Use upstream secret helper for MariaDB password (#382)

charts/yourls/Chart.yaml

@@ -1,5 +1,5 @@
 apiVersion: v2
-version: 5.14.12
+version: 5.15.0
 name: yourls
 description: Your Own URL Shortener
 appVersion: "1.9.2"

charts/yourls/ci/ct-values.yaml → charts/yourls/ci/default-values.yaml

@@ -1,10 +1,10 @@
-service:
-  type: ClusterIP
-
 yourls:
   password: "test-yourls"
 
 mariadb:
   auth:
     rootPassword: "test-root"
     password: "test-user"
+
+service:
+  type: ClusterIP

charts/yourls/ci/ingress-wildcard-values.yaml

@@ -1,3 +1,11 @@
+yourls:
+  password: "test-yourls"
+
+mariadb:
+  auth:
+    rootPassword: "test-root"
+    password: "test-user"
+
 service:
   type: ClusterIP
 
@@ -7,11 +15,3 @@ ingress:
   extraHosts:
     - name: "*.domain.tld"
       path: /
-
-yourls:
-  password: "test-yourls"
-
-mariadb:
-  auth:
-    rootPassword: "test-root"
-    password: "test-user"

charts/yourls/ci/metrics-and-ingress-values.yaml

@@ -1,17 +1,17 @@
-ingress:
-  enabled: true
-  tls: true
-
-service:
-  type: ClusterIP
-
-metrics:
-  enabled: true
-
 yourls:
   password: "test-yourls"
 
 mariadb:
   auth:
     rootPassword: "test-root"
     password: "test-user"
+
+service:
+  type: ClusterIP
+
+ingress:
+  enabled: true
+  tls: true
+
+metrics:
+  enabled: true

charts/yourls/templates/NOTES.txt

@@ -30,9 +30,9 @@ To access your YOURLS site from outside the cluster follow the steps below:
 
 1. Get the YOURLS URL and associate YOURLS hostname to your cluster external IP:
 
-   export CLUSTER_IP=$(minikube ip) # On Minikube. Use: `kubectl cluster-info` on others K8s clusters
-   echo "YOURLS URL: http{{ if .Values.ingress.tls }}s{{ end }}://{{ .Values.ingress.hostname }}/"
-   echo "$CLUSTER_IP  {{ .Values.ingress.hostname }}" | sudo tee -a /etc/hosts
+    export CLUSTER_IP=$(minikube ip) # On Minikube. Use: `kubectl cluster-info` on others K8s clusters
+    echo "YOURLS URL: http{{ if .Values.ingress.tls }}s{{ end }}://{{ .Values.ingress.hostname }}/"
+    echo "$CLUSTER_IP  {{ .Values.ingress.hostname }}" | sudo tee -a /etc/hosts
 
 {{- else }}
 {{- $port := .Values.service.port | toString }}
@@ -41,25 +41,25 @@ To access your YOURLS site from outside the cluster follow the steps below:
 
 {{- if contains "NodePort" .Values.service.type }}
 
-   export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ template "common.names.fullname" . }})
-   export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}")
-   echo "YOURLS URL: http://$NODE_IP:$NODE_PORT/"
-   echo "YOURLS Admin URL: http://$NODE_IP:$NODE_PORT/admin"
+    export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ template "common.names.fullname" . }})
+    export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}")
+    echo "YOURLS URL: http://$NODE_IP:$NODE_PORT/"
+    echo "YOURLS Admin URL: http://$NODE_IP:$NODE_PORT/admin"
 
 {{- else if contains "LoadBalancer" .Values.service.type }}
 
   NOTE: It may take a few minutes for the LoadBalancer IP to be available.
         Watch the status with: 'kubectl get svc --namespace {{ .Release.Namespace }} -w {{ template "common.names.fullname" . }}'
 
-   export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ template "common.names.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}")
-   echo "YOURLS URL: http://$SERVICE_IP{{- if ne $port "80" }}:{{ .Values.service.port }}{{ end }}/"
-   echo "YOURLS Admin URL: http://$SERVICE_IP{{- if ne $port "80" }}:{{ .Values.service.port }}{{ end }}/admin"
+    export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ template "common.names.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}")
+    echo "YOURLS URL: http://$SERVICE_IP{{- if ne $port "80" }}:{{ .Values.service.port }}{{ end }}/"
+    echo "YOURLS Admin URL: http://$SERVICE_IP{{- if ne $port "80" }}:{{ .Values.service.port }}{{ end }}/admin"
 
 {{- else if contains "ClusterIP"  .Values.service.type }}
 
-   kubectl port-forward --namespace {{ .Release.Namespace }} svc/{{ template "common.names.fullname" . }} {{ .Values.service.port }}:{{ .Values.service.port }} &
-   echo "YOURLS URL: http://127.0.0.1{{- if ne $port "80" }}:{{ .Values.service.port }}{{ end }}/"
-   echo "YOURLS Admin URL: http://127.0.0.1{{- if ne $port "80" }}:{{ .Values.service.port }}{{ end }}/admin"
+    kubectl port-forward --namespace {{ .Release.Namespace }} svc/{{ template "common.names.fullname" . }} {{ .Values.service.port }}:{{ .Values.service.port }} &
+    echo "YOURLS URL: http://127.0.0.1{{- if ne $port "80" }}:{{ .Values.service.port }}{{ end }}/"
+    echo "YOURLS Admin URL: http://127.0.0.1{{- if ne $port "80" }}:{{ .Values.service.port }}{{ end }}/admin"
 
