .values }}
- {{ . | quote }}
{{- end }}
weight: 1
{{- end -}}
{{/*
Return a hard nodeAffinity definition
{{ include "common.affinities.nodes.hard" (dict "key" "FOO" "values" (list "BAR" "BAZ")) -}}
*/}}
{{- define "common.affinities.nodes.hard" -}}
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: {{ .key }}
operator: In
values:
{{- range .values }}
- {{ . | quote }}
{{- end }}
{{- end -}}
{{/*
Return a nodeAffinity definition
{{ include "common.affinities.nodes" (dict "type" "soft" "key" "FOO" "values" (list "BAR" "BAZ")) -}}
*/}}
{{- define "common.affinities.nodes" -}}
{{- if eq .type "soft" }}
{{- include "common.affinities.nodes.soft" . -}}
{{- else if eq .type "hard" }}
{{- include "common.affinities.nodes.hard" . -}}
{{- end -}}
{{- end -}}
{{/*
Return a soft podAffinity/podAntiAffinity definition
{{ include "common.affinities.pods.soft" (dict "component" "FOO" "extraMatchLabels" .Values.extraMatchLabels "context" $) -}}
*/}}
{{- define "common.affinities.pods.soft" -}}
{{- $component := default "" .component -}}
{{- $extraMatchLabels := default (dict) .extraMatchLabels -}}
preferredDuringSchedulingIgnoredDuringExecution:
- podAffinityTerm:
labelSelector:
matchLabels: {{- (include "common.labels.matchLabels" .context) | nindent 10 }}
{{- if not (empty $component) }}
{{ printf "app.kubernetes.io/component: %s" $component }}
{{- end }}
{{- range $key, $value := $extraMatchLabels }}
{{ $key }}: {{ $value | quote }}
{{- end }}
namespaces:
- {{ .context.Release.Namespace | quote }}
topologyKey: kubernetes.io/hostname
weight: 1
{{- end -}}
{{/*
Return a hard podAffinity/podAntiAffinity definition
{{ include "common.affinities.pods.hard" (dict "component" "FOO" "extraMatchLabels" .Values.extraMatchLabels "context" $) -}}
*/}}
{{- define "common.affinities.pods.hard" -}}
{{- $component := default "" .component -}}
{{- $extraMatchLabels := default (dict) .extraMatchLabels -}}
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchLabels: {{- (include "common.labels.matchLabels" .context) | nindent 8 }}
{{- if not (empty $component) }}
{{ printf "app.kubernetes.io/component: %s" $component }}
{{- end }}
{{- range $key, $value := $extraMatchLabels }}
{{ $key }}: {{ $value | quote }}
{{- end }}
namespaces:
- {{ .context.Release.Namespace | quote }}
topologyKey: kubernetes.io/hostname
{{- end -}}
{{/*
Return a podAffinity/podAntiAffinity definition
{{ include "common.affinities.pods" (dict "type" "soft" "key" "FOO" "values" (list "BAR" "BAZ")) -}}
*/}}
{{- define "common.affinities.pods" -}}
{{- if eq .type "soft" }}
{{- include "common.affinities.pods.soft" . -}}
{{- else if eq .type "hard" }}
{{- include "common.affinities.pods.hard" . -}}
{{- end -}}
{{- end -}}

139
lib/common/services/mysql/charts/common/templates/_capabilities.tpl
View File

@@ -1,139 +0,0 @@
{{/* vim: set filetype=mustache: */}}
{{/*
Return the target Kubernetes version
*/}}
{{- define "common.capabilities.kubeVersion" -}}
{{- if .Values.global }}
{{- if .Values.global.kubeVersion }}
{{- .Values.global.kubeVersion -}}
{{- else }}
{{- default .Capabilities.KubeVersion.Version .Values.kubeVersion -}}
{{- end -}}
{{- else }}
{{- default .Capabilities.KubeVersion.Version .Values.kubeVersion -}}
{{- end -}}
{{- end -}}
{{/*
Return the appropriate apiVersion for poddisruptionbudget.
*/}}
{{- define "common.capabilities.policy.apiVersion" -}}
{{- if semverCompare "<1.21-0" (include "common.capabilities.kubeVersion" .) -}}
{{- print "policy/v1beta1" -}}
{{- else -}}
{{- print "policy/v1" -}}
{{- end -}}
{{- end -}}
{{/*
Return the appropriate apiVersion for networkpolicy.
*/}}
{{- define "common.capabilities.networkPolicy.apiVersion" -}}
{{- if semverCompare "<1.7-0" (include "common.capabilities.kubeVersion" .) -}}
{{- print "extensions/v1beta1" -}}
{{- else -}}
{{- print "networking.k8s.io/v1" -}}
{{- end -}}
{{- end -}}
{{/*
Return the appropriate apiVersion for cronjob.
*/}}
{{- define "common.capabilities.cronjob.apiVersion" -}}
{{- if semverCompare "<1.21-0" (include "common.capabilities.kubeVersion" .) -}}
{{- print "batch/v1beta1" -}}
{{- else -}}
{{- print "batch/v1" -}}
{{- end -}}
{{- end -}}
{{/*
Return the appropriate apiVersion for deployment.
*/}}
{{- define "common.capabilities.deployment.apiVersion" -}}
{{- if semverCompare "<1.14-0" (include "common.capabilities.kubeVersion" .) -}}
{{- print "extensions/v1beta1" -}}
{{- else -}}
{{- print "apps/v1" -}}
{{- end -}}
{{- end -}}
{{/*
Return the appropriate apiVersion for statefulset.
*/}}
{{- define "common.capabilities.statefulset.apiVersion" -}}
{{- if semverCompare "<1.14-0" (include "common.capabilities.kubeVersion" .) -}}
{{- print "apps/v1beta1" -}}
{{- else -}}
{{- print "apps/v1" -}}
{{- end -}}
{{- end -}}
{{/*
Return the appropriate apiVersion for ingress.
*/}}
{{- define "common.capabilities.ingress.apiVersion" -}}
{{- if .Values.ingress -}}
{{- if .Values.ingress.apiVersion -}}
{{- .Values.ingress.apiVersion -}}
{{- else if semverCompare "<1.14-0" (include "common.capabilities.kubeVersion" .) -}}
{{- print "extensions/v1beta1" -}}
{{- else if semverCompare "<1.19-0" (include "common.capabilities.kubeVersion" .) -}}
{{- print "networking.k8s.io/v1beta1" -}}
{{- else -}}
{{- print "networking.k8s.io/v1" -}}
{{- end }}
{{- else if semverCompare "<1.14-0" (include "common.capabilities.kubeVersion" .) -}}
{{- print "extensions/v1beta1" -}}
{{- else if semverCompare "<1.19-0" (include "common.capabilities.kubeVersion" .) -}}
{{- print "networking.k8s.io/v1beta1" -}}
{{- else -}}
{{- print "networking.k8s.io/v1" -}}
{{- end -}}
{{- end -}}
{{/*
Return the appropriate apiVersion for RBAC resources.
*/}}
{{- define "common.capabilities.rbac.apiVersion" -}}
{{- if semverCompare "<1.17-0" (include "common.capabilities.kubeVersion" .) -}}
{{- print "rbac.authorization.k8s.io/v1beta1" -}}
{{- else -}}
{{- print "rbac.authorization.k8s.io/v1" -}}
{{- end -}}
{{- end -}}
{{/*
Return the appropriate apiVersion for CRDs.
*/}}
{{- define "common.capabilities.crd.apiVersion" -}}
{{- if semverCompare "<1.19-0" (include "common.capabilities.kubeVersion" .) -}}
{{- print "apiextensions.k8s.io/v1beta1" -}}
{{- else -}}
{{- print "apiextensions.k8s.io/v1" -}}
{{- end -}}
{{- end -}}
{{/*
Return the appropriate apiVersion for APIService.
*/}}
{{- define "common.capabilities.apiService.apiVersion" -}}
{{- if semverCompare "<1.10-0" (include "common.capabilities.kubeVersion" .) -}}
{{- print "apiregistration.k8s.io/v1beta1" -}}
{{- else -}}
{{- print "apiregistration.k8s.io/v1" -}}
{{- end -}}
{{- end -}}
{{/*
Returns true if the used Helm version is 3.3+.
A way to check the used Helm version was not introduced until version 3.3.0 with .Capabilities.HelmVersion, which contains an additional "{}}" structure.
This check is introduced as a regexMatch instead of {{ if .Capabilities.HelmVersion }} because checking for the key HelmVersion in <3.3 results in a "interface not found" error.
**To be removed when the catalog's minimun Helm version is 3.3**
*/}}
{{- define "common.capabilities.supportsHelmVersion" -}}
{{- if regexMatch "{(v[0-9])*[^}]*}}$" (.Capabilities | toString ) }}
{{- true -}}
{{- end -}}
{{- end -}}

23
lib/common/services/mysql/charts/common/templates/_errors.tpl
View File

@@ -1,23 +0,0 @@
{{/* vim: set filetype=mustache: */}}
{{/*
Through error when upgrading using empty passwords values that must not be empty.
Usage:
{{- $validationError00 := include "common.validations.values.single.empty" (dict "valueKey" "path.to.password00" "secret" "secretName" "field" "password-00") -}}
{{- $validationError01 := include "common.validations.values.single.empty" (dict "valueKey" "path.to.password01" "secret" "secretName" "field" "password-01") -}}
{{ include "common.errors.upgrade.passwords.empty" (dict "validationErrors" (list $validationError00 $validationError01) "context" $) }}
Required password params:
- validationErrors - String - Required. List of validation strings to be return, if it is empty it won't throw error.
- context - Context - Required. Parent context.
*/}}
{{- define "common.errors.upgrade.passwords.empty" -}}
{{- $validationErrors := join "" .validationErrors -}}
{{- if and $validationErrors .context.Release.IsUpgrade -}}
{{- $errorString := "\nPASSWORDS ERROR: You must provide your current passwords when upgrading the release." -}}
{{- $errorString = print $errorString "\n Note that even after reinstallation, old credentials may be needed as they may be kept in persistent volume claims." -}}
{{- $errorString = print $errorString "\n Further information can be obtained at https://docs.bitnami.com/general/how-to/troubleshoot-helm-chart-issues/#credential-errors-while-upgrading-chart-releases" -}}
{{- $errorString = print $errorString "\n%s" -}}
{{- printf $errorString $validationErrors | fail -}}
{{- end -}}
{{- end -}}

75
lib/common/services/mysql/charts/common/templates/_images.tpl
View File

@@ -1,75 +0,0 @@
{{/* vim: set filetype=mustache: */}}
{{/*
Return the proper image name
{{ include "common.images.image" ( dict "imageRoot" .Values.path.to.the.image "global" $) }}
*/}}
{{- define "common.images.image" -}}
{{- $registryName := .imageRoot.registry -}}
{{- $repositoryName := .imageRoot.repository -}}
{{- $tag := .imageRoot.tag | toString -}}
{{- if .global }}
{{- if .global.imageRegistry }}
{{- $registryName = .global.imageRegistry -}}
{{- end -}}
{{- end -}}
{{- if $registryName }}
{{- printf "%s/%s:%s" $registryName $repositoryName $tag -}}
{{- else -}}
{{- printf "%s:%s" $repositoryName $tag -}}
{{- end -}}
{{- end -}}
{{/*
Return the proper Docker Image Registry Secret Names (deprecated: use common.images.renderPullSecrets instead)
{{ include "common.images.pullSecrets" ( dict "images" (list .Values.path.to.the.image1, .Values.path.to.the.image2) "global" .Values.global) }}
*/}}
{{- define "common.images.pullSecrets" -}}
{{- $pullSecrets := list }}
{{- if .global }}
{{- range .global.imagePullSecrets -}}
{{- $pullSecrets = append $pullSecrets . -}}
{{- end -}}
{{- end -}}
{{- range .images -}}
{{- range .pullSecrets -}}
{{- $pullSecrets = append $pullSecrets . -}}
{{- end -}}
{{- end -}}
{{- if (not (empty $pullSecrets)) }}
imagePullSecrets:
{{- range $pullSecrets }}
- name: {{ . }}
{{- end }}
{{- end }}
{{- end -}}
{{/*
Return the proper Docker Image Registry Secret Names evaluating values as templates
{{ include "common.images.renderPullSecrets" ( dict "images" (list .Values.path.to.the.image1, .Values.path.to.the.image2) "context" $) }}
*/}}
{{- define "common.images.renderPullSecrets" -}}
{{- $pullSecrets := list }}
{{- $context := .context }}
{{- if $context.Values.global }}
{{- range $context.Values.global.imagePullSecrets -}}
{{- $pullSecrets = append $pullSecrets (include "common.tplvalues.render" (dict "value" . "context" $context)) -}}
{{- end -}}
{{- end -}}
{{- range .images -}}
{{- range .pullSecrets -}}
{{- $pullSecrets = append $pullSecrets (include "common.tplvalues.render" (dict "value" . "context" $context)) -}}
{{- end -}}
{{- end -}}
{{- if (not (empty $pullSecrets)) }}
imagePullSecrets:
{{- range $pullSecrets }}
- name: {{ . }}
{{- end }}
{{- end }}
{{- end -}}

68
lib/common/services/mysql/charts/common/templates/_ingress.tpl
View File

@@ -1,68 +0,0 @@
{{/* vim: set filetype=mustache: */}}
{{/*
Generate backend entry that is compatible with all Kubernetes API versions.
Usage:
{{ include "common.ingress.backend" (dict "serviceName" "backendName" "servicePort" "backendPort" "context" $) }}
Params:
- serviceName - String. Name of an existing service backend
- servicePort - String/Int. Port name (or number) of the service. It will be translated to different yaml depending if it is a string or an integer.
- context - Dict - Required. The context for the template evaluation.
*/}}
{{- define "common.ingress.backend" -}}
{{- $apiVersion := (include "common.capabilities.ingress.apiVersion" .context) -}}
{{- if or (eq $apiVersion "extensions/v1beta1") (eq $apiVersion "networking.k8s.io/v1beta1") -}}
serviceName: {{ .serviceName }}
servicePort: {{ .servicePort }}
{{- else -}}
service:
name: {{ .serviceName }}
port:
{{- if typeIs "string" .servicePort }}
name: {{ .servicePort }}
{{- else if or (typeIs "int" .servicePort) (typeIs "float64" .servicePort) }}
number: {{ .servicePort | int }}
{{- end }}
{{- end -}}
{{- end -}}
{{/*
Print "true" if the API pathType field is supported
Usage:
{{ include "common.ingress.supportsPathType" . }}
*/}}
{{- define "common.ingress.supportsPathType" -}}
{{- if (semverCompare "<1.18-0" (include "common.capabilities.kubeVersion" .)) -}}
{{- print "false" -}}
{{- else -}}
{{- print "true" -}}
{{- end -}}
{{- end -}}
{{/*
Returns true if the ingressClassname field is supported
Usage:
{{ include "common.ingress.supportsIngressClassname" . }}
*/}}
{{- define "common.ingress.supportsIngressClassname" -}}
{{- if semverCompare "<1.18-0" (include "common.capabilities.kubeVersion" .) -}}
{{- print "false" -}}
{{- else -}}
{{- print "true" -}}
{{- end -}}
{{- end -}}
{{/*
Return true if cert-manager required annotations for TLS signed
certificates are set in the Ingress annotations
Ref: https://cert-manager.io/docs/usage/ingress/#supported-annotations
Usage:
{{ include "common.ingress.certManagerRequest" ( dict "annotations" .Values.path.to.the.ingress.annotations ) }}
*/}}
{{- define "common.ingress.certManagerRequest" -}}
{{ if or (hasKey .annotations "cert-manager.io/cluster-issuer") (hasKey .annotations "cert-manager.io/issuer") }}
{{- true -}}
{{- end -}}
{{- end -}}

18
lib/common/services/mysql/charts/common/templates/_labels.tpl
View File

@@ -1,18 +0,0 @@
{{/* vim: set filetype=mustache: */}}
{{/*
Kubernetes standard labels
*/}}
{{- define "common.labels.standard" -}}
app.kubernetes.io/name: {{ include "common.names.name" . }}
helm.sh/chart: {{ include "common.names.chart" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- end -}}
{{/*
Labels to use on deploy.spec.selector.matchLabels and svc.spec.selector
*/}}
{{- define "common.labels.matchLabels" -}}
app.kubernetes.io/name: {{ include "common.names.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
{{- end -}}

63
lib/common/services/mysql/charts/common/templates/_names.tpl
View File

@@ -1,63 +0,0 @@
{{/* vim: set filetype=mustache: */}}
{{/*
Expand the name of the chart.
*/}}
{{- define "common.names.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Create chart name and version as used by the chart label.
*/}}
{{- define "common.names.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
If release name contains chart name it will be used as a full name.
*/}}
{{- define "common.names.fullname" -}}
{{- if .Values.fullnameOverride -}}
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
{{- else -}}
{{- $name := default .Chart.Name .Values.nameOverride -}}
{{- if contains $name .Release.Name -}}
{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
{{- else -}}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{- end -}}
{{- end -}}
{{/*
Create a default fully qualified dependency name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
If release name contains chart name it will be used as a full name.
Usage:
{{ include "common.names.dependency.fullname" (dict "chartName" "dependency-chart-name" "chartValues" .Values.dependency-chart "context" $) }}
*/}}
{{- define "common.names.dependency.fullname" -}}
{{- if .chartValues.fullnameOverride -}}
{{- .chartValues.fullnameOverride | trunc 63 | trimSuffix "-" -}}
{{- else -}}
{{- $name := default .chartName .chartValues.nameOverride -}}
{{- if contains $name .context.Release.Name -}}
{{- .context.Release.Name | trunc 63 | trimSuffix "-" -}}
{{- else -}}
{{- printf "%s-%s" .context.Release.Name $name | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{- end -}}
{{- end -}}
{{/*
Allow the release namespace to be overridden for multi-namespace deployments in combined charts.
*/}}
{{- define "common.names.namespace" -}}
{{- if .Values.namespaceOverride -}}
{{- .Values.namespaceOverride -}}
{{- else -}}
{{- .Release.Namespace -}}
{{- end -}}
{{- end -}}

140
lib/common/services/mysql/charts/common/templates/_secrets.tpl
View File

@@ -1,140 +0,0 @@
{{/* vim: set filetype=mustache: */}}
{{/*
Generate secret name.
Usage:
{{ include "common.secrets.name" (dict "existingSecret" .Values.path.to.the.existingSecret "defaultNameSuffix" "mySuffix" "context" $) }}
Params:
- existingSecret - ExistingSecret/String - Optional. The path to the existing secrets in the values.yaml given by the user
to be used instead of the default one. Allows for it to be of type String (just the secret name) for backwards compatibility.
+info: https://github.com/bitnami/charts/tree/master/bitnami/common#existingsecret
- defaultNameSuffix - String - Optional. It is used only if we have several secrets in the same deployment.
- context - Dict - Required. The context for the template evaluation.
*/}}
{{- define "common.secrets.name" -}}
{{- $name := (include "common.names.fullname" .context) -}}
{{- if .defaultNameSuffix -}}
{{- $name = printf "%s-%s" $name .defaultNameSuffix | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{- with .existingSecret -}}
{{- if not (typeIs "string" .) -}}
{{- with .name -}}
{{- $name = . -}}
{{- end -}}
{{- else -}}
{{- $name = . -}}
{{- end -}}
{{- end -}}
{{- printf "%s" $name -}}
{{- end -}}
{{/*
Generate secret key.
Usage:
{{ include "common.secrets.key" (dict "existingSecret" .Values.path.to.the.existingSecret "key" "keyName") }}
Params:
- existingSecret - ExistingSecret/String - Optional. The path to the existing secrets in the values.yaml given by the user
to be used instead of the default one. Allows for it to be of type String (just the secret name) for backwards compatibility.
+info: https://github.com/bitnami/charts/tree/master/bitnami/common#existingsecret
- key - String - Required. Name of the key in the secret.
*/}}
{{- define "common.secrets.key" -}}
{{- $key := .key -}}
{{- if .existingSecret -}}
{{- if not (typeIs "string" .existingSecret) -}}
{{- if .existingSecret.keyMapping -}}
{{- $key = index .existingSecret.keyMapping $.key -}}
{{- end -}}
{{- end }}
{{- end -}}
{{- printf "%s" $key -}}
{{- end -}}
{{/*
Generate secret password or retrieve one if already created.
Usage:
{{ include "common.secrets.passwords.manage" (dict "secret" "secret-name" "key" "keyName" "providedValues" (list "path.to.password1" "path.to.password2") "length" 10 "strong" false "chartName" "chartName" "context" $) }}
Params:
- secret - String - Required - Name of the 'Secret' resource where the password is stored.
- key - String - Required - Name of the key in the secret.
- providedValues - List<String> - Required - The path to the validating value in the values.yaml, e.g: "mysql.password". Will pick first parameter with a defined value.
- length - int - Optional - Length of the generated random password.
- strong - Boolean - Optional - Whether to add symbols to the generated random password.
- chartName - String - Optional - Name of the chart used when said chart is deployed as a subchart.
- context - Context - Required - Parent context.
The order in which this function returns a secret password:
1. Already existing 'Secret' resource
(If a 'Secret' resource is found under the name provided to the 'secret' parameter to this function and that 'Secret' resource contains a key with the name passed as the 'key' parameter to this function then the value of this existing secret password will be returned)
2. Password provided via the values.yaml
(If one of the keys passed to the 'providedValues' parameter to this function is a valid path to a key in the values.yaml and has a value, the value of the first key with a value will be returned)
3. Randomly generated secret password
(A new random secret password with the length specified in the 'length' parameter will be generated and returned)
*/}}
{{- define "common.secrets.passwords.manage" -}}
{{- $password := "" }}
{{- $subchart := "" }}
{{- $chartName := default "" .chartName }}
{{- $passwordLength := default 10 .length }}
{{- $providedPasswordKey := include "common.utils.getKeyFromList" (dict "keys" .providedValues "context" $.context) }}
{{- $providedPasswordValue := include "common.utils.getValueFromKey" (dict "key" $providedPasswordKey "context" $.context) }}
{{- $secretData := (lookup "v1" "Secret" $.context.Release.Namespace .secret).data }}
{{- if $secretData }}
{{- if hasKey $secretData .key }}
{{- $password = index $secretData .key }}
{{- else }}
{{- printf "\nPASSWORDS ERROR: The secret \"%s\" does not contain the key \"%s\"\n" .secret .key | fail -}}
{{- end -}}
{{- else if $providedPasswordValue }}
{{- $password = $providedPasswordValue | toString | b64enc | quote }}
{{- else }}
{{- if .context.Values.enabled }}
{{- $subchart = $chartName }}
{{- end -}}
{{- $requiredPassword := dict "valueKey" $providedPasswordKey "secret" .secret "field" .key "subchart" $subchart "context" $.context -}}
{{- $requiredPasswordError := include "common.validations.values.single.empty" $requiredPassword -}}
{{- $passwordValidationErrors := list $requiredPasswordError -}}
{{- include "common.errors.upgrade.passwords.empty" (dict "validationErrors" $passwordValidationErrors "context" $.context) -}}
{{- if .strong }}
{{- $subStr := list (lower (randAlpha 1)) (randNumeric 1) (upper (randAlpha 1)) | join "_" }}
{{- $password = randAscii $passwordLength }}
{{- $password = regexReplaceAllLiteral "\\W" $password "@" | substr 5 $passwordLength }}
{{- $password = printf "%s%s" $subStr $password | toString | shuffle | b64enc | quote }}
{{- else }}
{{- $password = randAlphaNum $passwordLength | b64enc | quote }}
{{- end }}
{{- end -}}
{{- printf "%s" $password -}}
{{- end -}}
{{/*
Returns whether a previous generated secret already exists
Usage:
{{ include "common.secrets.exists" (dict "secret" "secret-name" "context" $) }}
Params:
- secret - String - Required - Name of the 'Secret' resource where the password is stored.
- context - Context - Required - Parent context.
*/}}
{{- define "common.secrets.exists" -}}
{{- $secret := (lookup "v1" "Secret" $.context.Release.Namespace .secret) }}
{{- if $secret }}
{{- true -}}
{{- end -}}
{{- end -}}

