Merge pull request #1225 from porter-dev/main

merge cloudsql into production
porter-dev · Mar 12, 2024 · f3969b4 · f3969b4
2 parents 7a76832 + 09dae6a
commit f3969b4
Show file tree

Hide file tree

Showing 14 changed files with 35 additions and 11 deletions.
diff --git a/applications/job/templates/_helpers.tpl b/applications/job/templates/_helpers.tpl
@@ -68,3 +68,10 @@ Create the name of the service account to use
 {{- default "default" .Values.serviceAccount.name }}
 {{- end }}
 {{- end }}
+
+{{/*
+Name of the service account json secret to use with the CloudSQL proxuy
+*/}}
+{{- define "cloudsql.serviceAccountJSONSecret" -}}
+{{- default (printf "cloudsql-secret-%s" (include "docker-template.fullname" .)) .Values.cloudsql.serviceAccountJSONSecret }}
+{{- end }}
diff --git a/applications/job/templates/cloudsql-secret.yaml b/applications/job/templates/cloudsql-secret.yaml
@@ -1,8 +1,8 @@
-{{- if .Values.cloudsql.enabled -}}
+{{- if and .Values.cloudsql.enabled (eq .Values.cloudsql.serviceAccountJSONSecret "") -}}
 apiVersion: v1
 kind: Secret
 metadata:
-  name: "cloudsql-secret-{{ include "docker-template.fullname" . }}"
+  name: "{{ include "cloudsql.serviceAccountJSONSecret" . }}"
 type: Opaque
 stringData:
   service_account.json: {{ .Values.cloudsql.serviceAccountJSON | quote }}  

diff --git a/applications/job/templates/cronjob.yaml b/applications/job/templates/cronjob.yaml
@@ -198,7 +198,7 @@ spec:
           volumes:
             - name: "sidecar-volume-{{ include "docker-template.fullname" . }}"
               secret:
-                secretName: "cloudsql-secret-{{ include "docker-template.fullname" . }}"
+                secretName: "{{ include "cloudsql.serviceAccountJSONSecret" . }}"
           {{ end }}
           restartPolicy: Never
           shareProcessNamespace: true

diff --git a/applications/job/templates/hook-configmap.yaml b/applications/job/templates/hook-configmap.yaml
@@ -204,6 +204,6 @@ data:
           volumes:
             - name: "sidecar-volume-{{ include "docker-template.fullname" . }}"
               secret:
-                secretName: "cloudsql-secret-{{ include "docker-template.fullname" . }}"
+                secretName: "{{ include "cloudsql.serviceAccountJSONSecret" . }}"
           {{ end }}
 {{- end }}
diff --git a/applications/job/values.yaml b/applications/job/values.yaml
@@ -51,6 +51,7 @@ cloudsql:
   connectionName: ""
   dbPort: 5432
   serviceAccountJSON: ""
+  serviceAccountJSONSecret: ""
 
 # Set this for enabling DNS extensions over TCP
 # We enable this by default.

diff --git a/applications/web/templates/_helpers.tpl b/applications/web/templates/_helpers.tpl
@@ -68,3 +68,10 @@ Create the name of the service account to use
 {{- default "default" .Values.serviceAccount.name }}
 {{- end }}
 {{- end }}
+
+{{/*
+Name of the service account json secret to use with the CloudSQL proxuy
+*/}}
+{{- define "cloudsql.serviceAccountJSONSecret" -}}
+{{- default (printf "cloudsql-secret-%s" (include "docker-template.fullname" .)) .Values.cloudsql.serviceAccountJSONSecret }}
+{{- end }}
diff --git a/applications/web/templates/cloudsql-secret.yaml b/applications/web/templates/cloudsql-secret.yaml
@@ -1,8 +1,8 @@
-{{- if .Values.cloudsql.enabled -}}
+{{- if and .Values.cloudsql.enabled (eq .Values.cloudsql.serviceAccountJSONSecret "") -}}
 apiVersion: v1
 kind: Secret
 metadata:
-  name: "cloudsql-secret-{{ include "docker-template.fullname" . }}"
+  name: "{{ include "cloudsql.serviceAccountJSONSecret" . }}"
 type: Opaque
 stringData:
   service_account.json: {{ .Values.cloudsql.serviceAccountJSON | quote }}  