 {{- end }}
 {{- end }}
@@ -68,8 +68,8 @@ To access your YOURLS site from outside the cluster follow the steps below:
 
 3. Login with the following credentials below to see your app:
 
-  echo Username: $(kubectl get secret --namespace {{ .Release.Namespace }} {{ template "common.names.fullname" . }} -o jsonpath="{.data.username}" | base64 --decode)
-  echo Password: $(kubectl get secret --namespace {{ .Release.Namespace }} {{ template "common.names.fullname" . }} -o jsonpath="{.data.password}" | base64 --decode)
+    echo Username: $(kubectl get secret --namespace {{ .Release.Namespace }} {{ template "common.names.fullname" . }} -o jsonpath="{.data.username}" | base64 --decode)
+    echo Password: $(kubectl get secret --namespace {{ .Release.Namespace }} {{ template "common.names.fullname" . }} -o jsonpath="{.data.password}" | base64 --decode)
 
 {{- if .Values.metrics.enabled }}
 
@@ -91,14 +91,11 @@ You can access Apache Prometheus metrics following the steps below:
 {{- include "common.warnings.rollingTag" .Values.volumePermissions.image }}
 {{- $passwordValidationErrors := list -}}
 {{- if not .Values.yourls.existingSecret -}}
-    {{- $yourlsSecretName := include "yourls.secretName" . -}}
-    {{- $yourlsPassword := dict "valueKey" "yourls.password" "secret" $yourlsSecretName "field" "password" "context" $ -}}
-    {{- $yourlsPasswordValidationErrors := include "common.validations.values.single.empty" $yourlsPassword -}}
+    {{- $yourlsPasswordValidationErrors := include "common.validations.values.single.empty" (dict "valueKey" "yourls.password" "secret" (include "yourls.secretName" .) "field" "password" "context" $) -}}
     {{- $passwordValidationErrors = append $passwordValidationErrors $yourlsPasswordValidationErrors -}}
 {{- end }}
 {{- if .Values.mariadb.enabled }}
-    {{- $mariadbSecretName := include "yourls.databaseSecretName" . -}}
-    {{- $mariadbPasswordValidationErrors := include "common.validations.values.mariadb.passwords" (dict "secret" $mariadbSecretName "subchart" true "context" $) -}}
+    {{- $mariadbPasswordValidationErrors := include "common.validations.values.mariadb.passwords" (dict "secret" (include "yourls.databaseSecretName" .) "subchart" true "context" $) -}}
     {{- $passwordValidationErrors = append $passwordValidationErrors $mariadbPasswordValidationErrors -}}
 {{- end }}
 {{- include "common.errors.upgrade.passwords.empty" (dict "validationErrors" $passwordValidationErrors "context" $) -}}

charts/yourls/templates/_helpers.tpl

@@ -89,15 +89,9 @@ Return the MariaDB Secret Name
 */}}
 {{- define "yourls.databaseSecretName" -}}
 {{- if .Values.mariadb.enabled }}
-    {{- if .Values.mariadb.auth.existingSecret -}}
-        {{- printf "%s" .Values.mariadb.auth.existingSecret -}}
-    {{- else -}}
-        {{- printf "%s" (include "yourls.mariadb.fullname" .) -}}
-    {{- end -}}
-{{- else if .Values.externalDatabase.existingSecret -}}
-    {{- printf "%s" .Values.externalDatabase.existingSecret -}}
+    {{- include "mariadb.secretName" .Subcharts.mariadb -}}
 {{- else -}}
-    {{- printf "%s-externaldb" (include "common.names.fullname" .) -}}
+    {{- include "common.secrets.name" (dict "existingSecret" .Values.externalDatabase.existingSecret "defaultNameSuffix" "externaldb" "context" $) }}
 {{- end -}}
 {{- end -}}
 
@@ -136,12 +130,11 @@ Compile all warnings into a single message.
 {{- define "yourls.validateValues.database" -}}
 {{- if and (not .Values.mariadb.enabled) (or (empty .Values.externalDatabase.host) (empty .Values.externalDatabase.port) (empty .Values.externalDatabase.database)) -}}
 yourls: database
-   You disable the MariaDB installation but you did not provide the required parameters
-   to use an external database. To use an external database, please ensure you provide
-   (at least) the following values:
-
-       externalDatabase.host=DB_SERVER_HOST
-       externalDatabase.database=DB_NAME
-       externalDatabase.port=DB_SERVER_PORT
+    You disable the MariaDB installation but you did not provide the required parameters
+    to use an external database. To use an external database, please ensure you provide
+    (at least) the following values:
+        externalDatabase.host=DB_SERVER_HOST
+        externalDatabase.database=DB_NAME
+        externalDatabase.port=DB_SERVER_PORT
 {{- end -}}
 {{- end -}}