23
lib/common/services/mysql/charts/common/templates/_storage.tpl
View File

@@ -1,23 +0,0 @@
{{/* vim: set filetype=mustache: */}}
{{/*
Return the proper Storage Class
{{ include "common.storage.class" ( dict "persistence" .Values.path.to.the.persistence "global" $) }}
*/}}
{{- define "common.storage.class" -}}
{{- $storageClass := .persistence.storageClass -}}
{{- if .global -}}
{{- if .global.storageClass -}}
{{- $storageClass = .global.storageClass -}}
{{- end -}}
{{- end -}}
{{- if $storageClass -}}
{{- if (eq "-" $storageClass) -}}
{{- printf "storageClassName: \"\"" -}}
{{- else }}
{{- printf "storageClassName: %s" $storageClass -}}
{{- end -}}
{{- end -}}
{{- end -}}

13
lib/common/services/mysql/charts/common/templates/_tplvalues.tpl
View File

@@ -1,13 +0,0 @@
{{/* vim: set filetype=mustache: */}}
{{/*
Renders a value that contains template.
Usage:
{{ include "common.tplvalues.render" ( dict "value" .Values.path.to.the.Value "context" $) }}
*/}}
{{- define "common.tplvalues.render" -}}
{{- if typeIs "string" .value }}
{{- tpl .value .context }}
{{- else }}
{{- tpl (.value | toYaml) .context }}
{{- end }}
{{- end -}}

62
lib/common/services/mysql/charts/common/templates/_utils.tpl
View File

@@ -1,62 +0,0 @@
{{/* vim: set filetype=mustache: */}}
{{/*
Print instructions to get a secret value.
Usage:
{{ include "common.utils.secret.getvalue" (dict "secret" "secret-name" "field" "secret-value-field" "context" $) }}
*/}}
{{- define "common.utils.secret.getvalue" -}}
{{- $varname := include "common.utils.fieldToEnvVar" . -}}
export {{ $varname }}=$(kubectl get secret --namespace {{ .context.Release.Namespace | quote }} {{ .secret }} -o jsonpath="{.data.{{ .field }}}" | base64 --decode)
{{- end -}}
{{/*
Build env var name given a field
Usage:
{{ include "common.utils.fieldToEnvVar" dict "field" "my-password" }}
*/}}
{{- define "common.utils.fieldToEnvVar" -}}
{{- $fieldNameSplit := splitList "-" .field -}}
{{- $upperCaseFieldNameSplit := list -}}
{{- range $fieldNameSplit -}}
{{- $upperCaseFieldNameSplit = append $upperCaseFieldNameSplit ( upper . ) -}}
{{- end -}}
{{ join "_" $upperCaseFieldNameSplit }}
{{- end -}}
{{/*
Gets a value from .Values given
Usage:
{{ include "common.utils.getValueFromKey" (dict "key" "path.to.key" "context" $) }}
*/}}
{{- define "common.utils.getValueFromKey" -}}
{{- $splitKey := splitList "." .key -}}
{{- $value := "" -}}
{{- $latestObj := $.context.Values -}}
{{- range $splitKey -}}
{{- if not $latestObj -}}
{{- printf "please review the entire path of '%s' exists in values" $.key | fail -}}
{{- end -}}
{{- $value = ( index $latestObj . ) -}}
{{- $latestObj = $value -}}
{{- end -}}
{{- printf "%v" (default "" $value) -}}
{{- end -}}
{{/*
Returns first .Values key with a defined value or first of the list if all non-defined
Usage:
{{ include "common.utils.getKeyFromList" (dict "keys" (list "path.to.key1" "path.to.key2") "context" $) }}
*/}}
{{- define "common.utils.getKeyFromList" -}}
{{- $key := first .keys -}}
{{- $reverseKeys := reverse .keys }}
{{- range $reverseKeys }}
{{- $value := include "common.utils.getValueFromKey" (dict "key" . "context" $.context ) }}
{{- if $value -}}
{{- $key = . }}
{{- end -}}
{{- end -}}
{{- printf "%s" $key -}}
{{- end -}}

14
lib/common/services/mysql/charts/common/templates/_warnings.tpl
View File

@@ -1,14 +0,0 @@
{{/* vim: set filetype=mustache: */}}
{{/*
Warning about using rolling tag.
Usage:
{{ include "common.warnings.rollingTag" .Values.path.to.the.imageRoot }}
*/}}
{{- define "common.warnings.rollingTag" -}}
{{- if and (contains "bitnami/" .repository) (not (.tag | toString | regexFind "-r\\d+$|sha256:")) }}
WARNING: Rolling tag detected ({{ .repository }}:{{ .tag }}), please note that it is strongly recommended to avoid using rolling tags in a production environment.
+info https://docs.bitnami.com/containers/how-to/understand-rolling-tags-containers/
{{- end }}
{{- end -}}

72
lib/common/services/mysql/charts/common/templates/validations/_cassandra.tpl
View File

@@ -1,72 +0,0 @@
{{/* vim: set filetype=mustache: */}}
{{/*
Validate Cassandra required passwords are not empty.
Usage:
{{ include "common.validations.values.cassandra.passwords" (dict "secret" "secretName" "subchart" false "context" $) }}
Params:
- secret - String - Required. Name of the secret where Cassandra values are stored, e.g: "cassandra-passwords-secret"
- subchart - Boolean - Optional. Whether Cassandra is used as subchart or not. Default: false
*/}}
{{- define "common.validations.values.cassandra.passwords" -}}
{{- $existingSecret := include "common.cassandra.values.existingSecret" . -}}
{{- $enabled := include "common.cassandra.values.enabled" . -}}
{{- $dbUserPrefix := include "common.cassandra.values.key.dbUser" . -}}
{{- $valueKeyPassword := printf "%s.password" $dbUserPrefix -}}
{{- if and (or (not $existingSecret) (eq $existingSecret "\"\"")) (eq $enabled "true") -}}
{{- $requiredPasswords := list -}}
{{- $requiredPassword := dict "valueKey" $valueKeyPassword "secret" .secret "field" "cassandra-password" -}}
{{- $requiredPasswords = append $requiredPasswords $requiredPassword -}}
{{- include "common.validations.values.multiple.empty" (dict "required" $requiredPasswords "context" .context) -}}
{{- end -}}
{{- end -}}
{{/*
Auxiliary function to get the right value for existingSecret.
Usage:
{{ include "common.cassandra.values.existingSecret" (dict "context" $) }}
Params:
- subchart - Boolean - Optional. Whether Cassandra is used as subchart or not. Default: false
*/}}
{{- define "common.cassandra.values.existingSecret" -}}
{{- if .subchart -}}
{{- .context.Values.cassandra.dbUser.existingSecret | quote -}}
{{- else -}}
{{- .context.Values.dbUser.existingSecret | quote -}}
{{- end -}}
{{- end -}}
{{/*
Auxiliary function to get the right value for enabled cassandra.
Usage:
{{ include "common.cassandra.values.enabled" (dict "context" $) }}
*/}}
{{- define "common.cassandra.values.enabled" -}}
{{- if .subchart -}}
{{- printf "%v" .context.Values.cassandra.enabled -}}
{{- else -}}
{{- printf "%v" (not .context.Values.enabled) -}}
{{- end -}}
{{- end -}}
{{/*
Auxiliary function to get the right value for the key dbUser
Usage:
{{ include "common.cassandra.values.key.dbUser" (dict "subchart" "true" "context" $) }}
Params:
- subchart - Boolean - Optional. Whether Cassandra is used as subchart or not. Default: false
*/}}
{{- define "common.cassandra.values.key.dbUser" -}}
{{- if .subchart -}}
cassandra.dbUser
{{- else -}}
dbUser
{{- end -}}
{{- end -}}

103
lib/common/services/mysql/charts/common/templates/validations/_mariadb.tpl
View File

@@ -1,103 +0,0 @@
{{/* vim: set filetype=mustache: */}}
{{/*
Validate MariaDB required passwords are not empty.
Usage:
{{ include "common.validations.values.mariadb.passwords" (dict "secret" "secretName" "subchart" false "context" $) }}
Params:
- secret - String - Required. Name of the secret where MariaDB values are stored, e.g: "mysql-passwords-secret"
- subchart - Boolean - Optional. Whether MariaDB is used as subchart or not. Default: false
*/}}
{{- define "common.validations.values.mariadb.passwords" -}}
{{- $existingSecret := include "common.mariadb.values.auth.existingSecret" . -}}
{{- $enabled := include "common.mariadb.values.enabled" . -}}
{{- $architecture := include "common.mariadb.values.architecture" . -}}
{{- $authPrefix := include "common.mariadb.values.key.auth" . -}}
{{- $valueKeyRootPassword := printf "%s.rootPassword" $authPrefix -}}
{{- $valueKeyUsername := printf "%s.username" $authPrefix -}}
{{- $valueKeyPassword := printf "%s.password" $authPrefix -}}
{{- $valueKeyReplicationPassword := printf "%s.replicationPassword" $authPrefix -}}
{{- if and (or (not $existingSecret) (eq $existingSecret "\"\"")) (eq $enabled "true") -}}
{{- $requiredPasswords := list -}}
{{- $requiredRootPassword := dict "valueKey" $valueKeyRootPassword "secret" .secret "field" "mariadb-root-password" -}}
{{- $requiredPasswords = append $requiredPasswords $requiredRootPassword -}}
{{- $valueUsername := include "common.utils.getValueFromKey" (dict "key" $valueKeyUsername "context" .context) }}
{{- if not (empty $valueUsername) -}}
{{- $requiredPassword := dict "valueKey" $valueKeyPassword "secret" .secret "field" "mariadb-password" -}}
{{- $requiredPasswords = append $requiredPasswords $requiredPassword -}}
{{- end -}}
{{- if (eq $architecture "replication") -}}
{{- $requiredReplicationPassword := dict "valueKey" $valueKeyReplicationPassword "secret" .secret "field" "mariadb-replication-password" -}}
{{- $requiredPasswords = append $requiredPasswords $requiredReplicationPassword -}}
{{- end -}}
{{- include "common.validations.values.multiple.empty" (dict "required" $requiredPasswords "context" .context) -}}
{{- end -}}
{{- end -}}
{{/*
Auxiliary function to get the right value for existingSecret.
Usage:
{{ include "common.mariadb.values.auth.existingSecret" (dict "context" $) }}
Params:
- subchart - Boolean - Optional. Whether MariaDB is used as subchart or not. Default: false
*/}}
{{- define "common.mariadb.values.auth.existingSecret" -}}
{{- if .subchart -}}
{{- .context.Values.mariadb.auth.existingSecret | quote -}}
{{- else -}}
{{- .context.Values.auth.existingSecret | quote -}}
{{- end -}}
{{- end -}}
{{/*
Auxiliary function to get the right value for enabled mariadb.
Usage:
{{ include "common.mariadb.values.enabled" (dict "context" $) }}
*/}}
{{- define "common.mariadb.values.enabled" -}}
{{- if .subchart -}}
{{- printf "%v" .context.Values.mariadb.enabled -}}
{{- else -}}
{{- printf "%v" (not .context.Values.enabled) -}}
{{- end -}}
{{- end -}}
{{/*
Auxiliary function to get the right value for architecture
Usage:
{{ include "common.mariadb.values.architecture" (dict "subchart" "true" "context" $) }}
Params:
- subchart - Boolean - Optional. Whether MariaDB is used as subchart or not. Default: false
*/}}
{{- define "common.mariadb.values.architecture" -}}
{{- if .subchart -}}
{{- .context.Values.mariadb.architecture -}}
{{- else -}}
{{- .context.Values.architecture -}}
{{- end -}}
{{- end -}}
{{/*
Auxiliary function to get the right value for the key auth
Usage:
{{ include "common.mariadb.values.key.auth" (dict "subchart" "true" "context" $) }}
Params:
- subchart - Boolean - Optional. Whether MariaDB is used as subchart or not. Default: false
*/}}
{{- define "common.mariadb.values.key.auth" -}}
{{- if .subchart -}}
mariadb.auth
{{- else -}}
auth
{{- end -}}
{{- end -}}

108
lib/common/services/mysql/charts/common/templates/validations/_mongodb.tpl
View File

@@ -1,108 +0,0 @@
{{/* vim: set filetype=mustache: */}}
{{/*
Validate MongoDB&reg; required passwords are not empty.
Usage:
{{ include "common.validations.values.mongodb.passwords" (dict "secret" "secretName" "subchart" false "context" $) }}
Params:
- secret - String - Required. Name of the secret where MongoDB&reg; values are stored, e.g: "mongodb-passwords-secret"
- subchart - Boolean - Optional. Whether MongoDB&reg; is used as subchart or not. Default: false
*/}}
{{- define "common.validations.values.mongodb.passwords" -}}
{{- $existingSecret := include "common.mongodb.values.auth.existingSecret" . -}}
{{- $enabled := include "common.mongodb.values.enabled" . -}}
{{- $authPrefix := include "common.mongodb.values.key.auth" . -}}
{{- $architecture := include "common.mongodb.values.architecture" . -}}
{{- $valueKeyRootPassword := printf "%s.rootPassword" $authPrefix -}}
{{- $valueKeyUsername := printf "%s.username" $authPrefix -}}
{{- $valueKeyDatabase := printf "%s.database" $authPrefix -}}
{{- $valueKeyPassword := printf "%s.password" $authPrefix -}}
{{- $valueKeyReplicaSetKey := printf "%s.replicaSetKey" $authPrefix -}}
{{- $valueKeyAuthEnabled := printf "%s.enabled" $authPrefix -}}
{{- $authEnabled := include "common.utils.getValueFromKey" (dict "key" $valueKeyAuthEnabled "context" .context) -}}
{{- if and (or (not $existingSecret) (eq $existingSecret "\"\"")) (eq $enabled "true") (eq $authEnabled "true") -}}
{{- $requiredPasswords := list -}}
{{- $requiredRootPassword := dict "valueKey" $valueKeyRootPassword "secret" .secret "field" "mongodb-root-password" -}}
{{- $requiredPasswords = append $requiredPasswords $requiredRootPassword -}}
{{- $valueUsername := include "common.utils.getValueFromKey" (dict "key" $valueKeyUsername "context" .context) }}
{{- $valueDatabase := include "common.utils.getValueFromKey" (dict "key" $valueKeyDatabase "context" .context) }}
{{- if and $valueUsername $valueDatabase -}}
{{- $requiredPassword := dict "valueKey" $valueKeyPassword "secret" .secret "field" "mongodb-password" -}}
{{- $requiredPasswords = append $requiredPasswords $requiredPassword -}}
{{- end -}}
{{- if (eq $architecture "replicaset") -}}
{{- $requiredReplicaSetKey := dict "valueKey" $valueKeyReplicaSetKey "secret" .secret "field" "mongodb-replica-set-key" -}}
{{- $requiredPasswords = append $requiredPasswords $requiredReplicaSetKey -}}
{{- end -}}
{{- include "common.validations.values.multiple.empty" (dict "required" $requiredPasswords "context" .context) -}}
{{- end -}}
{{- end -}}
{{/*
Auxiliary function to get the right value for existingSecret.
Usage:
{{ include "common.mongodb.values.auth.existingSecret" (dict "context" $) }}
Params:
- subchart - Boolean - Optional. Whether MongoDb is used as subchart or not. Default: false
*/}}
{{- define "common.mongodb.values.auth.existingSecret" -}}
{{- if .subchart -}}
{{- .context.Values.mongodb.auth.existingSecret | quote -}}
{{- else -}}
{{- .context.Values.auth.existingSecret | quote -}}
{{- end -}}
{{- end -}}
{{/*
Auxiliary function to get the right value for enabled mongodb.
Usage:
{{ include "common.mongodb.values.enabled" (dict "context" $) }}
*/}}
{{- define "common.mongodb.values.enabled" -}}
{{- if .subchart -}}
{{- printf "%v" .context.Values.mongodb.enabled -}}
{{- else -}}
{{- printf "%v" (not .context.Values.enabled) -}}
{{- end -}}
{{- end -}}
{{/*
Auxiliary function to get the right value for the key auth
Usage:
{{ include "common.mongodb.values.key.auth" (dict "subchart" "true" "context" $) }}
Params:
- subchart - Boolean - Optional. Whether MongoDB&reg; is used as subchart or not. Default: false
*/}}
{{- define "common.mongodb.values.key.auth" -}}
{{- if .subchart -}}
mongodb.auth
{{- else -}}
auth
{{- end -}}
{{- end -}}
{{/*
Auxiliary function to get the right value for architecture
Usage:
{{ include "common.mongodb.values.architecture" (dict "subchart" "true" "context" $) }}
Params:
- subchart - Boolean - Optional. Whether MariaDB is used as subchart or not. Default: false
*/}}
{{- define "common.mongodb.values.architecture" -}}
{{- if .subchart -}}
{{- .context.Values.mongodb.architecture -}}
{{- else -}}
{{- .context.Values.architecture -}}
{{- end -}}
{{- end -}}

129
lib/common/services/mysql/charts/common/templates/validations/_postgresql.tpl
View File

