projects
/
osm
/
devops.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Add secret-management in Charmed OSM
[osm/devops.git]
/
installers
/
charm
/
mysqld-exporter
/
src
/
charm.py
diff --git
a/installers/charm/mysqld-exporter/src/charm.py
b/installers/charm/mysqld-exporter/src/charm.py
index
a0015cc
..
6aeea5d
100755
(executable)
--- a/
installers/charm/mysqld-exporter/src/charm.py
+++ b/
installers/charm/mysqld-exporter/src/charm.py
@@
-36,6
+36,7
@@
from opslib.osm.interfaces.prometheus import PrometheusScrapeTarget
from opslib.osm.pod import (
ContainerV3Builder,
IngressResourceV3Builder,
from opslib.osm.pod import (
ContainerV3Builder,
IngressResourceV3Builder,
+ PodRestartPolicy,
PodSpecV3Builder,
)
from opslib.osm.validator import ModelValidator, validator
PodSpecV3Builder,
)
from opslib.osm.validator import ModelValidator, validator
@@
-182,9
+183,22
@@
class MysqlExporterCharm(CharmedOsmBase):
# Check relations
self._check_missing_dependencies(config)
# Check relations
self._check_missing_dependencies(config)
+ data_source = (
+ config.mysql_uri.replace("mysql://", "").split("/")[0]
+ if config.mysql_uri
+ else f"root:{self.mysql_client.root_password}@{self.mysql_client.host}:{self.mysql_client.port}"
+ )
+
# Create Builder for the PodSpec
pod_spec_builder = PodSpecV3Builder()
# Create Builder for the PodSpec
pod_spec_builder = PodSpecV3Builder()
+ # Add secrets to the pod
+ mysql_secret_name = f"{self.app.name}-mysql-secret"
+ pod_spec_builder.add_secret(
+ mysql_secret_name,
+ {"data_source": data_source},
+ )
+
# Build container
container_builder = ContainerV3Builder(
self.app.name, image_info, config.image_pull_policy
# Build container
container_builder = ContainerV3Builder(
self.app.name, image_info, config.image_pull_policy
@@
-206,23
+220,20
@@
class MysqlExporterCharm(CharmedOsmBase):
timeout_seconds=30,
failure_threshold=10,
)
timeout_seconds=30,
failure_threshold=10,
)
-
- data_source = (
- config.mysql_uri.replace("mysql://", "").split("/")[0]
- if config.mysql_uri
- else f"root:{self.mysql_client.root_password}@{self.mysql_client.host}:{self.mysql_client.port}"
+ container_builder.add_secret_envs(
+ mysql_secret_name, {"DATA_SOURCE_NAME": "data_source"}
)
)
- container_builder.add_envs(
- {
- "DATA_SOURCE_NAME": data_source,
- }
- )
container = container_builder.build()
# Add container to PodSpec
pod_spec_builder.add_container(container)
container = container_builder.build()
# Add container to PodSpec
pod_spec_builder.add_container(container)
+ # Add Pod restart policy
+ restart_policy = PodRestartPolicy()
+ restart_policy.add_secrets(secret_names=(mysql_secret_name))
+ pod_spec_builder.set_restart_policy(restart_policy)
+
# Add ingress resources to PodSpec if site url exists
if config.site_url:
parsed = urlparse(config.site_url)
# Add ingress resources to PodSpec if site url exists
if config.site_url:
parsed = urlparse(config.site_url)
@@
-252,8
+263,6
@@
class MysqlExporterCharm(CharmedOsmBase):
ingress_resource = ingress_resource_builder.build()
pod_spec_builder.add_ingress_resource(ingress_resource)
ingress_resource = ingress_resource_builder.build()
pod_spec_builder.add_ingress_resource(ingress_resource)
- logger.debug(pod_spec_builder.build())
-
return pod_spec_builder.build()
return pod_spec_builder.build()