storage: Adapt secret helper fn to instrospect *Ref keys for secrets
If found, they also get inlined in the deployment.
Expectedly, this fixes the current swh cassandra production storage deployment.
make swh-helm-diff
[swh] Generate config in production branch for environment staging, namespace swh...
[swh] Generate config in production branch for environment staging, namespace swh-cassandra...
[swh] Generate config in production branch for environment staging, namespace swh-cassandra-next-version...
Switched to branch 'staging'
Your branch is ahead of 'origin/staging' by 1 commit.
(use "git push" to publish your local commits)
[swh] Generate config in staging branch for environment staging...
[swh] Generate config in staging branch for environment staging...
Error: execution error at (swh/templates/storage/deployment.yaml:48:15): _helpers.tpl:swh.secrets.environment: Definition <objstorageConfigurationRef> not found
Use --debug flag to render out invalid YAML
make: *** [Makefile:31: swh-helm-diff] Error 1
swh-3.10.9 tony yavin4 ~ work swh sysadm-environment swh-charts staging 1⬆ 5⚑ USAGE % make swh-helm-diff
./swh/helm-diff.sh
[swh] Comparing changes between branches production and staging (per environment)...
Switched to branch 'production'
Your branch is up to date with 'origin/production'.
[swh] Generate config in production branch for environment staging, namespace swh...
[swh] Generate config in production branch for environment staging, namespace swh-cassandra...
[swh] Generate config in production branch for environment staging, namespace swh-cassandra-next-version...
Switched to branch 'staging'
Your branch is ahead of 'origin/staging' by 1 commit.
(use "git push" to publish your local commits)
[swh] Generate config in staging branch for environment staging...
[swh] Generate config in staging branch for environment staging...
[swh] Generate config in staging branch for environment staging...
Switched to branch 'production'
Your branch is up to date with 'origin/production'.
[swh] Generate config in production branch for environment production, namespace swh...
[swh] Generate config in production branch for environment production, namespace swh-cassandra...
[swh] Generate config in production branch for environment production, namespace swh-cassandra-next-version...
Switched to branch 'staging'
Your branch is ahead of 'origin/staging' by 1 commit.
(use "git push" to publish your local commits)
[swh] Generate config in staging branch for environment production...
[swh] Generate config in staging branch for environment production...
[swh] Generate config in staging branch for environment production...
------------- diff for environment staging namespace swh -------------
No differences
------------- diff for environment staging namespace swh-cassandra -------------
No differences
------------- diff for environment staging namespace swh-cassandra-next-version -------------
No differences
------------- diff for environment production namespace swh -------------
No differences
------------- diff for environment production namespace swh-cassandra -------------
--- /tmp/swh-chart.swh.8x2SQmdR/production-swh-cassandra.before 2023-11-22 10:32:59.223046009 +0100
+++ /tmp/swh-chart.swh.8x2SQmdR/production-swh-cassandra.after 2023-11-22 10:32:59.639045403 +0100
@@ -13908,20 +13908,244 @@
image: debian:bullseye
imagePullPolicy: IfNotPresent
command:
- /bin/bash
args:
- -c
- eval echo "\"$(</etc/swh/configuration-template/config.yml.template)\"" > /etc/swh/config.yml
env:
+ - name: 0_ACCOUNT_NAME
+ valueFrom:
+ secretKeyRef:
+ name: swh-cassandra-objstorage-config
+ key: 0_account_name
+ # 'name' secret must exist & include that ^ key
+ optional: false
+ - name: 0_API_SECRET_KEY
+ valueFrom:
+ secretKeyRef:
+ name: swh-cassandra-objstorage-config
+ key: 0_api_secret_key
+ # 'name' secret must exist & include that ^ key
+ optional: false
+ - name: 10_ACCOUNT_NAME
+ valueFrom:
+ secretKeyRef:
+ name: swh-cassandra-objstorage-config
+ key: 10_account_name
+ # 'name' secret must exist & include that ^ key
+ optional: false
+ - name: 10_API_SECRET_KEY
+ valueFrom:
+ secretKeyRef:
+ name: swh-cassandra-objstorage-config
+ key: 10_api_secret_key
+ # 'name' secret must exist & include that ^ key
+ optional: false
+ - name: 11_ACCOUNT_NAME
+ valueFrom:
+ secretKeyRef:
+ name: swh-cassandra-objstorage-config
+ key: 11_account_name
+ # 'name' secret must exist & include that ^ key
+ optional: false
+ - name: 11_API_SECRET_KEY
+ valueFrom:
+ secretKeyRef:
+ name: swh-cassandra-objstorage-config
+ key: 11_api_secret_key
+ # 'name' secret must exist & include that ^ key
+ optional: false
+ - name: 12_ACCOUNT_NAME
+ valueFrom:
+ secretKeyRef:
+ name: swh-cassandra-objstorage-config
+ key: 12_account_name
+ # 'name' secret must exist & include that ^ key
+ optional: false
+ - name: 12_API_SECRET_KEY