@@ -1,129 +0,0 @@
{{/* vim: set filetype=mustache: */}}
{{/*
Validate PostgreSQL required passwords are not empty.
Usage:
{{ include "common.validations.values.postgresql.passwords" (dict "secret" "secretName" "subchart" false "context" $) }}
Params:
- secret - String - Required. Name of the secret where postgresql values are stored, e.g: "postgresql-passwords-secret"
- subchart - Boolean - Optional. Whether postgresql is used as subchart or not. Default: false
*/}}
{{- define "common.validations.values.postgresql.passwords" -}}
{{- $existingSecret := include "common.postgresql.values.existingSecret" . -}}
{{- $enabled := include "common.postgresql.values.enabled" . -}}
{{- $valueKeyPostgresqlPassword := include "common.postgresql.values.key.postgressPassword" . -}}
{{- $valueKeyPostgresqlReplicationEnabled := include "common.postgresql.values.key.replicationPassword" . -}}
{{- if and (or (not $existingSecret) (eq $existingSecret "\"\"")) (eq $enabled "true") -}}
{{- $requiredPasswords := list -}}
{{- $requiredPostgresqlPassword := dict "valueKey" $valueKeyPostgresqlPassword "secret" .secret "field" "postgresql-password" -}}
{{- $requiredPasswords = append $requiredPasswords $requiredPostgresqlPassword -}}
{{- $enabledReplication := include "common.postgresql.values.enabled.replication" . -}}
{{- if (eq $enabledReplication "true") -}}
{{- $requiredPostgresqlReplicationPassword := dict "valueKey" $valueKeyPostgresqlReplicationEnabled "secret" .secret "field" "postgresql-replication-password" -}}
{{- $requiredPasswords = append $requiredPasswords $requiredPostgresqlReplicationPassword -}}
{{- end -}}
{{- include "common.validations.values.multiple.empty" (dict "required" $requiredPasswords "context" .context) -}}
{{- end -}}
{{- end -}}
{{/*
Auxiliary function to decide whether evaluate global values.
Usage:
{{ include "common.postgresql.values.use.global" (dict "key" "key-of-global" "context" $) }}
Params:
- key - String - Required. Field to be evaluated within global, e.g: "existingSecret"
*/}}
{{- define "common.postgresql.values.use.global" -}}
{{- if .context.Values.global -}}
{{- if .context.Values.global.postgresql -}}
{{- index .context.Values.global.postgresql .key | quote -}}
{{- end -}}
{{- end -}}
{{- end -}}
{{/*
Auxiliary function to get the right value for existingSecret.
Usage:
{{ include "common.postgresql.values.existingSecret" (dict "context" $) }}
*/}}
{{- define "common.postgresql.values.existingSecret" -}}
{{- $globalValue := include "common.postgresql.values.use.global" (dict "key" "existingSecret" "context" .context) -}}
{{- if .subchart -}}
{{- default (.context.Values.postgresql.existingSecret | quote) $globalValue -}}
{{- else -}}
{{- default (.context.Values.existingSecret | quote) $globalValue -}}
{{- end -}}
{{- end -}}
{{/*
Auxiliary function to get the right value for enabled postgresql.
Usage:
{{ include "common.postgresql.values.enabled" (dict "context" $) }}
*/}}
{{- define "common.postgresql.values.enabled" -}}
{{- if .subchart -}}
{{- printf "%v" .context.Values.postgresql.enabled -}}
{{- else -}}
{{- printf "%v" (not .context.Values.enabled) -}}
{{- end -}}
{{- end -}}
{{/*
Auxiliary function to get the right value for the key postgressPassword.
Usage:
{{ include "common.postgresql.values.key.postgressPassword" (dict "subchart" "true" "context" $) }}
Params:
- subchart - Boolean - Optional. Whether postgresql is used as subchart or not. Default: false
*/}}
{{- define "common.postgresql.values.key.postgressPassword" -}}
{{- $globalValue := include "common.postgresql.values.use.global" (dict "key" "postgresqlUsername" "context" .context) -}}
{{- if not $globalValue -}}
{{- if .subchart -}}
postgresql.postgresqlPassword
{{- else -}}
postgresqlPassword
{{- end -}}
{{- else -}}
global.postgresql.postgresqlPassword
{{- end -}}
{{- end -}}
{{/*
Auxiliary function to get the right value for enabled.replication.
Usage:
{{ include "common.postgresql.values.enabled.replication" (dict "subchart" "true" "context" $) }}
Params:
- subchart - Boolean - Optional. Whether postgresql is used as subchart or not. Default: false
*/}}
{{- define "common.postgresql.values.enabled.replication" -}}
{{- if .subchart -}}
{{- printf "%v" .context.Values.postgresql.replication.enabled -}}
{{- else -}}
{{- printf "%v" .context.Values.replication.enabled -}}
{{- end -}}
{{- end -}}
{{/*
Auxiliary function to get the right value for the key replication.password.
Usage:
{{ include "common.postgresql.values.key.replicationPassword" (dict "subchart" "true" "context" $) }}
Params:
- subchart - Boolean - Optional. Whether postgresql is used as subchart or not. Default: false
*/}}
{{- define "common.postgresql.values.key.replicationPassword" -}}
{{- if .subchart -}}
postgresql.replication.password
{{- else -}}
replication.password
{{- end -}}
{{- end -}}

76
lib/common/services/mysql/charts/common/templates/validations/_redis.tpl
View File

@@ -1,76 +0,0 @@
{{/* vim: set filetype=mustache: */}}
{{/*
Validate Redis&trade; required passwords are not empty.
Usage:
{{ include "common.validations.values.redis.passwords" (dict "secret" "secretName" "subchart" false "context" $) }}
Params:
- secret - String - Required. Name of the secret where redis values are stored, e.g: "redis-passwords-secret"
- subchart - Boolean - Optional. Whether redis is used as subchart or not. Default: false
*/}}
{{- define "common.validations.values.redis.passwords" -}}
{{- $enabled := include "common.redis.values.enabled" . -}}
{{- $valueKeyPrefix := include "common.redis.values.keys.prefix" . -}}
{{- $standarizedVersion := include "common.redis.values.standarized.version" . }}
{{- $existingSecret := ternary (printf "%s%s" $valueKeyPrefix "auth.existingSecret") (printf "%s%s" $valueKeyPrefix "existingSecret") (eq $standarizedVersion "true") }}
{{- $existingSecretValue := include "common.utils.getValueFromKey" (dict "key" $existingSecret "context" .context) }}
{{- $valueKeyRedisPassword := ternary (printf "%s%s" $valueKeyPrefix "auth.password") (printf "%s%s" $valueKeyPrefix "password") (eq $standarizedVersion "true") }}
{{- $valueKeyRedisUseAuth := ternary (printf "%s%s" $valueKeyPrefix "auth.enabled") (printf "%s%s" $valueKeyPrefix "usePassword") (eq $standarizedVersion "true") }}
{{- if and (or (not $existingSecret) (eq $existingSecret "\"\"")) (eq $enabled "true") -}}
{{- $requiredPasswords := list -}}
{{- $useAuth := include "common.utils.getValueFromKey" (dict "key" $valueKeyRedisUseAuth "context" .context) -}}
{{- if eq $useAuth "true" -}}
{{- $requiredRedisPassword := dict "valueKey" $valueKeyRedisPassword "secret" .secret "field" "redis-password" -}}
{{- $requiredPasswords = append $requiredPasswords $requiredRedisPassword -}}
{{- end -}}
{{- include "common.validations.values.multiple.empty" (dict "required" $requiredPasswords "context" .context) -}}
{{- end -}}
{{- end -}}
{{/*
Auxiliary function to get the right value for enabled redis.
Usage:
{{ include "common.redis.values.enabled" (dict "context" $) }}
*/}}
{{- define "common.redis.values.enabled" -}}
{{- if .subchart -}}
{{- printf "%v" .context.Values.redis.enabled -}}
{{- else -}}
{{- printf "%v" (not .context.Values.enabled) -}}
{{- end -}}
{{- end -}}
{{/*
Auxiliary function to get the right prefix path for the values
Usage:
{{ include "common.redis.values.key.prefix" (dict "subchart" "true" "context" $) }}
Params:
- subchart - Boolean - Optional. Whether redis is used as subchart or not. Default: false
*/}}
{{- define "common.redis.values.keys.prefix" -}}
{{- if .subchart -}}redis.{{- else -}}{{- end -}}
{{- end -}}
{{/*
Checks whether the redis chart's includes the standarizations (version >= 14)
Usage:
{{ include "common.redis.values.standarized.version" (dict "context" $) }}
*/}}
{{- define "common.redis.values.standarized.version" -}}
{{- $standarizedAuth := printf "%s%s" (include "common.redis.values.keys.prefix" .) "auth" -}}
{{- $standarizedAuthValues := include "common.utils.getValueFromKey" (dict "key" $standarizedAuth "context" .context) }}
{{- if $standarizedAuthValues -}}
{{- true -}}
{{- end -}}
{{- end -}}

46
lib/common/services/mysql/charts/common/templates/validations/_validations.tpl
View File

@@ -1,46 +0,0 @@
{{/* vim: set filetype=mustache: */}}
{{/*
Validate values must not be empty.
Usage:
{{- $validateValueConf00 := (dict "valueKey" "path.to.value" "secret" "secretName" "field" "password-00") -}}
{{- $validateValueConf01 := (dict "valueKey" "path.to.value" "secret" "secretName" "field" "password-01") -}}
{{ include "common.validations.values.empty" (dict "required" (list $validateValueConf00 $validateValueConf01) "context" $) }}
Validate value params:
- valueKey - String - Required. The path to the validating value in the values.yaml, e.g: "mysql.password"
- secret - String - Optional. Name of the secret where the validating value is generated/stored, e.g: "mysql-passwords-secret"
- field - String - Optional. Name of the field in the secret data, e.g: "mysql-password"
*/}}
{{- define "common.validations.values.multiple.empty" -}}
{{- range .required -}}
{{- include "common.validations.values.single.empty" (dict "valueKey" .valueKey "secret" .secret "field" .field "context" $.context) -}}
{{- end -}}
{{- end -}}
{{/*
Validate a value must not be empty.
Usage:
{{ include "common.validations.value.empty" (dict "valueKey" "mariadb.password" "secret" "secretName" "field" "my-password" "subchart" "subchart" "context" $) }}
Validate value params:
- valueKey - String - Required. The path to the validating value in the values.yaml, e.g: "mysql.password"
- secret - String - Optional. Name of the secret where the validating value is generated/stored, e.g: "mysql-passwords-secret"
- field - String - Optional. Name of the field in the secret data, e.g: "mysql-password"
- subchart - String - Optional - Name of the subchart that the validated password is part of.
*/}}
{{- define "common.validations.values.single.empty" -}}
{{- $value := include "common.utils.getValueFromKey" (dict "key" .valueKey "context" .context) }}
{{- $subchart := ternary "" (printf "%s." .subchart) (empty .subchart) }}
{{- if not $value -}}
{{- $varname := "my-value" -}}
{{- $getCurrentValue := "" -}}
{{- if and .secret .field -}}
{{- $varname = include "common.utils.fieldToEnvVar" . -}}
{{- $getCurrentValue = printf " To get the current value:\n\n %s\n" (include "common.utils.secret.getvalue" .) -}}
{{- end -}}
{{- printf "\n '%s' must not be empty, please add '--set %s%s=$%s' to the command.%s" .valueKey $subchart .valueKey $varname $getCurrentValue -}}
{{- end -}}
{{- end -}}

5
lib/common/services/mysql/charts/common/values.yaml
View File

@@ -1,5 +0,0 @@
## bitnami/common
## It is required by CI/CD tools and processes.
## @skip exampleValue
##
exampleValue: common-chart

30
lib/common/services/mysql/ci/values-production-with-rbac.yaml
View File

@@ -1,30 +0,0 @@
# Test values file for generating all of the yaml and check that
# the rendering is correct
architecture: replication
auth:
usePasswordFiles: true
primary:
extraEnvVars:
- name: TEST
value: "3"
podDisruptionBudget:
create: true
secondary:
replicaCount: 2
extraEnvVars:
- name: TEST
value: "2"
podDisruptionBudget:
create: true
serviceAccount:
create: true
name: mysql-service-account
rbac:
create: true
metrics:
enabled: true

29
lib/common/services/mysql/ci/values-production.yaml Normal file
View File

@@ -0,0 +1,29 @@
# Test values file for generating all of the yaml and check that
# the rendering is correct
volumePermissions:
enabled: true
master:
extraEnvVars:
- name: TEST
value: "3"
extraEnvVarsSecret: example-secret
extraEnvVarsCM: example-cm
slave:
extraEnvVars:
- name: TEST
value: "2"
extraEnvVarsSecret: example-secret-2
extraEnvVarsCM: example-cm-2
replicas: 2
metrics:
enabled: true
## Kubeval doesn't recognise ServiceMonitor as a valid K8s object
# serviceMonitor:
# enabled: true

3
lib/common/services/mysql/files/docker-entrypoint-initdb.d/README.md Normal file
View File

@@ -0,0 +1,3 @@
You can copy here your custom .sh, .sql or .sql.gz file so they are executed during the first boot of the image.
More info in the [bitnami-docker-mysql](https://github.com/bitnami/bitnami-docker-mysql#initializing-a-new-instance) repository.

437
lib/common/services/mysql/templates/_helpers.tpl
View File

@@ -1,43 +1,97 @@
{{/* vim: set filetype=mustache: */}} {{/* vim: set filetype=mustache: */}}
{{/*
Expand the name of the chart.
*/}}
{{- define "mysql.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{- define "mysql.primary.fullname" -}} {{/*
{{- if eq .Values.architecture "replication" }} Create a default fully qualified app name.
{{- printf "%s-%s" (include "common.names.fullname" .) "primary" | trunc 63 | trimSuffix "-" -}} We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
*/}}
{{- define "mysql.fullname" -}}
{{- if .Values.fullnameOverride -}}
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
{{- else -}} {{- else -}}
{{- include "common.names.fullname" . -}} {{- $name := default .Chart.Name .Values.nameOverride -}}
{{- if contains $name .Release.Name -}}
{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
{{- else -}}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{- end -}} {{- end -}}
{{- end -}} {{- end -}}
{{- define "mysql.secondary.fullname" -}} {{- define "mysql.master.fullname" -}}
{{- printf "%s-%s" (include "common.names.fullname" .) "secondary" | trunc 63 | trimSuffix "-" -}} {{- if .Values.fullnameOverride -}}
{{- printf "%s-%s" .Values.fullnameOverride "master" | trunc 63 | trimSuffix "-" -}}
{{- else -}}
{{- $name := default .Chart.Name .Values.nameOverride -}}
{{- if contains $name .Release.Name -}}
{{- printf "%s-%s" .Release.Name "master" | trunc 63 | trimSuffix "-" -}}
{{- else -}}
{{- printf "%s-%s-%s" .Release.Name $name "master" | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{- end -}}
{{- end -}}
{{- define "mysql.slave.fullname" -}}
{{- if .Values.fullnameOverride -}}
{{- printf "%s-%s" .Values.fullnameOverride "slave" | trunc 63 | trimSuffix "-" -}}
{{- else -}}
{{- $name := default .Chart.Name .Values.nameOverride -}}
{{- if contains $name .Release.Name -}}
{{- printf "%s-%s" .Release.Name "slave" | trunc 63 | trimSuffix "-" -}}
{{- else -}}
{{- printf "%s-%s-%s" .Release.Name $name "slave" | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{- end -}}
{{- end -}}
{{- define "mysql.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
{{- end }}
{{/*
Common labels
*/}}
{{- define "mysql.labels" -}}
app: {{ include "mysql.name" . }}
chart: {{ include "mysql.chart" . }}
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
{{- end -}}
{{/*
Labels to use on deploy.spec.selector.matchLabels and svc.spec.selector
*/}}
{{- define "mysql.matchLabels" -}}
app: {{ include "mysql.name" . }}
release: {{ .Release.Name }}
{{- end -}} {{- end -}}
{{/* {{/*
Return the proper MySQL image name Return the proper MySQL image name
*/}} */}}
{{- define "mysql.image" -}} {{- define "mysql.image" -}}
{{ include "common.images.image" (dict "imageRoot" .Values.image "global" .Values.global) }} {{- $registryName := .Values.image.registry -}}
{{- end -}} {{- $repositoryName := .Values.image.repository -}}
{{- $tag := .Values.image.tag | toString -}}
{{/* {{/*
Return the proper metrics image name Helm 2.11 supports the assignment of a value to a variable defined in a different scope,
but Helm 2.9 and 2.10 doesn't support it, so we need to implement this if-else logic.
Also, we can't use a single if because lazy evaluation is not an option
*/}} */}}
{{- define "mysql.metrics.image" -}} {{- if .Values.global }}
{{ include "common.images.image" (dict "imageRoot" .Values.metrics.image "global" .Values.global) }} {{- if .Values.global.imageRegistry }}
{{- printf "%s/%s:%s" .Values.global.imageRegistry $repositoryName $tag -}}
{{- else -}}
{{- printf "%s/%s:%s" $registryName $repositoryName $tag -}}
{{- end -}}
{{- else -}}
{{- printf "%s/%s:%s" $registryName $repositoryName $tag -}}
{{- end -}} {{- end -}}
{{/*
Return the proper image name (for the init container volume-permissions image)
*/}}
{{- define "mysql.volumePermissions.image" -}}
{{ include "common.images.image" (dict "imageRoot" .Values.volumePermissions.image "global" .Values.global) }}
{{- end -}}
{{/*
Return the proper Docker Image Registry Secret Names
*/}}
{{- define "mysql.imagePullSecrets" -}}
{{ include "common.images.pullSecrets" (dict "images" (list .Values.image .Values.metrics.image .Values.volumePermissions.image) "global" .Values.global) }}
{{- end -}} {{- end -}}
{{ template "mysql.initdbScriptsCM" . }} {{ template "mysql.initdbScriptsCM" . }}
@@ -46,12 +100,216 @@ Get the initialization scripts ConfigMap name.
*/}} */}}
{{- define "mysql.initdbScriptsCM" -}} {{- define "mysql.initdbScriptsCM" -}}
{{- if .Values.initdbScriptsConfigMap -}} {{- if .Values.initdbScriptsConfigMap -}}
{{- printf "%s" (tpl .Values.initdbScriptsConfigMap $) -}} {{- printf "%s" .Values.initdbScriptsConfigMap -}}
{{- else -}} {{- else -}}
{{- printf "%s-init-scripts" (include "mysql.primary.fullname" .) -}} {{- printf "%s-init-scripts" (include "mysql.master.fullname" .) -}}
{{- end -}} {{- end -}}
{{- end -}} {{- end -}}
{{/*
Return the proper MySQL metrics exporter image name
*/}}
{{- define "mysql.metrics.image" -}}
{{- $registryName := .Values.metrics.image.registry -}}
{{- $repositoryName := .Values.metrics.image.repository -}}
{{- $tag := .Values.metrics.image.tag | toString -}}
{{/*
Helm 2.11 supports the assignment of a value to a variable defined in a different scope,
but Helm 2.9 and 2.10 doesn't support it, so we need to implement this if-else logic.
Also, we can't use a single if because lazy evaluation is not an option
*/}}
{{- if .Values.global }}
{{- if .Values.global.imageRegistry }}
{{- printf "%s/%s:%s" .Values.global.imageRegistry $repositoryName $tag -}}
{{- else -}}
{{- printf "%s/%s:%s" $registryName $repositoryName $tag -}}
{{- end -}}
{{- else -}}
{{- printf "%s/%s:%s" $registryName $repositoryName $tag -}}
{{- end -}}
{{- end -}}
{{/*
Return the proper Docker Image Registry Secret Names
*/}}
{{- define "mysql.imagePullSecrets" -}}
{{/*
Helm 2.11 supports the assignment of a value to a variable defined in a different scope,
but Helm 2.9 and 2.10 does not support it, so we need to implement this if-else logic.
Also, we can not use a single if because lazy evaluation is not an option
*/}}
{{- if .Values.global }}
{{- if .Values.global.imagePullSecrets }}
imagePullSecrets:
{{- range .Values.global.imagePullSecrets }}
- name: {{ . }}
{{- end }}
{{- else if or .Values.image.pullSecrets .Values.metrics.image.pullSecrets .Values.volumePermissions.image.pullSecrets }}
imagePullSecrets:
{{- range .Values.image.pullSecrets }}
- name: {{ . }}
{{- end }}
{{- range .Values.metrics.image.pullSecrets }}
- name: {{ . }}
{{- end }}
{{- range .Values.volumePermissions.image.pullSecrets }}
- name: {{ . }}
{{- end }}
{{- end -}}
{{- else if or .Values.image.pullSecrets .Values.metrics.image.pullSecrets .Values.volumePermissions.image.pullSecrets }}
imagePullSecrets:
{{- range .Values.image.pullSecrets }}
- name: {{ . }}
{{- end }}
{{- range .Values.metrics.image.pullSecrets }}
- name: {{ . }}
{{- end }}
{{- range .Values.volumePermissions.image.pullSecrets }}
- name: {{ . }}
{{- end }}
{{- end -}}
{{- end -}}
{{/*
Return the proper image name (for the init container volume-permissions image)
*/}}
{{- define "mysql.volumePermissions.image" -}}
{{- $registryName := .Values.volumePermissions.image.registry -}}
{{- $repositoryName := .Values.volumePermissions.image.repository -}}
{{- $tag := .Values.volumePermissions.image.tag | toString -}}
{{/*
Helm 2.11 supports the assignment of a value to a variable defined in a different scope,
but Helm 2.9 and 2.10 doesn't support it, so we need to implement this if-else logic.
Also, we can't use a single if because lazy evaluation is not an option
*/}}
{{- if .Values.global }}
{{- if .Values.global.imageRegistry }}
{{- printf "%s/%s:%s" .Values.global.imageRegistry $repositoryName $tag -}}
{{- else -}}
{{- printf "%s/%s:%s" $registryName $repositoryName $tag -}}
{{- end -}}
{{- else -}}
{{- printf "%s/%s:%s" $registryName $repositoryName $tag -}}
{{- end -}}
{{- end -}}
{{/*
Return the proper Storage Class for the master
*/}}
{{- define "mysql.master.storageClass" -}}
{{/*
Helm 2.11 supports the assignment of a value to a variable defined in a different scope,
but Helm 2.9 and 2.10 does not support it, so we need to implement this if-else logic.
*/}}
{{- if .Values.global -}}
{{- if .Values.global.storageClass -}}
{{- if (eq "-" .Values.global.storageClass) -}}
{{- printf "storageClassName: \"\"" -}}
{{- else }}
{{- printf "storageClassName: %s" .Values.global.storageClass -}}
{{- end -}}
{{- else -}}
{{- if .Values.master.persistence.storageClass -}}
{{- if (eq "-" .Values.master.persistence.storageClass) -}}
{{- printf "storageClassName: \"\"" -}}
{{- else }}
{{- printf "storageClassName: %s" .Values.master.persistence.storageClass -}}
{{- end -}}
{{- end -}}
{{- end -}}
{{- else -}}
{{- if .Values.master.persistence.storageClass -}}
{{- if (eq "-" .Values.master.persistence.storageClass) -}}
{{- printf "storageClassName: \"\"" -}}
{{- else }}
{{- printf "storageClassName: %s" .Values.master.persistence.storageClass -}}
{{- end -}}
{{- end -}}
{{- end -}}
{{- end -}}
{{/*
Return the proper Storage Class for the slave
*/}}
{{- define "mysql.slave.storageClass" -}}
{{/*
Helm 2.11 supports the assignment of a value to a variable defined in a different scope,
but Helm 2.9 and 2.10 does not support it, so we need to implement this if-else logic.
*/}}
{{- if .Values.global -}}
{{- if .Values.global.storageClass -}}
{{- if (eq "-" .Values.global.storageClass) -}}
{{- printf "storageClassName: \"\"" -}}
{{- else }}
{{- printf "storageClassName: %s" .Values.global.storageClass -}}
{{- end -}}
{{- else -}}
{{- if .Values.slave.persistence.storageClass -}}
{{- if (eq "-" .Values.slave.persistence.storageClass) -}}
{{- printf "storageClassName: \"\"" -}}
{{- else }}
{{- printf "storageClassName: %s" .Values.slave.persistence.storageClass -}}
{{- end -}}
{{- end -}}
{{- end -}}
{{- else -}}
{{- if .Values.slave.persistence.storageClass -}}
{{- if (eq "-" .Values.slave.persistence.storageClass) -}}
{{- printf "storageClassName: \"\"" -}}
{{- else }}
{{- printf "storageClassName: %s" .Values.slave.persistence.storageClass -}}
{{- end -}}
{{- end -}}
{{- end -}}
{{- end -}}
{{/*
Renders a value that contains template.
Usage:
{{ include "mysql.tplValue" ( dict "value" .Values.path.to.the.Value "context" $) }}
*/}}
{{- define "mysql.tplValue" -}}
{{- if typeIs "string" .value }}
{{- tpl .value .context }}
{{- else }}
{{- tpl (.value | toYaml) .context }}
{{- end }}
{{- end -}}
{{/*
Compile all warnings into a single message, and call fail.
*/}}
{{- define "mysql.validateValues" -}}
{{- $messages := list -}}
{{- $messages := append $messages (include "mysql.validateValues.loadBalancerIPareNotEquals" .) -}}
{{- $messages := without $messages "" -}}
{{- $message := join "\n" $messages -}}
{{- if $message -}}
{{- printf "\nVALUES VALIDATION:\n%s" $message | fail -}}
{{- end -}}
{{- end -}}
{{/* Validate values of MySql - must provide different IPs */}}
{{- define "mysql.validateValues.loadBalancerIPareNotEquals" -}}
{{- if not (empty .Values.service.loadBalancerIP) -}}
{{- if eq (.Values.service.loadBalancerIP.master | quote) (.Values.service.loadBalancerIP.slave | quote) }}
mysql: service.loadBalancerIP
loadBalancerIP.master is equal to loadBalancerIP.slave which is not possible.
Please set a different ip for master and slave services.
{{- end -}}
{{- end -}}
{{- end -}}
{{/* Check if there are rolling tags in the images */}}
{{- define "mysql.checkRollingTags" -}}
{{- if and (contains "bitnami/" .Values.image.repository) (not (.Values.image.tag | toString | regexFind "-r\\d+$|sha256:")) }}
WARNING: Rolling tag detected ({{ .Values.image.repository }}:{{ .Values.image.tag }}), please note that it is strongly recommended to avoid using rolling tags in a production environment.
+info https://docs.bitnami.com/containers/how-to/understand-rolling-tags-containers/
{{- end -}}
{{- end -}}
{{/* {{/*
Returns the proper service account name depending if an explicit service account name is set Returns the proper service account name depending if an explicit service account name is set
in the values file. If the name is not set it will default to either mysql.fullname if serviceAccount.create in the values file. If the name is not set it will default to either mysql.fullname if serviceAccount.create
@@ -59,134 +317,15 @@ Get the initialization scripts ConfigMap name.
*/}} */}}
{{- define "mysql.serviceAccountName" -}} {{- define "mysql.serviceAccountName" -}}
{{- if .Values.serviceAccount.create -}} {{- if .Values.serviceAccount.create -}}
{{ default (include "common.names.fullname" .) .Values.serviceAccount.name }} {{ default (include "mysql.fullname" .) .Values.serviceAccount.name }}
{{- else -}} {{- else -}}
{{ default "default" .Values.serviceAccount.name }} {{ default "default" .Values.serviceAccount.name }}
{{- end -}} {{- end -}}
{{- end -}} {{- end -}}
{{/* {{/*
Return the configmap with the MySQL Primary configuration Returns chart secret name. If existingSecret is not set it will default to mysql.fullname
*/}}
{{- define "mysql.primary.configmapName" -}}
{{- if .Values.primary.existingConfigmap -}}
{{- printf "%s" (tpl .Values.primary.existingConfigmap $) -}}
{{- else -}}
{{- printf "%s" (include "mysql.primary.fullname" .) -}}
{{- end -}}
{{- end -}}
{{/*
Return true if a configmap object should be created for MySQL Secondary
*/}}
{{- define "mysql.primary.createConfigmap" -}}
{{- if and .Values.primary.configuration (not .Values.primary.existingConfigmap) }}
{{- true -}}
{{- else -}}
{{- end -}}
{{- end -}}
{{/*
Return the configmap with the MySQL Primary configuration
*/}}
{{- define "mysql.secondary.configmapName" -}}
{{- if .Values.secondary.existingConfigmap -}}
{{- printf "%s" (tpl .Values.secondary.existingConfigmap $) -}}
{{- else -}}
{{- printf "%s" (include "mysql.secondary.fullname" .) -}}
{{- end -}}
{{- end -}}
{{/*
Return true if a configmap object should be created for MySQL Secondary
*/}}
{{- define "mysql.secondary.createConfigmap" -}}
{{- if and (eq .Values.architecture "replication") .Values.secondary.configuration (not .Values.secondary.existingConfigmap) }}
{{- true -}}
{{- else -}}
{{- end -}}
{{- end -}}
{{/*
Return the secret with MySQL credentials
*/}} */}}
{{- define "mysql.secretName" -}} {{- define "mysql.secretName" -}}
{{- if .Values.auth.existingSecret -}} {{ default (include "mysql.fullname" .) .Values.existingSecret }}
{{- printf "%s" (tpl .Values.auth.existingSecret $) -}}
{{- else -}}
{{- printf "%s" (include "common.names.fullname" .) -}}
{{- end -}}
{{- end -}}
{{/*
Return true if a secret object should be created for MySQL
*/}}
{{- define "mysql.createSecret" -}}
{{- if and (not .Values.auth.existingSecret) (not .Values.auth.customPasswordFiles) }}
{{- true -}}
{{- end -}}
{{- end -}}
{{/*
Returns the available value for certain key in an existing secret (if it exists),
otherwise it generates a random value.
*/}}
{{- define "getValueFromSecret" }}
{{- $len := (default 16 .Length) | int -}}
{{- $obj := (lookup "v1" "Secret" .Namespace .Name).data -}}
{{- if $obj }}
{{- index $obj .Key | b64dec -}}
{{- else -}}
{{- randAlphaNum $len -}}
{{- end -}}
{{- end }}
{{- define "mysql.root.password" -}}
{{- if not (empty .Values.auth.rootPassword) }}
{{- .Values.auth.rootPassword }}
{{- else if (not .Values.auth.forcePassword) }}
{{- include "getValueFromSecret" (dict "Namespace" .Release.Namespace "Name" (include "common.names.fullname" .) "Length" 10 "Key" "mysql-root-password") }}
{{- else }}
{{- required "A MySQL Root Password is required!" .Values.auth.rootPassword }}
{{- end }}
{{- end -}}
{{- define "mysql.password" -}}
{{- if and (not (empty .Values.auth.username)) (not (empty .Values.auth.password)) }}
{{- .Values.auth.password }}
{{- else if (not .Values.auth.forcePassword) }}
{{- include "getValueFromSecret" (dict "Namespace" .Release.Namespace "Name" (include "common.names.fullname" .) "Length" 10 "Key" "mysql-password") }}
{{- else }}
{{- required "A MySQL Database Password is required!" .Values.auth.password }}
{{- end }}
{{- end -}}
{{- define "mysql.replication.password" -}}
{{- if not (empty .Values.auth.replicationPassword) }}
{{- .Values.auth.replicationPassword }}
{{- else if (not .Values.auth.forcePassword) }}
{{- include "getValueFromSecret" (dict "Namespace" .Release.Namespace "Name" (include "common.names.fullname" .) "Length" 10 "Key" "mysql-replication-password") }}
{{- else }}
{{- required "A MySQL Replication Password is required!" .Values.auth.replicationPassword }}
{{- end }}
{{- end -}}
{{/* Check if there are rolling tags in the images */}}
{{- define "mysql.checkRollingTags" -}}
{{- include "common.warnings.rollingTag" .Values.image }}
{{- include "common.warnings.rollingTag" .Values.metrics.image }}
{{- include "common.warnings.rollingTag" .Values.volumePermissions.image }}
{{- end -}}
{{/*
Compile all warnings into a single message, and call fail.
*/}}
{{- define "mysql.validateValues" -}}
{{- $messages := list -}}
{{- $messages := without $messages "" -}}
{{- $message := join "\n" $messages -}}
{{- if $message -}}
{{- printf "\nVALUES VALIDATION:\n%s" $message | fail -}}
{{- end -}}
{{- end -}} {{- end -}}