diff --git a/applications/web/templates/deployment-blue-green.yaml b/applications/web/templates/deployment-blue-green.yaml
@@ -284,7 +284,7 @@ spec:
         {{ if $.Values.cloudsql.enabled }}
         - name: "sidecar-volume-{{ include "docker-template.fullname" $ }}"
           secret:
-            secretName: "cloudsql-secret-{{ include "docker-template.fullname" $ }}"
+            secretName: "{{ include "cloudsql.serviceAccountJSONSecret" $ }}"
         {{ end }}
         {{ if $.Values.pvc.enabled }}
         - name: "{{ include "docker-template.fullname" . }}-storage"

diff --git a/applications/web/templates/deployment.yaml b/applications/web/templates/deployment.yaml
@@ -398,7 +398,7 @@ spec:
         {{ if .Values.cloudsql.enabled }}
         - name: "sidecar-volume-{{ include "docker-template.fullname" . }}"
           secret:
-            secretName: "cloudsql-secret-{{ include "docker-template.fullname" . }}"
+            secretName: "{{ include "cloudsql.serviceAccountJSONSecret" . }}"
         {{ end }}
         {{ if .Values.pvc.enabled }}
         - name: "{{ include "docker-template.fullname" . }}-storage"

diff --git a/applications/web/values.yaml b/applications/web/values.yaml
@@ -211,6 +211,7 @@ cloudsql:
   connectionName: ""
   dbPort: 5432
   serviceAccountJSON: ""
+  serviceAccountJSONSecret: ""
   additionalConnection:
     enabled: false
     dbPort: 5432

diff --git a/applications/worker/templates/_helpers.tpl b/applications/worker/templates/_helpers.tpl
@@ -61,3 +61,10 @@ Create the name of the service account to use
 {{- default "default" .Values.serviceAccount.name }}
 {{- end }}
 {{- end }}
+
+{{/*
+Name of the service account json secret to use with the CloudSQL proxuy
+*/}}
+{{- define "cloudsql.serviceAccountJSONSecret" -}}
+{{- default (printf "cloudsql-secret-%s" (include "docker-template.fullname" .)) .Values.cloudsql.serviceAccountJSONSecret }}
+{{- end }}
diff --git a/applications/worker/templates/cloudsql-secret.yaml b/applications/worker/templates/cloudsql-secret.yaml
@@ -1,8 +1,8 @@
-{{- if .Values.cloudsql.enabled -}}
+{{- if and .Values.cloudsql.enabled (eq .Values.cloudsql.serviceAccountJSONSecret "") -}}
 apiVersion: v1
 kind: Secret
 metadata:
-  name: "cloudsql-secret-{{ include "docker-template.fullname" . }}"
+  name: "{{ include "cloudsql.serviceAccountJSONSecret" . }}"
 type: Opaque
 stringData:
   service_account.json: {{ .Values.cloudsql.serviceAccountJSON | quote }}  

diff --git a/applications/worker/templates/deployment.yaml b/applications/worker/templates/deployment.yaml
@@ -321,7 +321,7 @@ spec:
         {{ if .Values.cloudsql.enabled }}
         - name: "sidecar-volume-{{ include "docker-template.fullname" . }}"
           secret:
-            secretName: "cloudsql-secret-{{ include "docker-template.fullname" . }}"
+            secretName: "{{ include "cloudsql.serviceAccountJSONSecret" . }}"
         {{ end }}
         {{ if .Values.pvc.enabled }}
         - name: "{{ include "docker-template.fullname" . }}-storage"

diff --git a/applications/worker/values.yaml b/applications/worker/values.yaml
@@ -121,6 +121,7 @@ cloudsql:
   connectionName: ""
   dbPort: 5432
   serviceAccountJSON: ""
+  serviceAccountJSONSecret: ""
 
 # Set this to add entries to the /etc/hosts file
 # Format: hostAliases: [{ip: <IP>, hostnames: [<HOSTNAME>,..]},..]