From 3dfe5b4a69ac7ea6b45ef2c4791bcbaa13e919c7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9bastien=20Huss?= Date: Wed, 29 May 2024 15:34:59 +0200 Subject: [PATCH] fix --- apps/dbgate/index.yaml | 4 +-- apps/dbgate/template.rhai | 59 ++++++++++++++++++++++++++++++++++++++ apps/wordpress/database.tf | 16 +++++++++++ 3 files changed, 77 insertions(+), 2 deletions(-) create mode 100644 apps/dbgate/template.rhai diff --git a/apps/dbgate/index.yaml b/apps/dbgate/index.yaml index 3bd5424..3469f6e 100644 --- a/apps/dbgate/index.yaml +++ b/apps/dbgate/index.yaml @@ -12,9 +12,9 @@ options: - dev type: string domain: - default: your-company + default: media examples: - - your-company + - media type: string domain_name: default: your_company.com diff --git a/apps/dbgate/template.rhai b/apps/dbgate/template.rhai new file mode 100644 index 0000000..26de1d3 --- /dev/null +++ b/apps/dbgate/template.rhai @@ -0,0 +1,59 @@ +const DEST=dest; +const DOMAIN = config.domain; +fn post_template() { + let nss = list_namespace().items.filter(|ns| ns.metadata.name.starts_with(global::DOMAIN)).map(|ns| ns.metadata.name); + let pgs = []; + let rediss = []; + let mongos = []; + let marias = []; + for ns in nss { + let svcs = list_service(ns).items; + let secrets = list_secret(ns).items; + for svc in svcs { + if svc.metadata.name.ends_with("-pg-rw") { + let basename = svc.metadata.name-"-pg-rw"; + let pg_secrets = secrets.filter(|s| s.metadata.name == `${basename}-pg-app`); + if pg_secrets.len>0 && basename.split("-").len>1 { + let tmp = (basename-"-dataset").split("-"); + let comp = tmp[tmp.len-1]; + log_info(`Found a PG database ${svc.metadata.namespace} ${basename}`); + pgs += #{ + name: `${basename}-pg`, + dbname: comp, + username: comp, + namespace: svc.metadata.namespace, + secret: #{ + name: `${basename}-pg-app`, + key: "password" + } + }; + } + } + if svc.metadata.name.ends_with("-mongo-svc") { + let basename = svc.metadata.name-"-mongo-svc"; + let mongo_secrets = secrets.filter(|s| s.metadata.name == `${basename}-mongo`); + if mongo_secrets.len>0 && basename.split("-").len>1 { + let tmp = (basename-"-dataset").split("-"); + let comp = tmp[tmp.len-1]; + log_info(`Found a MongoDB database ${svc.metadata.namespace} ${basename}`); + mongos += #{ + name: `${basename}-mongo`, + dbname: comp, + username: comp, + namespace: svc.metadata.namespace, + secret: #{ + name: `${basename}-mongo`, + key: "password" + } + }; + } + } + } + } + save_to_tf(`${global::DEST}/detected.tf`, "detected", #{ + pgs: pgs, + mongos: mongos, + rediss: rediss, + marias: marias + }); +} diff --git a/apps/wordpress/database.tf b/apps/wordpress/database.tf index 3329b49..9cfc5dd 100644 --- a/apps/wordpress/database.tf +++ b/apps/wordpress/database.tf @@ -11,6 +11,7 @@ locals { mysql_username = "root" mysql_password = random_password.mysql_root_pass.result } + resource "kubectl_manifest" "mysql_root_pass" { yaml_body = <<-EOF apiVersion: v1 @@ -62,6 +63,21 @@ resource "mysql_user" "component" { host = "%" plaintext_password = random_password.mysql_comp_pass.result } + +resource "kubectl_manifest" "app_db_pass" { + yaml_body = <<-EOF + apiVersion: v1 + kind: Secret + metadata: + name: "${var.instance}-${var.component}-mysql-app" + labels: ${jsonencode(local.secret_labels)} + namespace: ${var.namespace} + stringData: + username: "${var.component}" + password: "${random_password.mysql_comp_pass.result}" +EOF +} + resource "mysql_grant" "component" { user = mysql_user.component.user host = mysql_user.component.host