4
lib/common/services/mysql/templates/extra-list.yaml
View File

@@ -1,4 +0,0 @@
{{- range .Values.extraDeploy }}
---
{{ include "common.tplvalues.render" (dict "value" . "context" $) }}
{{- end }}

22
lib/common/services/mysql/templates/initialization-configmap.yaml Normal file
View File

@@ -0,0 +1,22 @@
{{- if and (or (.Files.Glob "files/docker-entrypoint-initdb.d/*.{sh,sql,sql.gz}") .Values.initdbScripts) (not .Values.initdbScriptsConfigMap) }}
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ template "mysql.master.fullname" . }}-init-scripts
labels: {{- include "mysql.labels" . | nindent 4 }}
component: master
{{- if and (.Files.Glob "files/docker-entrypoint-initdb.d/*.sql.gz") (not .Values.initdbScriptsConfigMap) }}
binaryData:
{{- $root := . }}
{{- range $path, $bytes := .Files.Glob "files/docker-entrypoint-initdb.d/*.sql.gz" }}
{{ base $path }}: {{ $root.Files.Get $path | b64enc | quote }}
{{- end }}
{{- end }}
data:
{{- if and (.Files.Glob "files/docker-entrypoint-initdb.d/*.{sh,sql}") (not .Values.initdbScriptsConfigMap) }}
{{ (.Files.Glob "files/docker-entrypoint-initdb.d/*.{sh,sql}").AsConfig | indent 2 }}
{{- end }}
{{- with .Values.initdbScripts }}
{{ toYaml . | indent 2 }}
{{- end }}
{{- end }}

11
lib/common/services/mysql/templates/master-configmap.yaml Normal file
View File

@@ -0,0 +1,11 @@
{{- if .Values.master.config }}
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ template "mysql.master.fullname" . }}
labels: {{- include "mysql.labels" . | nindent 4 }}
component: master
data:
my.cnf: |-
{{ .Values.master.config | indent 4 }}
{{- end -}}

293
lib/common/services/mysql/templates/master-statefulset.yaml Normal file
View File

@@ -0,0 +1,293 @@
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: {{ template "mysql.master.fullname" . }}
labels: {{- include "mysql.labels" . | nindent 4 }}
component: master
{{- if .Values.commonLabels }}
{{- toYaml .Values.commonLabels | nindent 4 }}
{{- end }}
spec:
selector:
matchLabels: {{- include "mysql.matchLabels" . | nindent 6 }}
component: master
serviceName: {{ template "mysql.master.fullname" . }}
replicas: 1
updateStrategy:
type: {{ .Values.master.updateStrategy.type }}
{{- if (eq "Recreate" .Values.master.updateStrategy.type) }}
rollingUpdate: null
{{- end }}
template:
metadata:
labels: {{- include "mysql.labels" . | nindent 8 }}
component: master
{{- if .Values.commonLabels }}
{{- toYaml .Values.commonLabels | nindent 8 }}
{{- end }}
{{- if .Values.master.podAnnotations }}
annotations: {{ include "mysql.tplValue" ( dict "value" .Values.master.podAnnotations "context" $) | nindent 8 }}
{{- end }}
spec:
{{- include "mysql.imagePullSecrets" . | indent 6 }}
{{- if .Values.master.affinity }}
affinity: {{- include "mysql.tplValue" (dict "value" .Values.master.affinity "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.master.nodeSelector }}
nodeSelector: {{- include "mysql.tplValue" (dict "value" .Values.master.nodeSelector "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.master.tolerations }}
tolerations: {{- include "mysql.tplValue" (dict "value" .Values.master.tolerations "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.master.securityContext.enabled }}
securityContext:
fsGroup: {{ .Values.master.securityContext.fsGroup }}
runAsUser: {{ .Values.master.securityContext.runAsUser }}
{{- end }}
serviceAccountName: {{ template "mysql.serviceAccountName" . }}
{{- if and .Values.volumePermissions.enabled .Values.master.persistence.enabled }}
initContainers:
- name: volume-permissions
image: {{ template "mysql.volumePermissions.image" . }}
imagePullPolicy: {{ .Values.volumePermissions.image.pullPolicy | quote }}
command:
- /bin/bash
- -ec
- |
chown -R {{ .Values.master.securityContext.runAsUser }}:{{ .Values.master.securityContext.fsGroup }} {{ .Values.master.persistence.mountPath }}
securityContext:
runAsUser: 0
{{- if .Values.volumePermissions.resources }}
resources: {{- toYaml .Values.volumePermissions.resources | nindent 12 }}
{{- end }}
volumeMounts:
- name: data
mountPath: {{ .Values.master.persistence.mountPath }}
{{- end }}
containers:
- name: mysql
image: {{ template "mysql.image" . }}
imagePullPolicy: {{ .Values.image.pullPolicy | quote }}
{{- if .Values.master.containerSecurityContext }}
securityContext: {{- toYaml .Values.master.containerSecurityContext | nindent 12 }}
{{- end }}
env:
- name: BITNAMI_DEBUG
value: {{ ternary "true" "false" .Values.image.debug | quote }}
{{- if .Values.root.injectSecretsAsVolume }}
- name: MYSQL_ROOT_PASSWORD_FILE
value: "/opt/bitnami/mysql/secrets/mysql-root-password"
{{- else }}
- name: MYSQL_ROOT_PASSWORD
valueFrom:
secretKeyRef:
name: {{ template "mysql.secretName" . }}
key: mysql-root-password
{{- end }}
{{- if .Values.db.user }}
- name: MYSQL_USER
value: {{ .Values.db.user | quote }}
{{- if .Values.db.injectSecretsAsVolume }}
- name: MYSQL_PASSWORD_FILE
value: "/opt/bitnami/mysql/secrets/mysql-password"
{{- else }}
- name: MYSQL_PASSWORD
valueFrom:
secretKeyRef:
name: {{ template "mysql.secretName" . }}
key: mysql-password
{{- end }}
{{- end }}
- name: MYSQL_DATABASE
value: {{ .Values.db.name | quote }}
{{- if .Values.replication.enabled }}
- name: MYSQL_REPLICATION_MODE
value: "master"
- name: MYSQL_REPLICATION_USER
value: {{ .Values.replication.user | quote }}
{{- if .Values.replication.injectSecretsAsVolume }}
- name: MYSQL_REPLICATION_PASSWORD_FILE
value: "/opt/bitnami/mysql/secrets/mysql-replication-password"
{{- else }}
- name: MYSQL_REPLICATION_PASSWORD
valueFrom:
secretKeyRef:
name: {{ template "mysql.secretName" . }}
key: mysql-replication-password
{{- end }}
{{- end }}
{{- if .Values.master.extraEnvVars }}
{{- include "mysql.tplValue" (dict "value" .Values.master.extraEnvVars "context" $) | nindent 12 }}
{{- end }}
{{- if or .Values.master.extraEnvVarsCM .Values.master.extraEnvVarsSecret }}
envFrom:
{{- if .Values.master.extraEnvVarsCM }}
- configMapRef:
name: {{ .Values.master.extraEnvVarsCM }}
{{- end }}
{{- if .Values.master.extraEnvVarsSecret }}
- secretRef:
name: {{ .Values.master.extraEnvVarsSecret }}
{{- end }}
{{- end }}
ports:
- name: mysql
containerPort: 3306
{{- if .Values.master.livenessProbe.enabled }}
livenessProbe:
exec:
command:
- sh
- -c
- |
password_aux="${MYSQL_ROOT_PASSWORD:-}"
if [ -f "${MYSQL_ROOT_PASSWORD_FILE:-}" ]; then
password_aux=$(cat $MYSQL_ROOT_PASSWORD_FILE)
fi
mysqladmin status -uroot -p$password_aux
initialDelaySeconds: {{ .Values.master.livenessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.master.livenessProbe.periodSeconds }}
timeoutSeconds: {{ .Values.master.livenessProbe.timeoutSeconds }}
successThreshold: {{ .Values.master.livenessProbe.successThreshold }}
failureThreshold: {{ .Values.master.livenessProbe.failureThreshold }}
{{- end }}
{{- if .Values.master.readinessProbe.enabled }}
readinessProbe:
exec:
command:
- sh
- -c
- |
password_aux="${MYSQL_ROOT_PASSWORD:-}"
if [ -f "${MYSQL_ROOT_PASSWORD_FILE:-}" ]; then
password_aux=$(cat $MYSQL_ROOT_PASSWORD_FILE)
fi
mysqladmin status -uroot -p$password_aux
initialDelaySeconds: {{ .Values.master.readinessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.master.readinessProbe.periodSeconds }}
timeoutSeconds: {{ .Values.master.readinessProbe.timeoutSeconds }}
successThreshold: {{ .Values.master.readinessProbe.successThreshold }}
failureThreshold: {{ .Values.master.readinessProbe.failureThreshold }}
{{- end }}
{{- if .Values.master.resources }}
resources: {{- toYaml .Values.master.resources | nindent 12 }}
{{- end }}
volumeMounts:
- name: data
mountPath: {{ .Values.master.persistence.mountPath }}
{{- if or (.Files.Glob "files/docker-entrypoint-initdb.d/*.{sh,sql,sql.gz}") .Values.initdbScriptsConfigMap .Values.initdbScripts }}
- name: custom-init-scripts
mountPath: /docker-entrypoint-initdb.d
{{- end }}
{{- if .Values.master.config }}
- name: config
mountPath: /opt/bitnami/mysql/conf/my.cnf
subPath: my.cnf
{{- end }}
{{- if or .Values.root.injectSecretsAsVolume .Values.db.injectSecretsAsVolume .Values.replication.injectSecretsAsVolume }}
- name: mysql-credentials
mountPath: /opt/bitnami/mysql/secrets/
{{- end }}
{{- if .Values.metrics.enabled }}
- name: metrics
image: {{ template "mysql.metrics.image" . }}
imagePullPolicy: {{ .Values.metrics.image.pullPolicy | quote }}
env:
{{- if .Values.root.injectSecretsAsVolume }}
- name: MYSQL_ROOT_PASSWORD_FILE
value: "/opt/bitnami/mysqld-exporter/secrets/mysql-root-password"
{{- else }}
- name: MYSQL_ROOT_PASSWORD
valueFrom:
secretKeyRef:
name: {{ template "mysql.secretName" . }}
key: mysql-root-password
{{- end }}
command:
- /bin/sh
- -c
- |
password_aux="${MYSQL_ROOT_PASSWORD:-}"
if [ -f "${MYSQL_ROOT_PASSWORD_FILE:-}" ]; then
password_aux=$(cat $MYSQL_ROOT_PASSWORD_FILE)
fi
DATA_SOURCE_NAME="root:${password_aux}@(localhost:3306)/" /bin/mysqld_exporter
ports:
- name: metrics
containerPort: 9104
livenessProbe:
httpGet:
path: /metrics
port: metrics
initialDelaySeconds: 15
timeoutSeconds: 5
readinessProbe:
httpGet:
path: /metrics
port: metrics
initialDelaySeconds: 5
timeoutSeconds: 1
{{- if .Values.metrics.resources }}
resources: {{- toYaml .Values.metrics.resources | nindent 12 }}
{{- end }}
{{- if or .Values.root.injectSecretsAsVolume }}
volumeMounts:
- name: mysql-credentials
mountPath: /opt/bitnami/mysqld-exporter/secrets/
{{- end }}
{{- end }}
volumes:
{{- if .Values.master.config }}
- name: config
configMap:
name: {{ template "mysql.master.fullname" . }}
{{- end }}
{{- if or (.Files.Glob "files/docker-entrypoint-initdb.d/*.{sh,sql,sql.gz}") .Values.initdbScriptsConfigMap .Values.initdbScripts }}
- name: custom-init-scripts
configMap:
name: {{ template "mysql.initdbScriptsCM" . }}
{{- end }}
{{- if or .Values.root.injectSecretsAsVolume .Values.db.injectSecretsAsVolume .Values.replication.injectSecretsAsVolume }}
- name: mysql-credentials
secret:
secretName: {{ template "mysql.fullname" . }}
items:
{{- if .Values.db.injectSecretsAsVolume }}
- key: mysql-password
path: mysql-password
{{- end }}
{{- if .Values.root.injectSecretsAsVolume }}
- key: mysql-root-password
path: mysql-root-password
{{- end }}
{{- if .Values.replication.injectSecretsAsVolume }}
- key: mysql-replication-password
path: mysql-replication-password
{{- end }}
{{- end }}
{{- if not .Values.master.persistence.enabled }}
- name: "data"
emptyDir: {}
{{- else if and .Values.master.persistence.enabled .Values.master.persistence.existingClaim }}
- name: "data"
persistentVolumeClaim:
claimName: {{ .Values.master.persistence.existingClaim }}
{{- else if and .Values.master.persistence.enabled (not .Values.master.persistence.existingClaim) }}
volumeClaimTemplates:
- metadata:
name: data
labels:
app: {{ template "mysql.name" . }}
component: master
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
spec:
accessModes:
{{- range .Values.master.persistence.accessModes }}
- {{ . | quote }}
{{- end }}
resources:
requests:
storage: {{ .Values.master.persistence.size | quote }}
{{ include "mysql.master.storageClass" . }}
{{- end }}