+ valueFrom:
+ secretKeyRef:
+ name: swh-cassandra-objstorage-config
+ key: 12_api_secret_key
+ # 'name' secret must exist & include that ^ key
+ optional: false
+ - name: 13_ACCOUNT_NAME
+ valueFrom:
+ secretKeyRef:
+ name: swh-cassandra-objstorage-config
+ key: 13_account_name
+ # 'name' secret must exist & include that ^ key
+ optional: false
+ - name: 13_API_SECRET_KEY
+ valueFrom:
+ secretKeyRef:
+ name: swh-cassandra-objstorage-config
+ key: 13_api_secret_key
+ # 'name' secret must exist & include that ^ key
+ optional: false
+ - name: 14_ACCOUNT_NAME
+ valueFrom:
+ secretKeyRef:
+ name: swh-cassandra-objstorage-config
+ key: 14_account_name
+ # 'name' secret must exist & include that ^ key
+ optional: false
+ - name: 14_API_SECRET_KEY
+ valueFrom:
+ secretKeyRef:
+ name: swh-cassandra-objstorage-config
+ key: 14_api_secret_key
+ # 'name' secret must exist & include that ^ key
+ optional: false
+ - name: 15_ACCOUNT_NAME
+ valueFrom:
+ secretKeyRef:
+ name: swh-cassandra-objstorage-config
+ key: 15_account_name
+ # 'name' secret must exist & include that ^ key
+ optional: false
+ - name: 15_API_SECRET_KEY
+ valueFrom:
+ secretKeyRef:
+ name: swh-cassandra-objstorage-config
+ key: 15_api_secret_key
+ # 'name' secret must exist & include that ^ key
+ optional: false
+ - name: 1_ACCOUNT_NAME
+ valueFrom:
+ secretKeyRef:
+ name: swh-cassandra-objstorage-config
+ key: 1_account_name
+ # 'name' secret must exist & include that ^ key
+ optional: false
+ - name: 1_API_SECRET_KEY
+ valueFrom:
+ secretKeyRef:
+ name: swh-cassandra-objstorage-config
+ key: 1_api_secret_key
+ # 'name' secret must exist & include that ^ key
+ optional: false
+ - name: 2_ACCOUNT_NAME
+ valueFrom:
+ secretKeyRef:
+ name: swh-cassandra-objstorage-config
+ key: 2_account_name
+ # 'name' secret must exist & include that ^ key
+ optional: false
+ - name: 2_API_SECRET_KEY
+ valueFrom:
+ secretKeyRef:
+ name: swh-cassandra-objstorage-config
+ key: 2_api_secret_key
+ # 'name' secret must exist & include that ^ key
+ optional: false
+ - name: 3_ACCOUNT_NAME
+ valueFrom:
+ secretKeyRef:
+ name: swh-cassandra-objstorage-config
+ key: 3_account_name
+ # 'name' secret must exist & include that ^ key
+ optional: false
+ - name: 3_API_SECRET_KEY
+ valueFrom:
+ secretKeyRef:
+ name: swh-cassandra-objstorage-config
+ key: 3_api_secret_key
+ # 'name' secret must exist & include that ^ key
+ optional: false
+ - name: 4_ACCOUNT_NAME
+ valueFrom:
+ secretKeyRef:
+ name: swh-cassandra-objstorage-config
+ key: 4_account_name
+ # 'name' secret must exist & include that ^ key
+ optional: false
+ - name: 4_API_SECRET_KEY
+ valueFrom:
+ secretKeyRef:
+ name: swh-cassandra-objstorage-config
+ key: 4_api_secret_key
+ # 'name' secret must exist & include that ^ key
+ optional: false
+ - name: 5_ACCOUNT_NAME
+ valueFrom:
+ secretKeyRef:
+ name: swh-cassandra-objstorage-config
+ key: 5_account_name
+ # 'name' secret must exist & include that ^ key
+ optional: false
+ - name: 5_API_SECRET_KEY
+ valueFrom:
+ secretKeyRef:
+ name: swh-cassandra-objstorage-config
+ key: 5_api_secret_key
+ # 'name' secret must exist & include that ^ key
+ optional: false
+ - name: 6_ACCOUNT_NAME
+ valueFrom:
+ secretKeyRef:
+ name: swh-cassandra-objstorage-config
+ key: 6_account_name
+ # 'name' secret must exist & include that ^ key
+ optional: false
+ - name: 6_API_SECRET_KEY
+ valueFrom:
+ secretKeyRef:
+ name: swh-cassandra-objstorage-config
+ key: 6_api_secret_key
+ # 'name' secret must exist & include that ^ key
+ optional: false
+ - name: 7_ACCOUNT_NAME
+ valueFrom:
+ secretKeyRef:
+ name: swh-cassandra-objstorage-config
+ key: 7_account_name
+ # 'name' secret must exist & include that ^ key
+ optional: false
+ - name: 7_API_SECRET_KEY
+ valueFrom:
+ secretKeyRef:
+ name: swh-cassandra-objstorage-config
+ key: 7_api_secret_key
+ # 'name' secret must exist & include that ^ key
+ optional: false
+ - name: 8_ACCOUNT_NAME
+ valueFrom:
+ secretKeyRef:
+ name: swh-cassandra-objstorage-config
+ key: 8_account_name
+ # 'name' secret must exist & include that ^ key
+ optional: false
+ - name: 8_API_SECRET_KEY
+ valueFrom:
+ secretKeyRef:
+ name: swh-cassandra-objstorage-config
+ key: 8_api_secret_key
+ # 'name' secret must exist & include that ^ key
+ optional: false
+ - name: 9_ACCOUNT_NAME
+ valueFrom:
+ secretKeyRef:
+ name: swh-cassandra-objstorage-config
+ key: 9_account_name
+ # 'name' secret must exist & include that ^ key
+ optional: false
+ - name: 9_API_SECRET_KEY
+ valueFrom:
+ secretKeyRef:
+ name: swh-cassandra-objstorage-config
+ key: 9_api_secret_key
+ # 'name' secret must exist & include that ^ key
+ optional: false
- name: CASSANDRA_PASSWORD
valueFrom:
secretKeyRef:
name: common-secrets
key: cassandra-swh-rw-password
# 'name' secret must exist & include that ^ key
optional: false
volumeMounts:
- name: configuration
mountPath: /etc/swh