use configmaps instead of secrets where possible

Author: gre9ory

hull-vidispine-addon/Chart.yaml

@@ -3,4 +3,4 @@ apiVersion: v1
 appVersion: "1.34"
 description: hull-vidispine-addon
 name: hull-vidispine-addon
-version: 1.34.2
+version: 1.34.3

hull-vidispine-addon/README.md

@@ -242,11 +242,11 @@ Some of the keys have a numerical prefix which guarantees the order of execution
 
 Besides the ability to specify the configuration for `hull-vidispine-addon` it is also possible to provide it in parts via external files stored in your Helm chart. The reason for this is mainly to reduce the overall size and improve readability of the `values.yaml`. Hereby it is possible to mix dictionary entries from `values.yaml` definitions with those defined in external files as shown next. Technically two different methods are provided for integrating configuration content from external files with a different scope of application and technical implications.  
 
-The first `installation.yaml merging` approach is suitable for providing larger configuration sections from external files, the external files content is merged at Helm chart rendering with that of the `values.yaml` to create the `installation.yaml` configuration. Hence the merged result of inline `values.yaml` and all files provided via this method will be viewable in the `installation.yaml` content of the `hull-install` secret. This is suitable for most cases where not too large files need to be managed such as UseCaseDefinitions or UseCaseConfigurations.
+The first `installation.yaml merging` approach is suitable for providing larger configuration sections from external files, the external files content is merged at Helm chart rendering with that of the `values.yaml` to create the `installation.yaml` configuration. Hence the merged result of inline `values.yaml` and all files provided via this method will be viewable in the `installation.yaml` content of the `hull-install` ConfigMap. This is suitable for most cases where not too large files need to be managed such as UseCaseDefinitions or UseCaseConfigurations.
 
-The second `installation.yaml reference` approach allows to place separate files into a dedicated folder of the parent's Helm Chart (`files/hull-vidispine-addon/installation/sources`) from which they are stored automatically into a secret which in turn is accessible for the `hull-install` and `hull-configure` job pods. Using the `readConfigFromFile` and `updateConfigValues` instructions available on the `entity` specification level the file contents can serve as the complete `config` content or can be mapped to JSON properties of the `config` field. Use this approach for rather large files (licenses, workflow definitions, ...). To better organize the external files sourced via the `installation.yaml reference` approach you can optionally put the files into direct subfolders of `files/hull-vidispine-addon/installation/sources`. The subfolder names need to be exclusively alphabetical letters in lowercase (eg. `workflows`, `rules`, `ucds`, ...) and when refering to such a file with a `path` directive, prefix the filename with the subfolder name and a `/` (eg. `workflows/mygreatworkflow.bpmn`, `ucds/watchfolder_ingest.json`, ...). Note that the maximum number of subfolders currently usable is limited to 20.
+The second `installation.yaml reference` approach allows to place separate files into a dedicated folder of the parent's Helm Chart (`files/hull-vidispine-addon/installation/sources`) from which they are stored automatically into a ConfigMap which in turn is accessible for the `hull-install` and `hull-configure` job pods. Using the `readConfigFromFile` and `updateConfigValues` instructions available on the `entity` specification level the file contents can serve as the complete `config` content or can be mapped to JSON properties of the `config` field. Use this approach for rather large files (licenses, workflow definitions, ...). To better organize the external files sourced via the `installation.yaml reference` approach you can optionally put the files into direct subfolders of `files/hull-vidispine-addon/installation/sources`. The subfolder names need to be exclusively alphabetical letters in lowercase or `-` (eg. `workflows`, `rules`, `extra-rules`, `ucds`, ...) and when refering to such a file with a `path` directive, prefix the filename with the subfolder name and a `/` (eg. `workflows/mygreatworkflow.bpmn`, `ucds/watchfolder_ingest.json`, ...). Note that the maximum number of subfolders currently usable is limited to 20.
 
-When choosing either one approach, care needs to be taken to not overstep the maximum size of the Helm Charts versioned manifest secrets. For each release, Helm collects the contents of the `values.yaml`, all template files contents and all other files contained in the Helm Chart. The sum of this information must not exceed 1.5 MB of data, otherwise installation via Helm will fail. Note that the `installation.yaml merging` approach will not create additional secrets in your cluster, however it duplicates the external files data uncompresed into `values.yaml`. Using the `installation.yaml reference` approach the contents of the files imported only exists once in the overall manifest (as the source files contents) so it can be crucial for larger file contents to import them the second way to stay within the size limits. If the overall size of files in the `files/hull-vidispine-addon/installation/sources` starts exceeding the 1.5 mb mark start organizing them in subfolders, for each subfolder a new secret is created with 1.5 mb capacity.
+When choosing either one approach, care needs to be taken to not overstep the maximum size of the Helm Charts versioned manifest secrets. For each release, Helm collects the contents of the `values.yaml`, all template files contents and all other files contained in the Helm Chart. The sum of this information must not exceed 1.5 MB of data, otherwise installation via Helm will fail. Note that the `installation.yaml merging` approach will not create additional ConfigMaps in your cluster, however it duplicates the external files data uncompresed into `values.yaml`. Using the `installation.yaml reference` approach the contents of the files imported only exists once in the overall manifest (as the source files contents) so it can be crucial for larger file contents to import them the second way to stay within the size limits. If the overall size of files in the `files/hull-vidispine-addon/installation/sources` starts exceeding the 1.5 mb mark start organizing them in subfolders, for each subfolder a new ConfigMap is created with 1.5 mb capacity.
 