38
lib/common/services/mysql/templates/master-svc.yaml Normal file
View File

@@ -0,0 +1,38 @@
apiVersion: v1
kind: Service
metadata:
name: {{ .Values.service.name }}
labels: {{- include "mysql.labels" . | nindent 4 }}
component: master
{{- if or .Values.service.annotations .Values.metrics.service.annotations }}
annotations:
{{- if .Values.service.annotations }}
{{- include "mysql.tplValue" ( dict "value" .Values.service.annotations "context" $) | nindent 4 }}
{{- end }}
{{- if .Values.metrics.service.annotations }}
{{- include "mysql.tplValue" ( dict "value" .Values.metrics.service.annotations "context" $) | nindent 4 }}
{{- end }}
{{- end }}
spec:
type: {{ .Values.service.type }}
{{- if and (eq .Values.service.type "LoadBalancer") (not (empty .Values.service.loadBalancerIP)) }}
{{- if not (empty .Values.service.loadBalancerIP.master) }}
loadBalancerIP: {{ .Values.service.loadBalancerIP.master }}
{{- end }}
{{- end }}
ports:
- name: mysql
port: {{ .Values.service.port }}
targetPort: mysql
{{- if and (or (eq .Values.service.type "NodePort") (eq .Values.service.type "LoadBalancer")) (not (empty .Values.service.nodePort)) }}
nodePort: {{ .Values.service.nodePort.master }}
{{- else if eq .Values.service.type "ClusterIP" }}
nodePort: null
{{- end }}
{{- if .Values.metrics.enabled }}
- name: metrics
port: {{ .Values.metrics.service.port }}
targetPort: metrics
{{- end }}
selector: {{- include "mysql.matchLabels" . | nindent 4 }}
component: master

29
lib/common/services/mysql/templates/metrics-svc.yaml
View File

@@ -1,29 +0,0 @@
{{- if .Values.metrics.enabled }}
apiVersion: v1
kind: Service
metadata:
name: {{ printf "%s-metrics" (include "common.names.fullname" .) }}
namespace: {{ .Release.Namespace }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
{{- if .Values.commonLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
{{- end }}
app.kubernetes.io/component: metrics
{{- if or .Values.metrics.service.annotations .Values.commonAnnotations }}
annotations:
{{- if .Values.metrics.service.annotations }}
{{- include "common.tplvalues.render" (dict "value" .Values.metrics.service.annotations "context" $) | nindent 4 }}
{{- end }}
{{- if .Values.commonAnnotations }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
{{- end }}
{{- end }}
spec:
type: {{ .Values.metrics.service.type }}
ports:
- port: {{ .Values.metrics.service.port }}
targetPort: metrics
protocol: TCP
name: metrics
selector: {{- include "common.labels.matchLabels" $ | nindent 4 }}
{{- end }}

38
lib/common/services/mysql/templates/networkpolicy.yaml
View File

@@ -1,38 +0,0 @@
{{- if .Values.networkPolicy.enabled }}
kind: NetworkPolicy
apiVersion: {{ template "common.capabilities.networkPolicy.apiVersion" . }}
metadata:
name: {{ template "common.names.fullname" . }}
labels:
{{- include "common.labels.standard" . | nindent 4 }}
{{- if .Values.commonAnnotations }}
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
{{- end }}
namespace: {{ .Release.Namespace }}
spec:
podSelector:
matchLabels:
{{- include "common.labels.matchLabels" . | nindent 6 }}
ingress:
# Allow inbound connections
- ports:
- port: {{ .Values.primary.service.port }}
{{- if not .Values.networkPolicy.allowExternal }}
from:
- podSelector:
matchLabels:
{{ template "common.names.fullname" . }}-client: "true"
{{- if .Values.networkPolicy.explicitNamespacesSelector }}
namespaceSelector:
{{ toYaml .Values.networkPolicy.explicitNamespacesSelector | indent 12 }}
{{- end }}
- podSelector:
matchLabels:
{{- include "common.labels.matchLabels" . | nindent 14 }}
{{- end }}
{{- if .Values.metrics.enabled }}
# Allow prometheus scrapes
- ports:
- port: 9104
{{- end }}
{{- end }}

18
lib/common/services/mysql/templates/primary/configmap.yaml
View File

@@ -1,18 +0,0 @@
{{- if (include "mysql.primary.createConfigmap" .) }}
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ include "mysql.primary.fullname" . }}
namespace: {{ .Release.Namespace }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
app.kubernetes.io/component: primary
{{- if .Values.commonLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
{{- end }}
{{- if .Values.commonAnnotations }}
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
{{- end }}
data:
my.cnf: |-
{{ .Values.primary.configuration | nindent 4 }}
{{- end -}}

14
lib/common/services/mysql/templates/primary/initialization-configmap.yaml
View File

@@ -1,14 +0,0 @@
{{- if and .Values.initdbScripts (not .Values.initdbScriptsConfigMap) }}
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ printf "%s-init-scripts" (include "mysql.primary.fullname" .) }}
namespace: {{ .Release.Namespace }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
app.kubernetes.io/component: primary
{{- if .Values.commonAnnotations }}
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
{{- end }}
data:
{{- include "common.tplvalues.render" (dict "value" .Values.initdbScripts "context" .) | nindent 2 }}
{{ end }}

25
lib/common/services/mysql/templates/primary/pdb.yaml
View File

@@ -1,25 +0,0 @@
{{- if .Values.primary.pdb.enabled }}
apiVersion: {{ include "common.capabilities.policy.apiVersion" . }}
kind: PodDisruptionBudget
metadata:
name: {{ include "mysql.primary.fullname" . }}
namespace: {{ .Release.Namespace }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
app.kubernetes.io/component: primary
{{- if .Values.commonLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
{{- end }}
{{- if .Values.commonAnnotations }}
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
{{- end }}
spec:
{{- if .Values.primary.pdb.minAvailable }}
minAvailable: {{ .Values.primary.pdb.minAvailable }}
{{- end }}
{{- if .Values.primary.pdb.maxUnavailable }}
maxUnavailable: {{ .Values.primary.pdb.maxUnavailable }}
{{- end }}
selector:
matchLabels: {{ include "common.labels.matchLabels" . | nindent 6 }}
app.kubernetes.io/component: primary
{{- end }}

368
lib/common/services/mysql/templates/primary/statefulset.yaml
View File

@@ -1,368 +0,0 @@
apiVersion: {{ include "common.capabilities.statefulset.apiVersion" . }}
kind: StatefulSet
metadata:
name: {{ include "mysql.primary.fullname" . }}
namespace: {{ .Release.Namespace }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
app.kubernetes.io/component: primary
{{- if .Values.commonLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
{{- end }}
{{- if .Values.primary.podLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.primary.podLabels "context" $ ) | nindent 4 }}
{{- end }}
{{- if .Values.commonAnnotations }}
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
{{- end }}
spec:
replicas: 1
selector:
matchLabels: {{ include "common.labels.matchLabels" . | nindent 6 }}
app.kubernetes.io/component: primary
serviceName: {{ include "mysql.primary.fullname" . }}
updateStrategy:
type: {{ .Values.primary.updateStrategy }}
{{- if (eq "Recreate" .Values.primary.updateStrategy) }}
rollingUpdate: null
{{- else if .Values.primary.rollingUpdatePartition }}
rollingUpdate:
partition: {{ .Values.primary.rollingUpdatePartition }}
{{- end }}
template:
metadata:
annotations:
{{- if (include "mysql.primary.createConfigmap" .) }}
checksum/configuration: {{ include (print $.Template.BasePath "/primary/configmap.yaml") . | sha256sum }}
{{- end }}
{{- if .Values.primary.podAnnotations }}
{{- include "common.tplvalues.render" (dict "value" .Values.primary.podAnnotations "context" $) | nindent 8 }}
{{- end }}
labels: {{- include "common.labels.standard" . | nindent 8 }}
app.kubernetes.io/component: primary
{{- if .Values.commonLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 8 }}
{{- end }}
{{- if .Values.primary.podLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.primary.podLabels "context" $ ) | nindent 8 }}
{{- end }}
spec:
{{- include "mysql.imagePullSecrets" . | nindent 6 }}
{{- if .Values.primary.hostAliases }}
hostAliases: {{- include "common.tplvalues.render" (dict "value" .Values.primary.hostAliases "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.schedulerName }}
schedulerName: {{ .Values.schedulerName | quote }}
{{- end }}
serviceAccountName: {{ template "mysql.serviceAccountName" . }}
{{- if .Values.primary.affinity }}
affinity: {{- include "common.tplvalues.render" (dict "value" .Values.primary.affinity "context" $) | nindent 8 }}
{{- else }}
affinity:
podAffinity: {{- include "common.affinities.pods" (dict "type" .Values.primary.podAffinityPreset "component" "primary" "context" $) | nindent 10 }}
podAntiAffinity: {{- include "common.affinities.pods" (dict "type" .Values.primary.podAntiAffinityPreset "component" "primary" "context" $) | nindent 10 }}
nodeAffinity: {{- include "common.affinities.nodes" (dict "type" .Values.primary.nodeAffinityPreset.type "key" .Values.primary.nodeAffinityPreset.key "values" .Values.primary.nodeAffinityPreset.values) | nindent 10 }}
{{- end }}
{{- if .Values.primary.nodeSelector }}
nodeSelector: {{- include "common.tplvalues.render" (dict "value" .Values.primary.nodeSelector "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.primary.tolerations }}
tolerations: {{- include "common.tplvalues.render" (dict "value" .Values.primary.tolerations "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.priorityClassName }}
priorityClassName: {{ .Values.priorityClassName | quote }}
{{- end }}
{{- if .Values.primary.podSecurityContext.enabled }}
securityContext: {{- omit .Values.primary.podSecurityContext "enabled" | toYaml | nindent 8 }}
{{- end }}
{{- if or .Values.primary.initContainers (and .Values.primary.podSecurityContext.enabled .Values.volumePermissions.enabled .Values.primary.persistence.enabled) }}
initContainers:
{{- if .Values.primary.initContainers }}
{{- include "common.tplvalues.render" (dict "value" .Values.primary.initContainers "context" $) | nindent 8 }}
{{- end }}
{{- if and .Values.primary.podSecurityContext.enabled .Values.volumePermissions.enabled .Values.primary.persistence.enabled }}
- name: volume-permissions
image: {{ include "mysql.volumePermissions.image" . }}
imagePullPolicy: {{ .Values.volumePermissions.image.pullPolicy | quote }}
command:
- /bin/bash
- -ec
- |
chown -R {{ .Values.primary.containerSecurityContext.runAsUser }}:{{ .Values.primary.podSecurityContext.fsGroup }} /bitnami/mysql
securityContext:
runAsUser: 0
{{- if .Values.volumePermissions.resources }}
resources: {{- toYaml .Values.volumePermissions.resources | nindent 12 }}
{{- end }}
volumeMounts:
- name: data
mountPath: /bitnami/mysql
{{- end }}
{{- end }}
containers:
- name: mysql
image: {{ include "mysql.image" . }}
imagePullPolicy: {{ .Values.image.pullPolicy | quote }}
{{- if .Values.primary.containerSecurityContext.enabled }}
securityContext: {{- omit .Values.primary.containerSecurityContext "enabled" | toYaml | nindent 12 }}
{{- end }}
{{- if .Values.diagnosticMode.enabled }}
command: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.command "context" $) | nindent 12 }}
{{- else if .Values.primary.command }}
command: {{- include "common.tplvalues.render" (dict "value" .Values.primary.command "context" $) | nindent 12 }}
{{- end }}
{{- if .Values.diagnosticMode.enabled }}
args: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.args "context" $) | nindent 12 }}
{{- else if .Values.primary.args }}
args: {{- include "common.tplvalues.render" (dict "value" .Values.primary.args "context" $) | nindent 12 }}
{{- end }}
env:
- name: BITNAMI_DEBUG
value: {{ ternary "true" "false" (or .Values.image.debug .Values.diagnosticMode.enabled) | quote }}
{{- if .Values.auth.usePasswordFiles }}
- name: MYSQL_ROOT_PASSWORD_FILE
value: {{ default "/opt/bitnami/mysql/secrets/mysql-root-password" .Values.auth.customPasswordFiles.root }}
{{- else }}
- name: MYSQL_ROOT_PASSWORD
valueFrom:
secretKeyRef:
name: {{ template "mysql.secretName" . }}
key: mysql-root-password
{{- end }}
{{- if not (empty .Values.auth.username) }}
- name: MYSQL_USER
value: {{ .Values.auth.username | quote }}
{{- if .Values.auth.usePasswordFiles }}
- name: MYSQL_PASSWORD_FILE
value: {{ default "/opt/bitnami/mysql/secrets/mysql-password" .Values.auth.customPasswordFiles.user }}
{{- else }}
- name: MYSQL_PASSWORD
valueFrom:
secretKeyRef:
name: {{ template "mysql.secretName" . }}
key: mysql-password
{{- end }}
{{- end }}
- name: MYSQL_DATABASE
value: {{ .Values.auth.database | quote }}
{{- if eq .Values.architecture "replication" }}
- name: MYSQL_REPLICATION_MODE
value: "master"
- name: MYSQL_REPLICATION_USER
value: {{ .Values.auth.replicationUser | quote }}
{{- if .Values.auth.usePasswordFiles }}
- name: MYSQL_REPLICATION_PASSWORD_FILE
value: {{ default "/opt/bitnami/mysql/secrets/mysql-replication-password" .Values.auth.customPasswordFiles.replicator }}
{{- else }}
- name: MYSQL_REPLICATION_PASSWORD
valueFrom:
secretKeyRef:
name: {{ template "mysql.secretName" . }}
key: mysql-replication-password
{{- end }}
{{- end }}
{{- if .Values.primary.extraFlags }}
- name: MYSQL_EXTRA_FLAGS
value: "{{ .Values.primary.extraFlags }}"
{{- end }}
{{- if .Values.primary.extraEnvVars }}
{{- include "common.tplvalues.render" (dict "value" .Values.primary.extraEnvVars "context" $) | nindent 12 }}
{{- end }}
{{- if or .Values.primary.extraEnvVarsCM .Values.primary.extraEnvVarsSecret }}
envFrom:
{{- if .Values.primary.extraEnvVarsCM }}
- configMapRef:
name: {{ .Values.primary.extraEnvVarsCM }}
{{- end }}
{{- if .Values.primary.extraEnvVarsSecret }}
- secretRef:
name: {{ .Values.primary.extraEnvVarsSecret }}
{{- end }}
{{- end }}
ports:
- name: mysql
containerPort: 3306
{{- if not .Values.diagnosticMode.enabled }}
{{- if .Values.primary.livenessProbe.enabled }}
livenessProbe: {{- omit .Values.primary.livenessProbe "enabled" | toYaml | nindent 12 }}
exec:
command:
- /bin/bash
- -ec
- |
password_aux="${MYSQL_ROOT_PASSWORD:-}"
if [[ -f "${MYSQL_ROOT_PASSWORD_FILE:-}" ]]; then
password_aux=$(cat "$MYSQL_ROOT_PASSWORD_FILE")
fi
mysqladmin status -uroot -p"${password_aux}"
{{- else if .Values.primary.customLivenessProbe }}
livenessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.primary.customLivenessProbe "context" $) | nindent 12 }}
{{- end }}
{{- if .Values.primary.readinessProbe.enabled }}
readinessProbe: {{- omit .Values.primary.readinessProbe "enabled" | toYaml | nindent 12 }}
exec:
command:
- /bin/bash
- -ec
- |
password_aux="${MYSQL_ROOT_PASSWORD:-}"
if [[ -f "${MYSQL_ROOT_PASSWORD_FILE:-}" ]]; then
password_aux=$(cat "$MYSQL_ROOT_PASSWORD_FILE")
fi
mysqladmin status -uroot -p"${password_aux}"
{{- else if .Values.primary.customReadinessProbe }}
readinessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.primary.customReadinessProbe "context" $) | nindent 12 }}
{{- end }}
{{- if .Values.primary.startupProbe.enabled }}
startupProbe: {{- omit .Values.primary.startupProbe "enabled" | toYaml | nindent 12 }}
exec:
command:
- /bin/bash
- -ec
- |
password_aux="${MYSQL_ROOT_PASSWORD:-}"
if [[ -f "${MYSQL_ROOT_PASSWORD_FILE:-}" ]]; then
password_aux=$(cat "$MYSQL_ROOT_PASSWORD_FILE")
fi
mysqladmin status -uroot -p"${password_aux}"
{{- else if .Values.primary.customStartupProbe }}
startupProbe: {{- include "common.tplvalues.render" (dict "value" .Values.primary.customStartupProbe "context" $) | nindent 12 }}
{{- end }}
{{- end }}
{{- if .Values.primary.resources }}
resources: {{ toYaml .Values.primary.resources | nindent 12 }}
{{- end }}
volumeMounts:
- name: data
mountPath: /bitnami/mysql
{{- if or .Values.initdbScriptsConfigMap .Values.initdbScripts }}
- name: custom-init-scripts
mountPath: /docker-entrypoint-initdb.d
{{- end }}
{{- if or .Values.primary.configuration .Values.primary.existingConfigmap }}
- name: config
mountPath: /opt/bitnami/mysql/conf/my.cnf
subPath: my.cnf
{{- end }}
{{- if and .Values.auth.usePasswordFiles (not .Values.auth.customPasswordFiles) }}
- name: mysql-credentials
mountPath: /opt/bitnami/mysql/secrets/
{{- end }}
{{- if .Values.primary.extraVolumeMounts }}
{{- include "common.tplvalues.render" (dict "value" .Values.primary.extraVolumeMounts "context" $) | nindent 12 }}
{{- end }}
{{- if .Values.metrics.enabled }}
- name: metrics
image: {{ include "mysql.metrics.image" . }}
imagePullPolicy: {{ .Values.metrics.image.pullPolicy | quote }}
env:
{{- if .Values.auth.usePasswordFiles }}
- name: MYSQL_ROOT_PASSWORD_FILE
value: {{ default "/opt/bitnami/mysqld-exporter/secrets/mysql-root-password" .Values.auth.customPasswordFiles.root }}
{{- else }}
- name: MYSQL_ROOT_PASSWORD
valueFrom:
secretKeyRef:
name: {{ include "mysql.secretName" . }}
key: mysql-root-password
{{- end }}
{{- if .Values.diagnosticMode.enabled }}
command: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.command "context" $) | nindent 12 }}
args: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.args "context" $) | nindent 12 }}
{{- else }}
command:
- /bin/bash
- -ec
- |
password_aux="${MYSQL_ROOT_PASSWORD:-}"
if [[ -f "${MYSQL_ROOT_PASSWORD_FILE:-}" ]]; then
password_aux=$(cat "$MYSQL_ROOT_PASSWORD_FILE")
fi
DATA_SOURCE_NAME="root:${password_aux}@(localhost:3306)/" /bin/mysqld_exporter {{- range .Values.metrics.extraArgs.primary }} {{ . }} {{- end }}
{{- end }}
ports:
- name: metrics
containerPort: 9104
{{- if not .Values.diagnosticMode.enabled }}
{{- if .Values.metrics.livenessProbe.enabled }}
livenessProbe: {{- omit .Values.metrics.livenessProbe "enabled" | toYaml | nindent 12 }}
httpGet:
path: /metrics
port: metrics
{{- end }}
{{- if .Values.metrics.readinessProbe.enabled }}
readinessProbe: {{- omit .Values.metrics.readinessProbe "enabled" | toYaml | nindent 12 }}
httpGet:
path: /metrics
port: metrics
{{- end }}
{{- end }}
{{- if .Values.metrics.resources }}
resources: {{- toYaml .Values.metrics.resources | nindent 12 }}
{{- end }}
{{- if and .Values.auth.usePasswordFiles (not .Values.auth.customPasswordFiles) }}
volumeMounts:
- name: mysql-credentials
mountPath: /opt/bitnami/mysqld-exporter/secrets/
{{- end }}
{{- end }}
{{- if .Values.primary.sidecars }}
{{- include "common.tplvalues.render" (dict "value" .Values.primary.sidecars "context" $) | nindent 8 }}
{{- end }}
volumes:
{{- if or .Values.primary.configuration .Values.primary.existingConfigmap }}
- name: config
configMap:
name: {{ include "mysql.primary.configmapName" . }}
{{- end }}
{{- if or .Values.initdbScriptsConfigMap .Values.initdbScripts }}
- name: custom-init-scripts
configMap:
name: {{ include "mysql.initdbScriptsCM" . }}
{{- end }}
{{- if and .Values.auth.usePasswordFiles (not .Values.auth.customPasswordFiles) }}
- name: mysql-credentials
secret:
secretName: {{ include "mysql.secretName" . }}
items:
- key: mysql-root-password
path: mysql-root-password
- key: mysql-password
path: mysql-password
{{- if eq .Values.architecture "replication" }}
- key: mysql-replication-password
path: mysql-replication-password
{{- end }}
{{- end }}
{{- if .Values.primary.extraVolumes }}
{{- include "common.tplvalues.render" (dict "value" .Values.primary.extraVolumes "context" $) | nindent 8 }}
{{- end }}
{{- if and .Values.primary.persistence.enabled .Values.primary.persistence.existingClaim }}
- name: data
persistentVolumeClaim:
claimName: {{ tpl .Values.primary.persistence.existingClaim . }}
{{- else if not .Values.primary.persistence.enabled }}
- name: data
emptyDir: {}
{{- else if and .Values.primary.persistence.enabled (not .Values.primary.persistence.existingClaim) }}
volumeClaimTemplates:
- metadata:
name: data
labels: {{ include "common.labels.matchLabels" . | nindent 10 }}
app.kubernetes.io/component: primary
{{- if .Values.primary.persistence.annotations }}
annotations:
{{- toYaml .Values.primary.persistence.annotations | nindent 10 }}
{{- end }}
spec:
accessModes:
{{- range .Values.primary.persistence.accessModes }}
- {{ . | quote }}
{{- end }}
resources:
requests:
storage: {{ .Values.primary.persistence.size | quote }}
{{ include "common.storage.class" (dict "persistence" .Values.primary.persistence "global" .Values.global) }}
{{- if .Values.primary.persistence.selector }}
selector: {{- include "common.tplvalues.render" (dict "value" .Values.primary.persistence.selector "context" $) | nindent 10 }}
{{- end -}}
{{- end }}

