search

wso2 / kubernetes-apim

Kubernetes and Helm resources for WSO2 API Manager
Apache License 2.0
112 stars 216 forks source link

Changing the default database credentials #525

Open cjose3 opened 2 years ago

cjose3 commented 2 years ago

Description: I'm trying to deploy the pattern 3 with an external postgres database but helm is failing to build control plane config maps.

According to the docs to change the data source to postgresql, the file deployment.toml needs to be updated with new DB credentials.

I've been trying to update this file by using the key wso2.deployment.am.cp.config, however I keep getting error converting YAML to JSON when trying to use a multiple config.

Error:

Error: UPGRADE FAILED: YAML parse error on am-pattern-3/templates/am/control-plane/instance-1/wso2am-pattern-3-am-control-plane-conf.yaml: error converting YAML to JSON: yaml: line 23: did not find expected key
helm.go:88: [debug] error converting YAML to JSON: yaml: line 23: did not find expected key

Also, I wouldn't like to have the credentials on my values.yaml file but instead have them as environment variables. According to docs, environment variables can be used on the deployment.toml file by using the syntax password="$env{<environment_variable_name>}", however, on the current chart is not possible adding extra environment variables to the control plane deployment.

Affected Product Version: 4.0.0-1

OS, DB, other environment details and versions:
OS: ubuntu 21.10 Helm: v3.7.1 K8s: 1.20

Steps to reproduce:

# values.yaml
wso2:
  deployment:
    dependencies:
      mysql: false
    am:
      # API Manager's Control Plane specific configurations
      cp:
        config:
          deployment.toml: |
            [server]
            hostname = "{{ .Values.wso2.deployment.am.cp.ingress.hostname }}"
            base_path = "${carbon.protocol}://${carbon.host}:${carbon.management.port}"
            #discard_empty_caches = false
            server_role = "control-plane"

Install the chart

helm upgrade --install $RELEASE_NAME wso2/am-pattern-3 \
  --version 4.0.0-1 \
  --namespace $NAMESPACE \
  --values values.yaml

Suggested solution: To solve the parsing issues, you could expand the whole config instead of looping over the key wso2.deployment.am.cp.config

 ....
  {{ if .Values.wso2.deployment.am.cp.config }}
data: {{ tpl .Values.wso2.deployment.am.cp.config . | nindent 2 }}
  {{ else }}
data:
  deployment.toml: |-
    [server]
   ....

Replacing this loop with the tpl function over the whole key wso2.deployment.am.cp.config, will allow using the option --set-file to define this value.

Related to the environment variables for the control plane deployment, maybe you could have and extra value such wso2.deployment.am.cp.envFrom

          {{- range .Values.wso2.deployment.am.cp.envFrom }}
            - {{ .ref }}Ref:
                name: {{ .name }}
          {{- end }}

This would allow to install the chart in this way :

# values.yaml
wso2:
  deployment:
    dependencies:
      mysql: false
    am:
      cp:
        envFrom:
          - ref: secret
            name: wso2-am-db-credentials
# control-plane-config.yaml
deployment.toml: |-
  [database.apim_db]
  type = "postgre"
  url = "jdbc:$env{WSO2AM_DB_HOST}"
  username = "$env{WSO2AM_DB_USERNAME}"
  password = "$env{WSO2AM_DB_PASSWORD}"
  driver = "org.postgresql.Driver"
helm upgrade --install $RELEASE_NAME wso2/am-pattern-3 \
  --version 4.0.0-1 \
  --namespace $NAMESPACE \
  --values values.yaml \
  --set-file wso2.deployment.am.cp.config=control-plane-config.yaml

I can submit a PR with these changes if needed. Please let me know what do you think about this suggestion or if there is other way to achieve changing the DB credentials :)

Thank you!!