openstack-helm-infra/postgresql/templates/secret-rgw.yaml

{{/*
This manifest results in two secrets being created:
  1) Keystone "postgresql" secret, which is needed to access the cluster
     (remote or same cluster) for storing postgresql backups. If the
     cluster is remote, the auth_url would be non-null.
  2) Keystone "admin" secret, which is needed to create the "postgresql"
     keystone account mentioned above. This may not be needed if the
     account is in a remote cluster (auth_url is non-null in that case).
*/}}

{{- if .Values.conf.backup.remote_backup.enabled }}

{{- $envAll := . }}
{{- $userClass := "postgresql" }}
{{- $secretName := index $envAll.Values.secrets.identity $userClass }}
---
apiVersion: v1
kind: Secret
metadata:
  name: {{ $secretName }}
type: Opaque
data:
{{- $identityClass := index .Values.endpoints.identity.auth $userClass }}
{{- if $identityClass.auth_url }}
  OS_AUTH_URL: {{ $identityClass.auth_url | b64enc }}
{{- else }}
  OS_AUTH_URL: {{ tuple "identity" "internal" "api" $envAll | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup" | b64enc }}
{{- end }}
  OS_REGION_NAME: {{ $identityClass.region_name | b64enc }}
  OS_INTERFACE: {{ $identityClass.interface | default "internal" | b64enc }}
  OS_PROJECT_DOMAIN_NAME: {{ $identityClass.project_domain_name | b64enc }}
  OS_PROJECT_NAME: {{ $identityClass.project_name | b64enc }}
  OS_USER_DOMAIN_NAME: {{ $identityClass.user_domain_name | b64enc }}
  OS_USERNAME: {{ $identityClass.username | b64enc }}
  OS_PASSWORD: {{ $identityClass.password | b64enc }}
  OS_DEFAULT_DOMAIN: {{ $identityClass.default_domain_id | default "default" | b64enc }}
...
{{- if .Values.manifests.job_ks_user }}
{{- $userClass := "admin" }}
{{- $secretName := index $envAll.Values.secrets.identity $userClass }}
---
apiVersion: v1
kind: Secret
metadata:
  name: {{ $secretName }}
type: Opaque
data:
{{- $identityClass := index .Values.endpoints.identity.auth $userClass }}
{{- if $identityClass.auth_url }}
  OS_AUTH_URL: {{ $identityClass.auth_url | b64enc }}
{{- else }}
  OS_AUTH_URL: {{ tuple "identity" "internal" "api" $envAll | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup" | b64enc }}
{{- end }}
  OS_REGION_NAME: {{ $identityClass.region_name | b64enc }}
  OS_INTERFACE: {{ $identityClass.interface | default "internal" | b64enc }}
  OS_PROJECT_DOMAIN_NAME: {{ $identityClass.project_domain_name | b64enc }}
  OS_PROJECT_NAME: {{ $identityClass.project_name | b64enc }}
  OS_USER_DOMAIN_NAME: {{ $identityClass.user_domain_name | b64enc }}
  OS_USERNAME: {{ $identityClass.username | b64enc }}
  OS_PASSWORD: {{ $identityClass.password | b64enc }}
  OS_DEFAULT_DOMAIN: {{ $identityClass.default_domain_id | default "default" | b64enc }}
...
{{- end }}
{{- end }}