24
lib/common/services/mysql/templates/primary/svc-headless.yaml
View File

@@ -1,24 +0,0 @@
apiVersion: v1
kind: Service
metadata:
name: {{ include "mysql.primary.fullname" . }}-headless
namespace: {{ .Release.Namespace }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
app.kubernetes.io/component: primary
{{- if .Values.commonLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
{{- end }}
annotations:
{{- if .Values.commonAnnotations }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
{{- end }}
spec:
type: ClusterIP
clusterIP: None
publishNotReadyAddresses: true
ports:
- name: mysql
port: {{ .Values.primary.service.port }}
targetPort: mysql
selector: {{ include "common.labels.matchLabels" . | nindent 4 }}
app.kubernetes.io/component: primary

41
lib/common/services/mysql/templates/primary/svc.yaml
View File

@@ -1,41 +0,0 @@
apiVersion: v1
kind: Service
metadata:
name: {{ include "mysql.primary.fullname" . }}
namespace: {{ .Release.Namespace }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
app.kubernetes.io/component: primary
{{- if .Values.commonLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
{{- end }}
annotations:
{{- if .Values.commonAnnotations }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
{{- end }}
{{- if .Values.primary.service.annotations }}
{{- include "common.tplvalues.render" ( dict "value" .Values.primary.service.annotations "context" $ ) | nindent 4 }}
{{- end }}
spec:
type: {{ .Values.primary.service.type }}
{{- if and (eq .Values.primary.service.type "ClusterIP") .Values.primary.service.clusterIP }}
clusterIP: {{ .Values.primary.service.clusterIP }}
{{- end }}
{{- if and .Values.primary.service.loadBalancerIP (eq .Values.primary.service.type "LoadBalancer") }}
loadBalancerIP: {{ .Values.primary.service.loadBalancerIP }}
externalTrafficPolicy: {{ .Values.primary.service.externalTrafficPolicy | quote }}
{{- end }}
{{- if and (eq .Values.primary.service.type "LoadBalancer") .Values.primary.service.loadBalancerSourceRanges }}
loadBalancerSourceRanges: {{- toYaml .Values.primary.service.loadBalancerSourceRanges | nindent 4 }}
{{- end }}
ports:
- name: mysql
port: {{ .Values.primary.service.port }}
protocol: TCP
targetPort: mysql
{{- if (and (or (eq .Values.primary.service.type "NodePort") (eq .Values.primary.service.type "LoadBalancer")) .Values.primary.service.nodePort) }}
nodePort: {{ .Values.primary.service.nodePort }}
{{- else if eq .Values.primary.service.type "ClusterIP" }}
nodePort: null
{{- end }}
selector: {{ include "common.labels.matchLabels" . | nindent 4 }}
app.kubernetes.io/component: primary

21
lib/common/services/mysql/templates/role.yaml
View File

@@ -1,21 +0,0 @@
{{- if and .Values.serviceAccount.create .Values.rbac.create }}
apiVersion: {{ include "common.capabilities.rbac.apiVersion" . }}
kind: Role
metadata:
name: {{ include "common.names.fullname" . }}
namespace: {{ .Release.Namespace }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
{{- if .Values.commonLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
{{- end }}
{{- if .Values.commonAnnotations }}
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
{{- end }}
rules:
- apiGroups:
- ""
resources:
- endpoints
verbs:
- get
{{- end }}

21
lib/common/services/mysql/templates/rolebinding.yaml
View File

@@ -1,21 +0,0 @@
{{- if and .Values.serviceAccount.create .Values.rbac.create }}
kind: RoleBinding
apiVersion: {{ include "common.capabilities.rbac.apiVersion" . }}
metadata:
name: {{ include "common.names.fullname" . }}
namespace: {{ .Release.Namespace }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
{{- if .Values.commonLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
{{- end }}
{{- if .Values.commonAnnotations }}
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
{{- end }}
subjects:
- kind: ServiceAccount
name: {{ include "mysql.serviceAccountName" . }}
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: {{ include "common.names.fullname" . -}}
{{- end }}

18
lib/common/services/mysql/templates/secondary/configmap.yaml
View File

@@ -1,18 +0,0 @@
{{- if (include "mysql.secondary.createConfigmap" .) }}
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ include "mysql.secondary.fullname" . }}
namespace: {{ .Release.Namespace }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
app.kubernetes.io/component: secondary
{{- if .Values.commonLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
{{- end }}
{{- if .Values.commonAnnotations }}
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
{{- end }}
data:
my.cnf: |-
{{ .Values.secondary.configuration | nindent 4 }}
{{- end -}}

25
lib/common/services/mysql/templates/secondary/pdb.yaml
View File

@@ -1,25 +0,0 @@
{{- if and (eq .Values.architecture "replication") .Values.secondary.pdb.enabled }}
apiVersion: {{ include "common.capabilities.policy.apiVersion" . }}
kind: PodDisruptionBudget
metadata:
name: {{ include "mysql.secondary.fullname" . }}
namespace: {{ .Release.Namespace }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
app.kubernetes.io/component: secondary
{{- if .Values.commonLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
{{- end }}
{{- if .Values.commonAnnotations }}
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
{{- end }}
spec:
{{- if .Values.secondary.pdb.minAvailable }}
minAvailable: {{ .Values.secondary.pdb.minAvailable }}
{{- end }}
{{- if .Values.secondary.pdb.maxUnavailable }}
maxUnavailable: {{ .Values.secondary.pdb.maxUnavailable }}
{{- end }}
selector:
matchLabels: {{ include "common.labels.matchLabels" . | nindent 6 }}
app.kubernetes.io/component: secondary
{{- end }}

338
lib/common/services/mysql/templates/secondary/statefulset.yaml
View File

@@ -1,338 +0,0 @@
{{- if eq .Values.architecture "replication" }}
apiVersion: {{ include "common.capabilities.statefulset.apiVersion" . }}
kind: StatefulSet
metadata:
name: {{ include "mysql.secondary.fullname" . }}
namespace: {{ .Release.Namespace }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
app.kubernetes.io/component: secondary
{{- if .Values.commonLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
{{- end }}
{{- if .Values.secondary.podLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.secondary.podLabels "context" $ ) | nindent 4 }}
{{- end }}
{{- if .Values.commonAnnotations }}
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
{{- end }}
spec:
replicas: {{ .Values.secondary.replicaCount }}
selector:
matchLabels: {{ include "common.labels.matchLabels" . | nindent 6 }}
app.kubernetes.io/component: secondary
serviceName: {{ include "mysql.secondary.fullname" . }}
updateStrategy:
type: {{ .Values.secondary.updateStrategy }}
{{- if (eq "Recreate" .Values.secondary.updateStrategy) }}
rollingUpdate: null
{{- else if .Values.secondary.rollingUpdatePartition }}
rollingUpdate:
partition: {{ .Values.secondary.rollingUpdatePartition }}
{{- end }}
template:
metadata:
annotations:
{{- if (include "mysql.secondary.createConfigmap" .) }}
checksum/configuration: {{ include (print $.Template.BasePath "/secondary/configmap.yaml") . | sha256sum }}
{{- end }}
{{- if .Values.secondary.podAnnotations }}
{{- include "common.tplvalues.render" (dict "value" .Values.secondary.podAnnotations "context" $) | nindent 8 }}
{{- end }}
labels: {{- include "common.labels.standard" . | nindent 8 }}
app.kubernetes.io/component: secondary
{{- if .Values.commonLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 8 }}
{{- end }}
{{- if .Values.secondary.podLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.secondary.podLabels "context" $ ) | nindent 8 }}
{{- end }}
spec:
{{- include "mysql.imagePullSecrets" . | nindent 6 }}
{{- if .Values.secondary.hostAliases }}
hostAliases: {{- include "common.tplvalues.render" (dict "value" .Values.secondary.hostAliases "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.schedulerName }}
schedulerName: {{ .Values.schedulerName | quote }}
{{- end }}
serviceAccountName: {{ include "mysql.serviceAccountName" . }}
{{- if .Values.secondary.affinity }}
affinity: {{- include "common.tplvalues.render" (dict "value" .Values.secondary.affinity "context" $) | nindent 8 }}
{{- else }}
affinity:
podAffinity: {{- include "common.affinities.pods" (dict "type" .Values.secondary.podAffinityPreset "component" "secondary" "context" $) | nindent 10 }}
podAntiAffinity: {{- include "common.affinities.pods" (dict "type" .Values.secondary.podAntiAffinityPreset "component" "secondary" "context" $) | nindent 10 }}
nodeAffinity: {{- include "common.affinities.nodes" (dict "type" .Values.secondary.nodeAffinityPreset.type "key" .Values.secondary.nodeAffinityPreset.key "values" .Values.secondary.nodeAffinityPreset.values) | nindent 10 }}
{{- end }}
{{- if .Values.secondary.nodeSelector }}
nodeSelector: {{- include "common.tplvalues.render" (dict "value" .Values.secondary.nodeSelector "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.secondary.tolerations }}
tolerations: {{- include "common.tplvalues.render" (dict "value" .Values.secondary.tolerations "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.priorityClassName }}
priorityClassName: {{ .Values.priorityClassName | quote }}
{{- end }}
{{- if .Values.secondary.podSecurityContext.enabled }}
securityContext: {{- omit .Values.secondary.podSecurityContext "enabled" | toYaml | nindent 8 }}
{{- end }}
{{- if or .Values.secondary.initContainers (and .Values.secondary.podSecurityContext.enabled .Values.volumePermissions.enabled .Values.secondary.persistence.enabled) }}
initContainers:
{{- if .Values.secondary.initContainers }}
{{- include "common.tplvalues.render" (dict "value" .Values.secondary.initContainers "context" $) | nindent 8 }}
{{- end }}
{{- if and .Values.secondary.podSecurityContext.enabled .Values.volumePermissions.enabled .Values.secondary.persistence.enabled }}
- name: volume-permissions
image: {{ include "mysql.volumePermissions.image" . }}
imagePullPolicy: {{ .Values.volumePermissions.image.pullPolicy | quote }}
command:
- /bin/bash
- -ec
- |
chown -R {{ .Values.secondary.containerSecurityContext.runAsUser }}:{{ .Values.secondary.podSecurityContext.fsGroup }} /bitnami/mysql
securityContext:
runAsUser: 0
{{- if .Values.volumePermissions.resources }}
resources: {{- toYaml .Values.volumePermissions.resources | nindent 12 }}
{{- end }}
volumeMounts:
- name: data
mountPath: /bitnami/mysql
{{- end }}
{{- end }}
containers:
- name: mysql
image: {{ include "mysql.image" . }}
imagePullPolicy: {{ .Values.image.pullPolicy | quote }}
{{- if .Values.secondary.containerSecurityContext.enabled }}
securityContext: {{- omit .Values.secondary.containerSecurityContext "enabled" | toYaml | nindent 12 }}
{{- end }}
{{- if .Values.diagnosticMode.enabled }}
command: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.command "context" $) | nindent 12 }}
{{- else if .Values.secondary.command }}
command: {{- include "common.tplvalues.render" (dict "value" .Values.secondary.command "context" $) | nindent 12 }}
{{- end }}
{{- if .Values.diagnosticMode.enabled }}
args: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.args "context" $) | nindent 12 }}
{{- else if .Values.secondary.args }}
args: {{- include "common.tplvalues.render" (dict "value" .Values.secondary.args "context" $) | nindent 12 }}
{{- end }}
env:
- name: BITNAMI_DEBUG
value: {{ ternary "true" "false" (or .Values.image.debug .Values.diagnosticMode.enabled) | quote }}
- name: MYSQL_REPLICATION_MODE
value: "slave"
- name: MYSQL_MASTER_HOST
value: {{ include "mysql.primary.fullname" . }}
- name: MYSQL_MASTER_PORT_NUMBER
value: {{ .Values.primary.service.port | quote }}
- name: MYSQL_MASTER_ROOT_USER
value: "root"
- name: MYSQL_REPLICATION_USER
value: {{ .Values.auth.replicationUser | quote }}
{{- if .Values.auth.usePasswordFiles }}
- name: MYSQL_MASTER_ROOT_PASSWORD_FILE
value: {{ default "/opt/bitnami/mysql/secrets/mysql-root-password" .Values.auth.customPasswordFiles.root }}
- name: MYSQL_REPLICATION_PASSWORD_FILE
value: {{ default "/opt/bitnami/mysql/secrets/mysql-replication-password" .Values.auth.customPasswordFiles.replicator }}
{{- else }}
- name: MYSQL_MASTER_ROOT_PASSWORD
valueFrom:
secretKeyRef:
name: {{ template "mysql.secretName" . }}
key: mysql-root-password
- name: MYSQL_REPLICATION_PASSWORD
valueFrom:
secretKeyRef:
name: {{ template "mysql.secretName" . }}
key: mysql-replication-password
{{- end }}
{{- if .Values.secondary.extraFlags }}
- name: MYSQL_EXTRA_FLAGS
value: "{{ .Values.secondary.extraFlags }}"
{{- end }}
{{- if .Values.secondary.extraEnvVars }}
{{- include "common.tplvalues.render" (dict "value" .Values.secondary.extraEnvVars "context" $) | nindent 12 }}
{{- end }}
{{- if or .Values.secondary.extraEnvVarsCM .Values.secondary.extraEnvVarsSecret }}
envFrom:
{{- if .Values.secondary.extraEnvVarsCM }}
- configMapRef:
name: {{ .Values.secondary.extraEnvVarsCM }}
{{- end }}
{{- if .Values.secondary.extraEnvVarsSecret }}
- secretRef:
name: {{ .Values.secondary.extraEnvVarsSecret }}
{{- end }}
{{- end }}
ports:
- name: mysql
containerPort: 3306
{{- if not .Values.diagnosticMode.enabled }}
{{- if .Values.secondary.livenessProbe.enabled }}
livenessProbe: {{- omit .Values.secondary.livenessProbe "enabled" | toYaml | nindent 12 }}
exec:
command:
- /bin/bash
- -ec
- |
password_aux="${MYSQL_MASTER_ROOT_PASSWORD:-}"
if [[ -f "${MYSQL_MASTER_ROOT_PASSWORD_FILE:-}" ]]; then
password_aux=$(cat "$MYSQL_MASTER_ROOT_PASSWORD_FILE")
fi
mysqladmin status -uroot -p"${password_aux}"
{{- else if .Values.secondary.customLivenessProbe }}
livenessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.secondary.customLivenessProbe "context" $) | nindent 12 }}
{{- end }}
{{- if .Values.secondary.readinessProbe.enabled }}
readinessProbe: {{- omit .Values.secondary.readinessProbe "enabled" | toYaml | nindent 12 }}
exec:
command:
- /bin/bash
- -ec
- |
password_aux="${MYSQL_MASTER_ROOT_PASSWORD:-}"
if [[ -f "${MYSQL_MASTER_ROOT_PASSWORD_FILE:-}" ]]; then
password_aux=$(cat "$MYSQL_MASTER_ROOT_PASSWORD_FILE")
fi
mysqladmin status -uroot -p"${password_aux}"
{{- else if .Values.secondary.customReadinessProbe }}
readinessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.secondary.customReadinessProbe "context" $) | nindent 12 }}
{{- end }}
{{- if .Values.secondary.startupProbe.enabled }}
startupProbe: {{- omit .Values.secondary.startupProbe "enabled" | toYaml | nindent 12 }}
exec:
command:
- /bin/bash
- -ec
- |
password_aux="${MYSQL_MASTER_ROOT_PASSWORD:-}"
if [[ -f "${MYSQL_MASTER_ROOT_PASSWORD_FILE:-}" ]]; then
password_aux=$(cat "$MYSQL_MASTER_ROOT_PASSWORD_FILE")
fi
mysqladmin status -uroot -p"${password_aux}"
{{- else if .Values.secondary.customStartupProbe }}
startupProbe: {{- include "common.tplvalues.render" (dict "value" .Values.secondary.customStartupProbe "context" $) | nindent 12 }}
{{- end }}
{{- end }}
{{- if .Values.secondary.resources }}
resources: {{ toYaml .Values.secondary.resources | nindent 12 }}
{{- end }}
volumeMounts:
- name: data
mountPath: /bitnami/mysql
{{- if or .Values.secondary.configuration .Values.secondary.existingConfigmap }}
- name: config
mountPath: /opt/bitnami/mysql/conf/my.cnf
subPath: my.cnf
{{- end }}
{{- if and .Values.auth.usePasswordFiles (not .Values.auth.customPasswordFiles) }}
- name: mysql-credentials
mountPath: /opt/bitnami/mysql/secrets/
{{- end }}
{{- if .Values.secondary.extraVolumeMounts }}
{{- include "common.tplvalues.render" (dict "value" .Values.secondary.extraVolumeMounts "context" $) | nindent 12 }}
{{- end }}
{{- if .Values.metrics.enabled }}
- name: metrics
image: {{ include "mysql.metrics.image" . }}
imagePullPolicy: {{ .Values.metrics.image.pullPolicy | quote }}
env:
{{- if .Values.auth.usePasswordFiles }}
- name: MYSQL_ROOT_PASSWORD_FILE
value: {{ default "/opt/bitnami/mysqld-exporter/secrets/mysql-root-password" .Values.auth.customPasswordFiles.root }}
{{- else }}
- name: MYSQL_ROOT_PASSWORD
valueFrom:
secretKeyRef:
name: {{ template "mysql.secretName" . }}
key: mysql-root-password
{{- end }}
{{- if .Values.diagnosticMode.enabled }}
command: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.command "context" $) | nindent 12 }}
args: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.args "context" $) | nindent 12 }}
{{- else }}
command:
- /bin/bash
- -ec
- |
password_aux="${MYSQL_ROOT_PASSWORD:-}"
if [[ -f "${MYSQL_ROOT_PASSWORD_FILE:-}" ]]; then
password_aux=$(cat "$MYSQL_ROOT_PASSWORD_FILE")
fi
DATA_SOURCE_NAME="root:${password_aux}@(localhost:3306)/" /bin/mysqld_exporter {{- range .Values.metrics.extraArgs.secondary }} {{ . }} {{- end }}
{{- end }}
ports:
- name: metrics
containerPort: 9104
{{- if not .Values.diagnosticMode.enabled }}
{{- if .Values.metrics.livenessProbe.enabled }}
livenessProbe: {{- omit .Values.metrics.livenessProbe "enabled" | toYaml | nindent 12 }}
httpGet:
path: /metrics
port: metrics
{{- end }}
{{- if .Values.metrics.readinessProbe.enabled }}
readinessProbe: {{- omit .Values.metrics.readinessProbe "enabled" | toYaml | nindent 12 }}
httpGet:
path: /metrics
port: metrics
{{- end }}
{{- end }}
{{- if .Values.metrics.resources }}
resources: {{- toYaml .Values.metrics.resources | nindent 12 }}
{{- end }}
{{- if and .Values.auth.usePasswordFiles (not .Values.auth.customPasswordFiles) }}
volumeMounts:
- name: mysql-credentials
mountPath: /opt/bitnami/mysqld-exporter/secrets/
{{- end }}
{{- end }}
{{- if .Values.secondary.sidecars }}
{{- include "common.tplvalues.render" (dict "value" .Values.secondary.sidecars "context" $) | nindent 8 }}
{{- end }}
volumes:
{{- if or .Values.secondary.configuration .Values.secondary.existingConfigmap }}
- name: config
configMap:
name: {{ include "mysql.secondary.configmapName" . }}
{{- end }}
{{- if and .Values.auth.usePasswordFiles (not .Values.auth.customPasswordFiles) }}
- name: mysql-credentials
secret:
secretName: {{ template "mysql.secretName" . }}
items:
- key: mysql-root-password
path: mysql-root-password
- key: mysql-replication-password
path: mysql-replication-password
{{- end }}
{{- if .Values.secondary.extraVolumes }}
{{- include "common.tplvalues.render" (dict "value" .Values.secondary.extraVolumes "context" $) | nindent 8 }}
{{- end }}
{{- if not .Values.secondary.persistence.enabled }}
- name: data
emptyDir: {}
{{- else }}
volumeClaimTemplates:
- metadata:
name: data
labels: {{ include "common.labels.matchLabels" . | nindent 10 }}
app.kubernetes.io/component: secondary
{{- if .Values.secondary.persistence.annotations }}
annotations:
{{- toYaml .Values.secondary.persistence.annotations | nindent 10 }}
{{- end }}
spec:
accessModes:
{{- range .Values.secondary.persistence.accessModes }}
- {{ . | quote }}
{{- end }}
resources:
requests:
storage: {{ .Values.secondary.persistence.size | quote }}
{{ include "common.storage.class" (dict "persistence" .Values.secondary.persistence "global" .Values.global) }}
{{- if .Values.secondary.persistence.selector }}
selector: {{- include "common.tplvalues.render" (dict "value" .Values.secondary.persistence.selector "context" $) | nindent 10 }}
{{- end -}}
{{- end }}
{{- end }}

