diff --git a/.k8s/__tests__/__snapshots__/kosko generate --env dev.ts.snap b/.k8s/__tests__/__snapshots__/kosko generate --env dev.ts.snap index 0cf0314b..c5fed766 100644 --- a/.k8s/__tests__/__snapshots__/kosko generate --env dev.ts.snap +++ b/.k8s/__tests__/__snapshots__/kosko generate --env dev.ts.snap @@ -99,14 +99,14 @@ spec: periodSeconds: 5 envFrom: - secretRef: - name: azure-pg-user-0123456 + name: azure-pg-user-master-dev42 initContainers: - env: - name: WAIT_FOR_RETRIES value: '24' envFrom: - secretRef: - name: azure-pg-user-0123456 + name: azure-pg-user-master-dev42 image: ghcr.io/socialgouv/docker/wait-for-postgres:6.32.2 imagePullPolicy: Always name: wait-for-postgres @@ -468,7 +468,7 @@ spec: periodSeconds: 5 envFrom: - secretRef: - name: azure-pg-user-0123456 + name: azure-pg-user-master-dev42 - secretRef: name: hasura-sealed-secret - configMapRef: @@ -479,7 +479,7 @@ spec: value: '24' envFrom: - secretRef: - name: azure-pg-user-0123456 + name: azure-pg-user-master-dev42 image: ghcr.io/socialgouv/docker/wait-for-postgres:6.32.2 imagePullPolicy: Always name: wait-for-postgres @@ -632,11 +632,11 @@ spec: - create-db-user env: - name: NEW_DB_NAME - value: autodevops_0123456 + value: autodevops_master-dev42 - name: NEW_USER - value: user_0123456 + value: user_master-dev42 - name: NEW_PASSWORD - value: password_0123456 + value: password_master-dev42 - name: NEW_DB_EXTENSIONS value: hstore pgcrypto citext uuid-ossp envFrom: @@ -681,18 +681,18 @@ apiVersion: v1 kind: Secret stringData: DATABASE_URL: >- - postgresql://user_0123456%40samplenextappdevserver.postgres.database.azure.com:password_0123456@samplenextappdevserver.postgres.database.azure.com/autodevops_0123456?sslmode=require + postgresql://user_master-dev42%40samplenextappdevserver.postgres.database.azure.com:password_master-dev42@samplenextappdevserver.postgres.database.azure.com/autodevops_master-dev42?sslmode=require DB_URI: >- - postgresql://user_0123456%40samplenextappdevserver.postgres.database.azure.com:password_0123456@samplenextappdevserver.postgres.database.azure.com/autodevops_0123456?sslmode=require + postgresql://user_master-dev42%40samplenextappdevserver.postgres.database.azure.com:password_master-dev42@samplenextappdevserver.postgres.database.azure.com/autodevops_master-dev42?sslmode=require HASURA_GRAPHQL_DATABASE_URL: >- - postgresql://user_0123456%40samplenextappdevserver.postgres.database.azure.com:password_0123456@samplenextappdevserver.postgres.database.azure.com/autodevops_0123456?sslmode=require - PGDATABASE: autodevops_0123456 + postgresql://user_master-dev42%40samplenextappdevserver.postgres.database.azure.com:password_master-dev42@samplenextappdevserver.postgres.database.azure.com/autodevops_master-dev42?sslmode=require + PGDATABASE: autodevops_master-dev42 PGHOST: samplenextappdevserver.postgres.database.azure.com - PGPASSWORD: password_0123456 + PGPASSWORD: password_master-dev42 PGRST_DB_URI: >- - postgresql://user_0123456%40samplenextappdevserver.postgres.database.azure.com:password_0123456@samplenextappdevserver.postgres.database.azure.com/autodevops_0123456?sslmode=require + postgresql://user_master-dev42%40samplenextappdevserver.postgres.database.azure.com:password_master-dev42@samplenextappdevserver.postgres.database.azure.com/autodevops_master-dev42?sslmode=require PGSSLMODE: require - PGUSER: user_0123456@samplenextappdevserver.postgres.database.azure.com + PGUSER: user_master-dev42@samplenextappdevserver.postgres.database.azure.com metadata: annotations: app.gitlab.com/app: socialgouv-sample-next-app @@ -703,7 +703,7 @@ metadata: owner: sample-next-app team: sample-next-app cert: wildcard - name: azure-pg-user-0123456 + name: azure-pg-user-master-dev42 namespace: sample-next-app-85-master-dev2 --- apiVersion: bitnami.com/v1alpha1 diff --git a/.k8s/components/pg.ts b/.k8s/components/pg.ts index 8935f936..cc65ddb2 100644 --- a/.k8s/components/pg.ts +++ b/.k8s/components/pg.ts @@ -1,32 +1,6 @@ import env from "@kosko/env"; -import type { SealedSecret } from "@kubernetes-models/sealed-secrets/bitnami.com/v1alpha1/SealedSecret"; import { create } from "@socialgouv/kosko-charts/components/azure-pg"; -import environments from "@socialgouv/kosko-charts/environments"; -import { loadYaml } from "@socialgouv/kosko-charts/utils/getEnvironmentComponent"; -import { updateMetadata } from "@socialgouv/kosko-charts/utils/updateMetadata"; -export default async (): Promise<{ kind: string }[]> => { - if (env.env === "dev") { - return create({ - env, - }); - } - - // in prod/preprod, we try to add a fixed sealed-secret - const secret = await loadYaml( - env, - `pg-user.sealed-secret.yaml` - ); - if (!secret) { - return []; - } - - const envParams = environments(process.env); - // add gitlab annotations - updateMetadata(secret, { - annotations: envParams.metadata.annotations ?? {}, - labels: envParams.metadata.labels ?? {}, - namespace: envParams.metadata.namespace, - }); - return [secret]; -}; +export default create("pg-user", { + env, +}); diff --git a/.k8s/package.json b/.k8s/package.json index bc5d6f85..784ede69 100644 --- a/.k8s/package.json +++ b/.k8s/package.json @@ -9,7 +9,7 @@ "dependencies": { "@kosko/env": "^2.0.1", "@kubernetes-models/sealed-secrets": "^1.6.3", - "@socialgouv/kosko-charts": "^8.0.3", + "@socialgouv/kosko-charts": "^9.0.0", "@types/node": "^16.3.3", "kosko": "^1.1.5", "kubernetes-models": "^1.7.1", diff --git a/.k8s/yarn.lock b/.k8s/yarn.lock index b5182e30..a5df005f 100644 --- a/.k8s/yarn.lock +++ b/.k8s/yarn.lock @@ -665,10 +665,10 @@ dependencies: "@sinonjs/commons" "^1.7.0" -"@socialgouv/kosko-charts@^8.0.3": - version "8.0.3" - resolved "https://registry.yarnpkg.com/@socialgouv/kosko-charts/-/kosko-charts-8.0.3.tgz#88f0ad191f7a4fa6afa8ea7a386d00227cd2dc55" - integrity sha512-Y03WwquJlxQEhr3b9hFErdI7H98/SnExo2qSfWY0pD/jkwtriLJKu12Hp9hUick5QH7uGrDi21px1QwJisTlDg== +"@socialgouv/kosko-charts@^9.0.0": + version "9.0.0" + resolved "https://registry.yarnpkg.com/@socialgouv/kosko-charts/-/kosko-charts-9.0.0.tgz#e7debb5f6da36e7d71c71d61e0e646a2006447e1" + integrity sha512-lT2TXHA0fQmbyKMZOGBZ/fFkiBJ5TKVWbZUL4+/54g7R74sNb5jVR2/VD1N9p815jpT/qipTR3kb++nt32HENw== dependencies: "@kubernetes-models/sealed-secrets" "^1.6.3" "@sindresorhus/is" "^4.0.1"