From 303d5e3108be9ead7c5b3dd83e787fe7bd599cf9 Mon Sep 17 00:00:00 2001
From: Tin Lam <tin@irrational.io>
Date: Fri, 28 Aug 2020 12:39:10 -0500
Subject: [PATCH] fix(tls): addresses TLS issues with mariaDB exporter

This patch fixes following issues:

1. The existing envvar DATA_SOURCE_NAME overrides the setting specified
in the mysql_user.cnf file, ignore setting placed there;

2. Version 0.10 of the exporter does not support TLS, moving this to
minimally 0.11; and

3. Changed the host to the internal long name rather than the short
name.

Change-Id: I7259d23391ed31c423d74a8d9dc002e597adfb95
Signed-off-by: Tin Lam <tin@irrational.io>
---
 .../templates/monitoring/prometheus/exporter-deployment.yaml | 5 -----
 .../monitoring/prometheus/secrets/_exporter_user.cnf.tpl     | 3 +--
 mariadb/values.yaml                                          | 2 +-
 3 files changed, 2 insertions(+), 8 deletions(-)

diff --git a/mariadb/templates/monitoring/prometheus/exporter-deployment.yaml b/mariadb/templates/monitoring/prometheus/exporter-deployment.yaml
index 2bd4590d4..ad2382631 100644
--- a/mariadb/templates/monitoring/prometheus/exporter-deployment.yaml
+++ b/mariadb/templates/monitoring/prometheus/exporter-deployment.yaml
@@ -69,11 +69,6 @@ spec:
                 secretKeyRef:
                   name: mysql-exporter-secrets
                   key: EXPORTER_PASSWORD
-            - name: DATA_SOURCE_NAME
-              valueFrom:
-                secretKeyRef:
-                  name: mysql-exporter-secrets
-                  key: DATA_SOURCE_NAME
             - name: POD_IP
               valueFrom:
                 fieldRef:
diff --git a/mariadb/templates/monitoring/prometheus/secrets/_exporter_user.cnf.tpl b/mariadb/templates/monitoring/prometheus/secrets/_exporter_user.cnf.tpl
index cd31a6671..c86fc01f2 100644
--- a/mariadb/templates/monitoring/prometheus/secrets/_exporter_user.cnf.tpl
+++ b/mariadb/templates/monitoring/prometheus/secrets/_exporter_user.cnf.tpl
@@ -15,11 +15,10 @@ limitations under the License.
 [client]
 user = {{ .Values.endpoints.oslo_db.auth.exporter.username }}
 password = {{ .Values.endpoints.oslo_db.auth.exporter.password }}
-host = {{ tuple "oslo_db" "direct" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
+host = {{ tuple "oslo_db" "internal" . | include "helm-toolkit.endpoints.hostname_fqdn_endpoint_lookup" }}
 port = {{ tuple "oslo_db" "direct" "mysql" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
 {{- if .Values.manifests.certificates }}
 ssl-ca = /etc/mysql/certs/ca.crt
 ssl-key = /etc/mysql/certs/tls.key
 ssl-cert = /etc/mysql/certs/tls.crt
 {{- end }}
-
diff --git a/mariadb/values.yaml b/mariadb/values.yaml
index 6c17bf5e3..c19987a18 100644
--- a/mariadb/values.yaml
+++ b/mariadb/values.yaml
@@ -24,7 +24,7 @@ images:
     ingress: quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.9.0
     error_pages: gcr.io/google_containers/defaultbackend:1.4
     prometheus_create_mysql_user: docker.io/mariadb:10.2.31
-    prometheus_mysql_exporter: docker.io/prom/mysqld-exporter:v0.10.0
+    prometheus_mysql_exporter: docker.io/prom/mysqld-exporter:v0.11.0
     prometheus_mysql_exporter_helm_tests: docker.io/openstackhelm/heat:newton-ubuntu_xenial
     dep_check: quay.io/airshipit/kubernetes-entrypoint:v1.0.0
     image_repo_sync: docker.io/docker:17.07.0