26
lib/common/services/mysql/templates/secondary/svc-headless.yaml
View File

@@ -1,26 +0,0 @@
{{- if eq .Values.architecture "replication" }}
apiVersion: v1
kind: Service
metadata:
name: {{ include "mysql.secondary.fullname" . }}-headless
namespace: {{ .Release.Namespace }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
app.kubernetes.io/component: secondary
{{- if .Values.commonLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
{{- end }}
annotations:
{{- if .Values.commonAnnotations }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
{{- end }}
spec:
type: ClusterIP
clusterIP: None
publishNotReadyAddresses: true
ports:
- name: mysql
port: {{ .Values.secondary.service.port }}
targetPort: mysql
selector: {{ include "common.labels.matchLabels" . | nindent 4 }}
app.kubernetes.io/component: secondary
{{- end }}

43
lib/common/services/mysql/templates/secondary/svc.yaml
View File

@@ -1,43 +0,0 @@
{{- if eq .Values.architecture "replication" }}
apiVersion: v1
kind: Service
metadata:
name: {{ include "mysql.secondary.fullname" . }}
namespace: {{ .Release.Namespace }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
app.kubernetes.io/component: secondary
{{- if .Values.commonLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
{{- end }}
annotations:
{{- if .Values.commonAnnotations }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
{{- end }}
{{- if .Values.secondary.service.annotations }}
{{- include "common.tplvalues.render" ( dict "value" .Values.secondary.service.annotations "context" $ ) | nindent 4 }}
{{- end }}
spec:
type: {{ .Values.secondary.service.type }}
{{- if and (eq .Values.secondary.service.type "ClusterIP") .Values.secondary.service.clusterIP }}
clusterIP: {{ .Values.secondary.service.clusterIP }}
{{- end }}
{{- if and .Values.secondary.service.loadBalancerIP (eq .Values.secondary.service.type "LoadBalancer") }}
loadBalancerIP: {{ .Values.secondary.service.loadBalancerIP }}
externalTrafficPolicy: {{ .Values.secondary.service.externalTrafficPolicy | quote }}
{{- end }}
{{- if and (eq .Values.secondary.service.type "LoadBalancer") .Values.secondary.service.loadBalancerSourceRanges }}
loadBalancerSourceRanges: {{- toYaml .Values.secondary.service.loadBalancerSourceRanges | nindent 4 }}
{{- end }}
ports:
- name: mysql
port: {{ .Values.secondary.service.port }}
protocol: TCP
targetPort: mysql
{{- if (and (or (eq .Values.secondary.service.type "NodePort") (eq .Values.secondary.service.type "LoadBalancer")) .Values.secondary.service.nodePort) }}
nodePort: {{ .Values.secondary.service.nodePort }}
{{- else if eq .Values.secondary.service.type "ClusterIP" }}
nodePort: null
{{- end }}
selector: {{ include "common.labels.matchLabels" . | nindent 4 }}
app.kubernetes.io/component: secondary
{{- end }}

41
lib/common/services/mysql/templates/secrets.yaml
View File

@@ -1,21 +1,34 @@
{{- if eq (include "mysql.createSecret" .) "true" }} {{- if (not .Values.existingSecret) -}}
apiVersion: v1 apiVersion: v1
kind: Secret kind: Secret
metadata: metadata:
name: {{ include "common.names.fullname" . }} name: {{ template "mysql.fullname" . }}
namespace: {{ .Release.Namespace }} labels: {{- include "mysql.labels" . | nindent 4 }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
{{- if .Values.commonLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
{{- end }}
{{- if .Values.commonAnnotations }}
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
{{- end }}
type: Opaque type: Opaque
data: data:
mysql-root-password: {{ include "mysql.root.password" . | b64enc | quote }} {{- if .Values.root.password }}
mysql-password: {{ include "mysql.password" . | b64enc | quote }} mysql-root-password: {{ .Values.root.password | b64enc | quote }}
{{- if eq .Values.architecture "replication" }} {{- else if (not .Values.root.forcePassword) }}
mysql-replication-password: {{ include "mysql.replication.password" . | b64enc | quote }} mysql-root-password: {{ randAlphaNum 10 | b64enc | quote }}
{{ else }}
mysql-root-password: {{ required "A MySQL Root Password is required!" .Values.root.password }}
{{- end }}
{{- if .Values.db.user }}
{{- if .Values.db.password }}
mysql-password: {{ .Values.db.password | b64enc | quote }}
{{- else if (not .Values.db.forcePassword) }}
mysql-password: {{ randAlphaNum 10 | b64enc | quote }}
{{- else }}
mysql-password: {{ required "A MySQL Database Password is required!" .Values.db.password }}
{{- end }}
{{- end }}
{{- if .Values.replication.enabled }}
{{- if .Values.replication.password }}
mysql-replication-password: {{ .Values.replication.password | b64enc | quote }}
{{- else if (not .Values.replication.forcePassword) }}
mysql-replication-password: {{ randAlphaNum 10 | b64enc | quote }}
{{- else }}
mysql-replication-password: {{ required "A MySQL Replication Password is required!" .Values.replication.password }}
{{- end }}
{{- end }} {{- end }}
{{- end }} {{- end }}

23
lib/common/services/mysql/templates/serviceaccount.yaml
View File

@@ -2,21 +2,12 @@
apiVersion: v1 apiVersion: v1
kind: ServiceAccount kind: ServiceAccount
metadata: metadata:
name: {{ include "mysql.serviceAccountName" . }} name: {{ template "mysql.serviceAccountName" . }}
namespace: {{ .Release.Namespace }} labels:
labels: {{- include "common.labels.standard" . | nindent 4 }} app: {{ template "mysql.name" . }}
{{- if .Values.commonLabels }} chart: {{ template "mysql.chart" . }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} release: "{{ .Release.Name }}"
{{- end }} heritage: "{{ .Release.Service }}"
annotations:
{{- if .Values.serviceAccount.annotations }}
{{- include "common.tplvalues.render" ( dict "value" .Values.serviceAccount.annotations "context" $ ) | nindent 4 }}
{{- end }}
{{- if .Values.commonAnnotations }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
{{- end }}
{{- if (not .Values.auth.customPasswordFiles) }}
secrets: secrets:
- name: {{ template "mysql.secretName" . }} - name: {{ template "mysql.secretName" . }}
{{- end }} {{- end }}
{{- end }}

28
lib/common/services/mysql/templates/servicemonitor.yaml
View File

@@ -2,23 +2,18 @@
apiVersion: monitoring.coreos.com/v1 apiVersion: monitoring.coreos.com/v1
kind: ServiceMonitor kind: ServiceMonitor
metadata: metadata:
name: {{ include "common.names.fullname" . }} name: {{ template "mysql.fullname" . }}
{{- if .Values.metrics.serviceMonitor.namespace }} {{- if .Values.metrics.serviceMonitor.namespace }}
namespace: {{ .Values.metrics.serviceMonitor.namespace }} namespace: {{ .Values.metrics.serviceMonitor.namespace }}
{{- else }}
namespace: {{ .Release.Namespace }}
{{- end }} {{- end }}
labels: {{- include "common.labels.standard" . | nindent 4 }} labels: {{- include "mysql.labels" . | nindent 4 }}
{{- if .Values.commonLabels }} {{- range $key, $value := .Values.metrics.serviceMonitor.selector }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} {{ $key }}: {{ $value | quote }}
{{- end }} {{- end }}
{{- if .Values.metrics.serviceMonitor.additionalLabels }}
{{- include "common.tplvalues.render" (dict "value" .Values.metrics.serviceMonitor.additionalLabels "context" $) | nindent 4 }}
{{- end }}
{{- if .Values.commonAnnotations }}
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
{{- end }}
spec: spec:
selector:
matchLabels: {{- include "mysql.matchLabels" . | nindent 6 }}
component: master
endpoints: endpoints:
- port: metrics - port: metrics
{{- if .Values.metrics.serviceMonitor.interval }} {{- if .Values.metrics.serviceMonitor.interval }}
@@ -27,16 +22,7 @@ spec:
{{- if .Values.metrics.serviceMonitor.scrapeTimeout }} {{- if .Values.metrics.serviceMonitor.scrapeTimeout }}
scrapeTimeout: {{ .Values.metrics.serviceMonitor.scrapeTimeout }} scrapeTimeout: {{ .Values.metrics.serviceMonitor.scrapeTimeout }}
{{- end }} {{- end }}
{{- if .Values.metrics.serviceMonitor.honorLabels }}
honorLabels: {{ .Values.metrics.serviceMonitor.honorLabels }}
{{- end }}
{{- if .Values.metrics.serviceMonitor.relabellings }}
metricRelabelings: {{- toYaml .Values.metrics.serviceMonitor.relabellings | nindent 6 }}
{{- end }}
namespaceSelector: namespaceSelector:
matchNames: matchNames:
- {{ .Release.Namespace }} - {{ .Release.Namespace }}
selector:
matchLabels: {{- include "common.labels.matchLabels" . | nindent 6 }}
app.kubernetes.io/component: metrics
{{- end }} {{- end }}

11
lib/common/services/mysql/templates/slave-configmap.yaml Normal file
View File

@@ -0,0 +1,11 @@
{{- if and .Values.replication.enabled .Values.slave.config }}
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ template "mysql.slave.fullname" . }}
labels: {{- include "mysql.labels" . | nindent 4 }}
component: slave
data:
my.cnf: |-
{{ .Values.slave.config | indent 4 }}
{{- end }}

262
lib/common/services/mysql/templates/slave-statefulset.yaml Normal file
View File

@@ -0,0 +1,262 @@
{{- if .Values.replication.enabled }}
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: {{ template "mysql.slave.fullname" . }}
labels: {{- include "mysql.labels" . | nindent 4 }}
component: slave
spec:
selector:
matchLabels: {{- include "mysql.matchLabels" . | nindent 6 }}
component: slave
serviceName: "{{ template "mysql.slave.fullname" . }}"
replicas: {{ .Values.slave.replicas }}
updateStrategy:
type: {{ .Values.slave.updateStrategy.type }}
{{- if (eq "Recreate" .Values.slave.updateStrategy.type) }}
rollingUpdate: null
{{- end }}
template:
metadata:
labels: {{- include "mysql.labels" . | nindent 8 }}
component: slave
{{- if .Values.slave.podAnnotations }}
annotations: {{ include "mysql.tplValue" ( dict "value" .Values.slave.podAnnotations "context" $) | nindent 8 }}
{{- end }}
spec:
{{- include "mysql.imagePullSecrets" . | indent 6 }}
{{- if .Values.slave.affinity }}
affinity: {{- include "mysql.tplValue" (dict "value" .Values.slave.affinity "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.slave.nodeSelector }}
nodeSelector: {{- include "mysql.tplValue" (dict "value" .Values.slave.nodeSelector "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.slave.tolerations }}
tolerations: {{- include "mysql.tplValue" (dict "value" .Values.slave.tolerations "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.slave.securityContext.enabled }}
securityContext:
fsGroup: {{ .Values.slave.securityContext.fsGroup }}
runAsUser: {{ .Values.slave.securityContext.runAsUser }}
{{- end }}
serviceAccountName: {{ template "mysql.serviceAccountName" . }}
{{- if and .Values.volumePermissions.enabled .Values.slave.persistence.enabled }}
initContainers:
- name: volume-permissions
image: {{ template "mysql.volumePermissions.image" . }}
imagePullPolicy: {{ .Values.volumePermissions.image.pullPolicy | quote }}
{{- if .Values.slave.containerSecurityContext }}
securityContext: {{- toYaml .Values.slave.containerSecurityContext | nindent 12 }}
{{- end }}
command:
- /bin/bash
- -ec
- |
chown -R {{ .Values.slave.securityContext.runAsUser }}:{{ .Values.slave.securityContext.fsGroup }} {{ .Values.slave.persistence.mountPath }}
securityContext:
runAsUser: 0
{{- if .Values.volumePermissions.resources }}
resources: {{- toYaml .Values.volumePermissions.resources | nindent 12 }}
{{- end }}
volumeMounts:
- name: data
mountPath: {{ .Values.slave.persistence.mountPath }}
{{- end }}
containers:
- name: mysql
image: {{ template "mysql.image" . }}
imagePullPolicy: {{ .Values.image.pullPolicy | quote }}
env:
- name: MYSQL_REPLICATION_MODE
value: "slave"
- name: MYSQL_MASTER_HOST
value: {{ template "mysql.fullname" . }}
- name: MYSQL_MASTER_PORT_NUMBER
value: "3306"
- name: MYSQL_MASTER_ROOT_USER
value: "root"
{{- if .Values.root.injectSecretsAsVolume }}
- name: MYSQL_MASTER_ROOT_PASSWORD_FILE
value: "/opt/bitnami/mysql/secrets/mysql-root-password"
{{- else }}
- name: MYSQL_MASTER_ROOT_PASSWORD
valueFrom:
secretKeyRef:
name: {{ template "mysql.secretName" . }}
key: mysql-root-password
{{- end }}
- name: MYSQL_REPLICATION_USER
value: "{{ .Values.replication.user }}"
{{- if .Values.replication.injectSecretsAsVolume }}
- name: MYSQL_REPLICATION_PASSWORD_FILE
value: "/opt/bitnami/mysql/secrets/mysql-replication-password"
{{- else }}
- name: MYSQL_REPLICATION_PASSWORD
valueFrom:
secretKeyRef:
name: {{ template "mysql.secretName" . }}
key: mysql-replication-password
{{- end }}
{{- if .Values.slave.extraEnvVars }}
{{- include "mysql.tplValue" (dict "value" .Values.slave.extraEnvVars "context" $) | nindent 12 }}
{{- end }}
{{- if or .Values.slave.extraEnvVarsCM .Values.slave.extraEnvVarsSecret }}
envFrom:
{{- if .Values.slave.extraEnvVarsCM }}
- configMapRef:
name: {{ .Values.slave.extraEnvVarsCM }}
{{- end }}
{{- if .Values.slave.extraEnvVarsSecret }}
- secretRef:
name: {{ .Values.slave.extraEnvVarsSecret }}
{{- end }}
{{- end }}
ports:
- name: mysql
containerPort: 3306
{{- if .Values.slave.livenessProbe.enabled }}
livenessProbe:
exec:
command:
- sh
- -c
- |
password_aux="${MYSQL_MASTER_ROOT_PASSWORD:-}"
if [ -f "${MYSQL_MASTER_ROOT_PASSWORD_FILE:-}" ]; then
password_aux=$(cat $MYSQL_MASTER_ROOT_PASSWORD_FILE)
fi
mysqladmin status -uroot -p$password_aux
initialDelaySeconds: {{ .Values.slave.livenessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.slave.livenessProbe.periodSeconds }}
timeoutSeconds: {{ .Values.slave.livenessProbe.timeoutSeconds }}
successThreshold: {{ .Values.slave.livenessProbe.successThreshold }}
failureThreshold: {{ .Values.slave.livenessProbe.failureThreshold }}
{{- end }}
{{- if .Values.slave.readinessProbe.enabled }}
readinessProbe:
exec:
command:
- sh
- -c
- |
password_aux="${MYSQL_MASTER_ROOT_PASSWORD:-}"
if [ -f "${MYSQL_MASTER_ROOT_PASSWORD_FILE:-}" ]; then
password_aux=$(cat $MYSQL_MASTER_ROOT_PASSWORD_FILE)
fi
mysqladmin status -uroot -p$password_aux
initialDelaySeconds: {{ .Values.slave.readinessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.slave.readinessProbe.periodSeconds }}
timeoutSeconds: {{ .Values.slave.readinessProbe.timeoutSeconds }}
successThreshold: {{ .Values.slave.readinessProbe.successThreshold }}
failureThreshold: {{ .Values.slave.readinessProbe.failureThreshold }}
{{- end }}
{{- if .Values.master.resources }}
resources: {{- toYaml .Values.slave.resources | nindent 12 }}
{{- end }}
volumeMounts:
- name: data
mountPath: {{ .Values.slave.persistence.mountPath }}
{{- if .Values.slave.config }}
- name: config
mountPath: /opt/bitnami/mysql/conf/my.cnf
subPath: my.cnf
{{- end }}
{{- if or .Values.root.injectSecretsAsVolume .Values.replication.injectSecretsAsVolume }}
- name: mysql-credentials
mountPath: /opt/bitnami/mysql/secrets/
{{- end }}
{{- if .Values.metrics.enabled }}
- name: metrics
image: {{ template "mysql.metrics.image" . }}
imagePullPolicy: {{ .Values.metrics.image.pullPolicy | quote }}
env:
{{- if .Values.root.injectSecretsAsVolume }}
- name: MYSQL_MASTER_ROOT_PASSWORD_FILE
value: "/opt/bitnami/mysqld-exporter/secrets/mysql-root-password"
{{- else }}
- name: MYSQL_MASTER_ROOT_PASSWORD
valueFrom:
secretKeyRef:
name: {{ template "mysql.secretName" . }}
key: mysql-root-password
{{- end }}
command:
- /bin/sh
- -c
- |
password_aux="${MYSQL_MASTER_ROOT_PASSWORD:-}"
if [ -f "${MYSQL_MASTER_ROOT_PASSWORD_FILE:-}" ]; then
password_aux=$(cat $MYSQL_MASTER_ROOT_PASSWORD_FILE)
fi
DATA_SOURCE_NAME="root:${password_aux}@(localhost:3306)/" /bin/mysqld_exporter
ports:
- name: metrics
containerPort: 9104
livenessProbe:
httpGet:
path: /metrics
port: metrics
initialDelaySeconds: 15
timeoutSeconds: 5
readinessProbe:
httpGet:
path: /metrics
port: metrics
initialDelaySeconds: 5
timeoutSeconds: 1
{{- if .Values.metrics.resources }}
resources: {{- toYaml .Values.metrics.resources | nindent 12 }}
{{- end }}
{{- if or .Values.root.injectSecretsAsVolume }}
volumeMounts:
- name: mysql-credentials
mountPath: /opt/bitnami/mysqld-exporter/secrets/
{{- end }}
{{- end }}
volumes:
{{- if .Values.slave.config }}
- name: config
configMap:
name: {{ template "mysql.slave.fullname" . }}
{{- end }}
{{- if or .Values.root.injectSecretsAsVolume .Values.replication.injectSecretsAsVolume }}
- name: mysql-credentials
secret:
secretName: {{ template "mysql.fullname" . }}
items:
{{- if .Values.root.injectSecretsAsVolume }}
- key: mysql-root-password
path: mysql-root-password
{{- end }}
{{- if .Values.replication.injectSecretsAsVolume }}
- key: mysql-replication-password
path: mysql-replication-password
{{- end }}
{{- end }}
{{- if not .Values.slave.persistence.enabled }}
- name: "data"
emptyDir: {}
{{- else if and .Values.slave.persistence.enabled .Values.slave.persistence.existingClaim }}
- name: "data"
persistentVolumeClaim:
claimName: {{ .Values.slave.persistence.existingClaim }}
{{- else if and .Values.slave.persistence.enabled (not .Values.slave.persistence.existingClaim) }}
volumeClaimTemplates:
- metadata:
name: data
labels:
app: {{ template "mysql.name" . }}
component: slave
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
spec:
accessModes:
{{- range .Values.slave.persistence.accessModes }}
- {{ . | quote }}
{{- end }}
resources:
requests:
storage: {{ .Values.slave.persistence.size | quote }}
{{ include "mysql.slave.storageClass" . }}
{{- end }}
{{- end }}

