From 000623c734c864b7aa03678ac179a63ceecde2c7 Mon Sep 17 00:00:00 2001 From: Cole Arendt Date: Tue, 10 May 2022 06:28:37 -0400 Subject: [PATCH 1/2] allow uuid being created and managed by kubernetes We utilize Helm's `lookup` command to store a generated `uuid` in an "internal" secret in Kubernetes. This allows generating the `uuid`, making it persistent, and notifying the user (in `NOTES.txt`) that this auto-generation happened. We also tell the user how to disable the message by making that value persistent in values. close #39 --- couchdb/templates/NOTES.txt | 11 +++++++++++ couchdb/templates/_helpers.tpl | 22 +++++++++++++++++++--- couchdb/templates/secrets.yaml | 15 ++++++++++++++- 3 files changed, 44 insertions(+), 4 deletions(-) diff --git a/couchdb/templates/NOTES.txt b/couchdb/templates/NOTES.txt index a3658bd..fbff814 100644 --- a/couchdb/templates/NOTES.txt +++ b/couchdb/templates/NOTES.txt @@ -18,3 +18,14 @@ some required system databases: {{- end }} Then it's time to relax. + +{{- $uuidVar := index (.Values.couchdbConfig.couchdb | default dict) "uuid" -}} +{{- if (empty $uuidVar) }} +NOTE: You are using an auto-generated value for the Couch DB UUID + - We recommend making this value persistent by setting it in: `couchdbConfig.couchdb.uuid` + - Changing this value can cause problems for the Couch DB installation + - You can get the current value with: +``` +kubectl -n {{ $.Release.Namespace }} get secret {{ include "couchdb.fullname" . }}-internal --template='{{print "{{" }}index .data "uuid" | base64decode{{ print "}}" }}' +``` +{{- end }} diff --git a/couchdb/templates/_helpers.tpl b/couchdb/templates/_helpers.tpl index f9d013e..2101d16 100644 --- a/couchdb/templates/_helpers.tpl +++ b/couchdb/templates/_helpers.tpl @@ -74,8 +74,24 @@ If serviceAccount.name is specified, use that, else use the couchdb instance nam {{- end -}} {{/* -Fail if couchdbConfig.couchdb.uuid is undefined + If couchdb UUID value is undefined: + - if the configmap already exists, look it up + - if not found or "dangerRegenerateAutomatedValues" is set, generate it + - otherwise use the previous value + Otherwise use what is defined in the chart + + Also warn in NOTES.txt if this value is not persistent */}} {{- define "couchdb.uuid" -}} -{{- required "A value for couchdbConfig.couchdb.uuid must be set" (.Values.couchdbConfig.couchdb | default dict).uuid -}} -{{- end -}} \ No newline at end of file + {{- $uuidVar := index (.Values.couchdbConfig.couchdb | default dict) "uuid" -}} + {{- if (empty $uuidVar) }} + {{- $secretName := print (include "couchdb.fullname" .) "-internal" }} + {{- $currentSecret := lookup "v1" "Secret" $.Release.Namespace $secretName}} + {{- if and $currentSecret (not .Values.dangerRegenerateAutomatedValues ) }} + {{- $uuidVar = get $currentSecret.data "uuid" | b64dec }} + {{- else }} + {{- $uuidVar = uuidv4 -}} + {{- end }} + {{- end }} + {{- print $uuidVar -}} +{{- end -}} diff --git a/couchdb/templates/secrets.yaml b/couchdb/templates/secrets.yaml index 857543b..a543352 100644 --- a/couchdb/templates/secrets.yaml +++ b/couchdb/templates/secrets.yaml @@ -17,4 +17,17 @@ data: {{- if .Values.adminHash }} password.ini: {{ tpl (.Files.Get "password.ini") . | b64enc }} {{- end -}} -{{- end -}} +{{- end }} +--- +apiVersion: v1 +kind: Secret +metadata: + name: {{ template "couchdb.fullname" . }}-internal + labels: + app: {{ template "couchdb.fullname" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" +type: Opaque +data: + uuid: {{- include "couchdb.uuid" . }} From 83c986f8610586794a82d0eb4717a01caf0fa8dc Mon Sep 17 00:00:00 2001 From: Will Holley Date: Tue, 6 Dec 2022 07:07:03 +0000 Subject: [PATCH 2/2] Fix NOTES.txt syntax --- couchdb/templates/NOTES.txt | 2 ++ 1 file changed, 2 insertions(+) diff --git a/couchdb/templates/NOTES.txt b/couchdb/templates/NOTES.txt index 1c54d46..fe83430 100644 --- a/couchdb/templates/NOTES.txt +++ b/couchdb/templates/NOTES.txt @@ -27,6 +27,8 @@ NOTE: You are using an auto-generated value for the Couch DB UUID - You can get the current value with: ``` kubectl -n {{ $.Release.Namespace }} get secret {{ include "couchdb.fullname" . }}-internal --template='{{print "{{" }}index .data "uuid" | base64decode{{ print "}}" }}' +``` +{{- end }} {{- $erlangCookie := .Values.erlangFlags.setcookie }} {{- if (empty $erlangCookie) }}