40
lib/common/services/mysql/templates/slave-svc.yaml Normal file
View File

@@ -0,0 +1,40 @@
{{- if .Values.replication.enabled }}
apiVersion: v1
kind: Service
metadata:
name: {{ template "mysql.slave.fullname" . }}
labels: {{- include "mysql.labels" . | nindent 4 }}
component: slave
{{- if or .Values.service.annotations .Values.metrics.service.annotations }}
annotations:
{{- if .Values.service.annotations }}
{{- include "mysql.tplValue" ( dict "value" .Values.service.annotations "context" $) | nindent 4 }}
{{- end }}
{{- if .Values.metrics.service.annotations }}
{{- include "mysql.tplValue" ( dict "value" .Values.metrics.service.annotations "context" $) | nindent 4 }}
{{- end }}
{{- end }}
spec:
type: {{ .Values.service.type }}
{{- if and (eq .Values.service.type "LoadBalancer") (not (empty .Values.service.loadBalancerIP)) }}
{{- if not (empty .Values.service.loadBalancerIP.slave) }}
loadBalancerIP: {{ .Values.service.loadBalancerIP.slave }}
{{- end }}
{{- end }}
ports:
- name: mysql
port: {{ .Values.service.port }}
targetPort: mysql
{{- if and (or (eq .Values.service.type "NodePort") (eq .Values.service.type "LoadBalancer")) (not (empty .Values.service.nodePort)) }}
nodePort: {{ .Values.service.nodePort.slave }}
{{- else if eq .Values.service.type "ClusterIP" }}
nodePort: null
{{- end }}
{{- if .Values.metrics.enabled }}
- name: metrics
port: {{ .Values.metrics.service.port }}
targetPort: metrics
{{- end }}
selector: {{- include "mysql.matchLabels" . | nindent 4 }}
component: slave
{{- end }}

304
lib/common/services/mysql/values-production.yaml Normal file
View File

@@ -0,0 +1,304 @@
## Admin (root) credentials
##
root:
## MySQL admin password
## ref: https://github.com/bitnami/bitnami-docker-mysql#setting-the-root-password-on-first-run
##
password:
## Option to force users to specify a password. That is required for 'helm upgrade' to work properly.
## If it is not force, a random password will be generated.
##
forcePassword: true
## Mount admin password as a file instead of using an environment variable
##
injectSecretsAsVolume: true
## Custom user/db credentials
##
db:
## MySQL username and password
## ref: https://github.com/bitnami/bitnami-docker-mysql#creating-a-database-user-on-first-run
## Note that this user should be different from the MySQL replication user (replication.user)
##
user:
password:
## Database to create
## ref: https://github.com/bitnami/bitnami-docker-mysql#creating-a-database-on-first-run
##
name: my_database
## Option to force users to specify a password. That is required for 'helm upgrade' to work properly.
## If it is not force, a random password will be generated.
##
forcePassword: true
## Mount replication user password as a file instead of using an environment variable
##
injectSecretsAsVolume: true
## Replication configuration
##
replication:
## Enable replication. This enables the creation of replicas of MySQL. If false, only a
## master deployment would be created
##
enabled: true
##
## MySQL replication user
## ref: https://github.com/bitnami/bitnami-docker-mysql#setting-up-a-replication-cluster
## Note that this user should be different from the MySQL user (db.user)
##
user: replicator
## MySQL replication user password
## ref: https://github.com/bitnami/bitnami-docker-mysql#setting-up-a-replication-cluster
##
password:
## Option to force users to specify a password. That is required for 'helm upgrade' to work properly.
## If it is not force, a random password will be generated.
##
forcePassword: true
## Mount replication user password as a file instead of using an environment variable
##
injectSecretsAsVolume: true
## initdb scripts
## Specify dictionary of scripts to be run at first boot
## Alternatively, you can put your scripts under the files/docker-entrypoint-initdb.d directory
##
# initdbScripts:
# my_init_script.sh: |
# #!/bin/sh
# echo "Do something."
#
## ConfigMap with scripts to be run at first boot
## Note: This will override initdbScripts
# initdbScriptsConfigMap:
## Slave nodes parameters
##
slave:
## Number of slave replicas
##
replicas: 2
## Configure MySQL slave with a custom my.cnf file
## ref: https://mysql.com/kb/en/mysql/configuring-mysql-with-mycnf/#example-of-configuration-file
##
config: |-
[mysqld]
default_authentication_plugin=mysql_native_password
skip-name-resolve
explicit_defaults_for_timestamp
basedir=/opt/bitnami/mysql
port=3306
socket=/opt/bitnami/mysql/tmp/mysql.sock
datadir=/bitnami/mysql/data
tmpdir=/opt/bitnami/mysql/tmp
max_allowed_packet=16M
bind-address=0.0.0.0
pid-file=/opt/bitnami/mysql/tmp/mysqld.pid
log-error=/opt/bitnami/mysql/logs/mysqld.log
character-set-server=UTF8
collation-server=utf8_general_ci
[client]
port=3306
socket=/opt/bitnami/mysql/tmp/mysql.sock
default-character-set=UTF8
[manager]
port=3306
socket=/opt/bitnami/mysql/tmp/mysql.sock
pid-file=/opt/bitnami/mysql/tmp/mysqld.pid
## updateStrategy for slave nodes
## ref: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#update-strategies
##
updateStrategy:
type: RollingUpdate
## Pod annotations
## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
##
podAnnotations: {}
## Affinity for pod assignment
## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
##
affinity: {}
## Node labels for pod assignment. Evaluated as a template.
## Ref: https://kubernetes.io/docs/user-guide/node-selection/
##
nodeSelector: {}
## An array to add extra environment variables
## For example:
## extraEnvVars:
## - name: TZ
## value: "Europe/Paris"
##
extraEnvVars:
## ConfigMap with extra env vars:
##
extraEnvVarsCM:
## Secret with extra env vars:
##
extraEnvVarsSecret:
## Tolerations for pod assignment
## Ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
##
tolerations: []
## MySQL slave pods' Security Context
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
##
securityContext:
enabled: true
fsGroup: 1001
runAsUser: 1001
## MySQL slave containers' Security Context
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container
## Example:
## containerSecurityContext:
## capabilities:
## drop: ["NET_RAW"]
## readOnlyRootFilesystem: true
##
containerSecurityContext: {}
## MySQL slave containers' resource requests and limits
## ref: http://kubernetes.io/docs/user-guide/compute-resources/
##
resources:
# We usually recommend not to specify default resources and to leave this as a conscious
# choice for the user. This also increases chances charts run on environments with little
# resources, such as Minikube. If you do want to specify resources, uncomment the following
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
limits: {}
# cpu: 250m
# memory: 256Mi
requests: {}
# cpu: 250m
# memory: 256Mi
## MySQL slave containers' liveness and readiness probes
## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes
##
livenessProbe:
enabled: true
## Initializing the database could take some time
##
initialDelaySeconds: 120
periodSeconds: 10
timeoutSeconds: 1
successThreshold: 1
failureThreshold: 3
readinessProbe:
enabled: true
## Initializing the database could take some time
##
initialDelaySeconds: 30
periodSeconds: 10
timeoutSeconds: 1
successThreshold: 1
failureThreshold: 3
## Enable persistence using PVCs on slave nodes
## ref: http://kubernetes.io/docs/user-guide/persistent-volumes/
##
persistence:
## If true, use a Persistent Volume Claim, If false, use emptyDir
##
enabled: true
mountPath: /bitnami/mysql
## Persistent Volume Storage Class
## If defined, storageClassName: <storageClass>
## If set to "-", storageClassName: "", which disables dynamic provisioning
## If undefined (the default) or set to null, no storageClassName spec is
## set, choosing the default provisioner. (gp2 on AWS, standard on
## GKE, AWS & OpenStack)
##
# storageClass: "-"
## PVC annotations
##
annotations: {}
## Persistent Volume Access Mode
##
accessModes:
- ReadWriteOnce
## Persistent Volume size
##
size: 8Gi
## Use an existing PVC
##
# existingClaim:
## MySQL prometheus metrics parameters
## ref: https://docs.influxdata.com/influxdb/v1.7/administration/server_monitoring/#influxdb-metrics-http-endpoint
##
metrics:
enabled: true
## Bitnami MySQL Prometheus exporter image
## ref: https://hub.docker.com/r/bitnami/mysqld-exporter/tags/
##
image:
registry: docker.io
repository: bitnami/mysqld-exporter
tag: 0.12.1-debian-10-r127
pullPolicy: IfNotPresent
## Optionally specify an array of imagePullSecrets.
## Secrets must be manually created in the namespace.
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
##
# pullSecrets:
# - myRegistryKeySecretName
## MySQL Prometheus exporter containers' resource requests and limits
## ref: http://kubernetes.io/docs/user-guide/compute-resources/
##
resources:
# We usually recommend not to specify default resources and to leave this as a conscious
# choice for the user. This also increases chances charts run on environments with little
# resources, such as Minikube. If you do want to specify resources, uncomment the following
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
limits: {}
# cpu: 0.5
# memory: 256Mi
requests: {}
# cpu: 0.5
# memory: 256Mi
## MySQL Prometheus exporter service parameters
##
service:
type: ClusterIP
port: 9104
annotations:
prometheus.io/scrape: "true"
prometheus.io/port: "{{ .Values.metrics.service.port }}"
## Prometheus Operator ServiceMonitor configuration
##
serviceMonitor:
enabled: false
## Namespace in which Prometheus is running
##
# namespace: monitoring
## Interval at which metrics should be scraped.
## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#endpoint
##
# interval: 10s
## Timeout after which the scrape is ended
## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#endpoint
##
# scrapeTimeout: 10s
## ServiceMonitor selector labels
## ref: https://github.com/bitnami/charts/tree/master/bitnami/prometheus-operator#prometheus-configuration
##
# selector:
# prometheus: my-prometheus

178
lib/common/services/mysql/values.schema.json
View File

@@ -1,178 +0,0 @@
{
"$schema": "http://json-schema.org/schema#",
"type": "object",
"properties": {
"architecture": {
"type": "string",
"title": "MySQL architecture",
"form": true,
"description": "Allowed values: `standalone` or `replication`",
"enum": ["standalone", "replication"]
},
"auth": {
"type": "object",
"title": "Authentication configuration",
"form": true,
"required": ["database", "username", "password"],
"properties": {
"rootPassword": {
"type": "string",
"title": "MySQL root password",
"description": "Defaults to a random 10-character alphanumeric string if not set"
},
"database": {
"type": "string",
"title": "MySQL custom database name"
},
"username": {
"type": "string",
"title": "MySQL custom username"
},
"password": {
"type": "string",
"title": "MySQL custom password"
},
"replicationUser": {
"type": "string",
"title": "MySQL replication username"
},
"replicationPassword": {
"type": "string",
"title": "MySQL replication password"
}
}
},
"primary": {
"type": "object",
"title": "Primary database configuration",
"form": true,
"properties": {
"podSecurityContext": {
"type": "object",
"title": "MySQL primary Pod security context",
"properties": {
"enabled": {
"type": "boolean",
"default": false
},
"fsGroup": {
"type": "integer",
"default": 1001,
"hidden": {
"value": false,
"path": "primary/podSecurityContext/enabled"
}
}
}
},
"containerSecurityContext": {
"type": "object",
"title": "MySQL primary container security context",
"properties": {
"enabled": {
"type": "boolean",
"default": false
},
"runAsUser": {
"type": "integer",
"default": 1001,
"hidden": {
"value": false,
"path": "primary/containerSecurityContext/enabled"
}
}
}
},
"persistence": {
"type": "object",
"title": "Enable persistence using Persistent Volume Claims",
"properties": {
"enabled": {
"type": "boolean",
"default": true,
"title": "If true, use a Persistent Volume Claim, If false, use emptyDir"
},
"size": {
"type": "string",
"title": "Persistent Volume Size",
"form": true,
"render": "slider",
"sliderMin": 1,
"sliderUnit": "Gi",
"hidden": {
"value": false,
"path": "primary/persistence/enabled"
}
}
}
}
}
},
"secondary": {
"type": "object",
"title": "Secondary database configuration",
"form": true,
"properties": {
"podSecurityContext": {
"type": "object",
"title": "MySQL secondary Pod security context",
"properties": {
"enabled": {
"type": "boolean",
"default": false
},
"fsGroup": {
"type": "integer",
"default": 1001,
"hidden": {
"value": false,
"path": "secondary/podSecurityContext/enabled"
}
}
}
},
"containerSecurityContext": {
"type": "object",
"title": "MySQL secondary container security context",
"properties": {
"enabled": {
"type": "boolean",
"default": false
},
"runAsUser": {
"type": "integer",
"default": 1001,
"hidden": {
"value": false,
"path": "secondary/containerSecurityContext/enabled"
}
}
}
},
"persistence": {
"type": "object",
"title": "Enable persistence using Persistent Volume Claims",
"properties": {
"enabled": {
"type": "boolean",
"default": true,
"title": "If true, use a Persistent Volume Claim, If false, use emptyDir"
},
"size": {
"type": "string",
"title": "Persistent Volume Size",
"form": true,
"render": "slider",
"sliderMin": 1,
"sliderUnit": "Gi",
"hidden": {
"value": false,
"path": "secondary/persistence/enabled"
}
}
}
}
}
}
}
}

1479
lib/common/services/mysql/values.yaml
View File

File diff suppressed because it is too large Load Diff

3
lib/helm-freeze.yaml
View File

@@ -55,8 +55,9 @@ charts:
# Chart is frozen due to custom modification see https://github.com/Qovery/engine/pull/293 # Chart is frozen due to custom modification see https://github.com/Qovery/engine/pull/293
- name: mysql - name: mysql
repo_name: bitnami repo_name: bitnami
version: 8.9.6 version: 6.14.2
dest: services dest: services
no_sync: true
- name: postgresql - name: postgresql
repo_name: bitnami repo_name: bitnami
version: 8.9.8 version: 8.9.8

20
test_utilities/src/common.rs
View File

@@ -220,9 +220,9 @@ pub fn environment_3_apps_3_routers_3_databases(
database_disk_type: &str, database_disk_type: &str,
provider_kind: Kind, provider_kind: Kind,
) -> EnvironmentRequest { ) -> EnvironmentRequest {
let app_name_1 = format!("{}-{}", "simple-app-1", generate_id()); let app_name_1 = format!("{}-{}", "simple-app-1".to_string(), generate_id());
let app_name_2 = format!("{}-{}", "simple-app-2", generate_id()); let app_name_2 = format!("{}-{}", "simple-app-2".to_string(), generate_id());
let app_name_3 = format!("{}-{}", "simple-app-3", generate_id()); let app_name_3 = format!("{}-{}", "simple-app-3".to_string(), generate_id());
// mongoDB management part // mongoDB management part
let database_host_mongo = get_svc_name(DatabaseKind::Mongodb, provider_kind.clone()).to_string(); let database_host_mongo = get_svc_name(DatabaseKind::Mongodb, provider_kind.clone()).to_string();
@@ -248,7 +248,7 @@ pub fn environment_3_apps_3_routers_3_databases(
let database_name = "postgres".to_string(); let database_name = "postgres".to_string();
// pSQL 2 management part // pSQL 2 management part
let fqdn_2 = format!("{}2", get_svc_name(DatabaseKind::Postgresql, provider_kind)); let fqdn_2 = format!("{}2", get_svc_name(DatabaseKind::Postgresql, provider_kind.clone()));
let database_username_2 = "superuser2".to_string(); let database_username_2 = "superuser2".to_string();
let database_name_2 = "postgres2".to_string(); let database_name_2 = "postgres2".to_string();
@@ -380,9 +380,9 @@ pub fn environment_3_apps_3_routers_3_databases(
environment_vars: btreemap! { environment_vars: btreemap! {
"IS_DOCUMENTDB".to_string() => base64::encode("false"), "IS_DOCUMENTDB".to_string() => base64::encode("false"),
"QOVERY_DATABASE_TESTING_DATABASE_FQDN".to_string() => base64::encode(database_host_mongo.clone()), "QOVERY_DATABASE_TESTING_DATABASE_FQDN".to_string() => base64::encode(database_host_mongo.clone()),
"QOVERY_DATABASE_MY_DDB_CONNECTION_URI".to_string() => base64::encode(database_uri_mongo), "QOVERY_DATABASE_MY_DDB_CONNECTION_URI".to_string() => base64::encode(database_uri_mongo.clone()),
"QOVERY_DATABASE_TESTING_DATABASE_PORT".to_string() => base64::encode(database_port_mongo.to_string()), "QOVERY_DATABASE_TESTING_DATABASE_PORT".to_string() => base64::encode(database_port_mongo.to_string()),
"MONGODB_DBNAME".to_string() => base64::encode(&database_db_name_mongo), "MONGODB_DBNAME".to_string() => base64::encode(&database_db_name_mongo.clone()),
"QOVERY_DATABASE_TESTING_DATABASE_USERNAME".to_string() => base64::encode(database_username_mongo.clone()), "QOVERY_DATABASE_TESTING_DATABASE_USERNAME".to_string() => base64::encode(database_username_mongo.clone()),
"QOVERY_DATABASE_TESTING_DATABASE_PASSWORD".to_string() => base64::encode(database_password_mongo.clone()), "QOVERY_DATABASE_TESTING_DATABASE_PASSWORD".to_string() => base64::encode(database_password_mongo.clone()),
}, },
@@ -409,12 +409,12 @@ pub fn environment_3_apps_3_routers_3_databases(
long_id: Uuid::new_v4(), long_id: Uuid::new_v4(),
name: "main".to_string(), name: "main".to_string(),
action: Action::Create, action: Action::Create,
default_domain: format!("{}.{}.{}", generate_id(), context.cluster_id(), test_domain), default_domain: format!("{}.{}.{}", generate_id(), context.cluster_id().to_string(), test_domain),
public_port: 443, public_port: 443,
custom_domains: vec![], custom_domains: vec![],
routes: vec![Route { routes: vec![Route {
path: "/app1".to_string(), path: "/app1".to_string(),
application_name: app_name_1, application_name: app_name_1.clone(),
}], }],
sticky_sessions_enabled: false, sticky_sessions_enabled: false,
}, },
@@ -422,7 +422,7 @@ pub fn environment_3_apps_3_routers_3_databases(
long_id: Uuid::new_v4(), long_id: Uuid::new_v4(),
name: "second-router".to_string(), name: "second-router".to_string(),
action: Action::Create, action: Action::Create,
default_domain: format!("{}.{}.{}", generate_id(), context.cluster_id(), test_domain), default_domain: format!("{}.{}.{}", generate_id(), context.cluster_id().to_string(), test_domain),
public_port: 443, public_port: 443,
custom_domains: vec![], custom_domains: vec![],
routes: vec![Route { routes: vec![Route {
@@ -1102,7 +1102,7 @@ pub fn test_db(
let database_password = generate_password(provider_kind.clone(), database_mode.clone()); let database_password = generate_password(provider_kind.clone(), database_mode.clone());
let db_kind_str = db_kind.name().to_string(); let db_kind_str = db_kind.name().to_string();
let db_id = generate_id(); let db_id = generate_id();
let database_host = format!("{}-{}", db_id, db_kind_str); let database_host = format!("{}-{}", db_id, db_kind_str.clone());
let database_fqdn = format!( let database_fqdn = format!(
"{}.{}.{}", "{}.{}.{}",
database_host, database_host,

43
tests/aws/aws_databases.rs
View File

@@ -14,7 +14,7 @@ use self::test_utilities::utilities::{
use qovery_engine::io_models::DatabaseMode::{CONTAINER, MANAGED}; use qovery_engine::io_models::DatabaseMode::{CONTAINER, MANAGED};
use qovery_engine::transaction::TransactionResult; use qovery_engine::transaction::TransactionResult;
use qovery_engine::utilities::to_short_id; use qovery_engine::utilities::to_short_id;
use test_utilities::common::{test_db, test_db_on_upgrade, Infrastructure}; use test_utilities::common::{test_db, Infrastructure};
/** /**
** **
@@ -664,39 +664,6 @@ fn test_mysql_configuration(version: &str, test_name: &str, database_mode: Datab
}) })
} }
#[allow(dead_code)]
fn test_mysql_configuration_on_upgrade(version: &str, test_name: &str, database_mode: DatabaseMode, is_public: bool) {
let secrets = FuncTestsSecrets::new();
let context = context(
secrets
.AWS_TEST_ORGANIZATION_ID
.as_ref()
.expect("AWS_TEST_ORGANIZATION_ID is not set")
.as_str(),
secrets
.AWS_TEST_CLUSTER_ID
.as_ref()
.expect("AWS_TEST_CLUSTER_ID is not set")
.as_str(),
);
let environment = test_utilities::common::database_test_environment_on_upgrade(&context);
engine_run_test(|| {
test_db_on_upgrade(
context,
logger(),
environment,
secrets,
version,
test_name,
DatabaseKind::Mysql,
Kind::Aws,
database_mode,
is_public,
)
})
}
// MySQL self-hosted environment // MySQL self-hosted environment
#[cfg(feature = "test-aws-self-hosted")] #[cfg(feature = "test-aws-self-hosted")]
#[named] #[named]
@@ -720,14 +687,6 @@ fn private_mysql_v8_deploy_a_working_dev_environment() {
test_mysql_configuration("8.0", function_name!(), CONTAINER, false); test_mysql_configuration("8.0", function_name!(), CONTAINER, false);
} }
#[cfg(feature = "test-aws-self-hosted")]
#[named]
#[test]
#[ignore]
fn private_mysql_v8_deploy_a_working_dev_environment_on_upgrade() {
test_mysql_configuration_on_upgrade("8.0", function_name!(), CONTAINER, false);
}
#[cfg(feature = "test-aws-self-hosted")] #[cfg(feature = "test-aws-self-hosted")]
#[named] #[named]
#[test] #[test]