 
 

hull-vidispine-addon/hull-vidispine-addon.yaml

@@ -27,7 +27,7 @@ hull:
             legacy:
               defaultServiceAccountIsHook: false
             runtime:
-              sourcesFolders: _HT/hull.vidispine.addon.sources.folder.secret.count
+              sourcesFolders: _HT/hull.vidispine.addon.sources.folder.configmap.count
           endpoints:
             10_vidicore:
               auth:
@@ -477,15 +477,6 @@ hull:
           helm.sh/hook-weight: "-10"
           helm.sh/hook-delete-policy: before-hook-creation
 
-    configmap:
-      
-      hull-database:
-        enabled: false
-        annotations:
-          helm.sh/hook: pre-install,pre-upgrade
-          helm.sh/hook-weight: "-15"
-          helm.sh/hook-delete-policy: before-hook-creation
-    
     secret:
 
       auth:
@@ -494,7 +485,7 @@ hull:
           helm.sh/hook-weight: "-100"
           helm.sh/hook-delete-policy: before-hook-creation
         data: _HT/hull.vidispine.addon.library.auth.secret.data
-
+    
       'custom-ca-certificates':
         enabled: _HT?(index . "$").Values.hull.config.general.data.installation.config.customCaCertificates
         annotations:
@@ -507,7 +498,8 @@ hull:
             {{ $key }}: { inline: {{ $value | quote }} },
             {{ end }}
           }
-      
+    configmap:
+    
       'custom-installation-files-setup':
         enabled: false
         annotations:
@@ -531,121 +523,121 @@ hull:
         sources:
         - custom-installation-files-setup
         - _HULL_OBJECT_TYPE_DEFAULT_
-        data: _HT/hull.vidispine.addon.sources.folder.secret:FOLDER_INDEX:1
+        data: _HT/hull.vidispine.addon.sources.folder.configmap:FOLDER_INDEX:1
       'custom-installation-files-2':
         enabled: _HT?ge (int (index . "$").Values.hull.config.general.data.installation.config.runtime.sourcesFolders) 2
         sources:
         - custom-installation-files-setup
         - _HULL_OBJECT_TYPE_DEFAULT_
-        data: _HT/hull.vidispine.addon.sources.folder.secret:FOLDER_INDEX:2
+        data: _HT/hull.vidispine.addon.sources.folder.configmap:FOLDER_INDEX:2
       'custom-installation-files-3':
         enabled: _HT?ge (int (index . "$").Values.hull.config.general.data.installation.config.runtime.sourcesFolders) 3
         sources:
         - custom-installation-files-setup
         - _HULL_OBJECT_TYPE_DEFAULT_
-        data: _HT/hull.vidispine.addon.sources.folder.secret:FOLDER_INDEX:3
+        data: _HT/hull.vidispine.addon.sources.folder.configmap:FOLDER_INDEX:3
       'custom-installation-files-4':
         enabled: _HT?ge (int (index . "$").Values.hull.config.general.data.installation.config.runtime.sourcesFolders) 4
         sources:
         - custom-installation-files-setup
         - _HULL_OBJECT_TYPE_DEFAULT_
-        data: _HT/hull.vidispine.addon.sources.folder.secret:FOLDER_INDEX:4
+        data: _HT/hull.vidispine.addon.sources.folder.configmap:FOLDER_INDEX:4
       'custom-installation-files-5':
         enabled: _HT?ge (int (index . "$").Values.hull.config.general.data.installation.config.runtime.sourcesFolders) 5
         sources:
         - custom-installation-files-setup
         - _HULL_OBJECT_TYPE_DEFAULT_
-        data: _HT/hull.vidispine.addon.sources.folder.secret:FOLDER_INDEX:5
+        data: _HT/hull.vidispine.addon.sources.folder.configmap:FOLDER_INDEX:5
       'custom-installation-files-6':
         enabled: _HT?ge (int (index . "$").Values.hull.config.general.data.installation.config.runtime.sourcesFolders) 6
         sources:
         - custom-installation-files-setup
         - _HULL_OBJECT_TYPE_DEFAULT_
-        data: _HT/hull.vidispine.addon.sources.folder.secret:FOLDER_INDEX:6
+        data: _HT/hull.vidispine.addon.sources.folder.configmap:FOLDER_INDEX:6
       'custom-installation-files-7':
         enabled: _HT?ge (int (index . "$").Values.hull.config.general.data.installation.config.runtime.sourcesFolders) 7
         sources:
         - custom-installation-files-setup
         - _HULL_OBJECT_TYPE_DEFAULT_
-        data: _HT/hull.vidispine.addon.sources.folder.secret:FOLDER_INDEX:7
+        data: _HT/hull.vidispine.addon.sources.folder.configmap:FOLDER_INDEX:7
       'custom-installation-files-8':
         enabled: _HT?ge (int (index . "$").Values.hull.config.general.data.installation.config.runtime.sourcesFolders) 8
         sources:
         - custom-installation-files-setup
         - _HULL_OBJECT_TYPE_DEFAULT_
-        data: _HT/hull.vidispine.addon.sources.folder.secret:FOLDER_INDEX:8
+        data: _HT/hull.vidispine.addon.sources.folder.configmap:FOLDER_INDEX:8
       'custom-installation-files-9':
         enabled: _HT?ge (int (index . "$").Values.hull.config.general.data.installation.config.runtime.sourcesFolders) 9
         sources:
         - custom-installation-files-setup
         - _HULL_OBJECT_TYPE_DEFAULT_
-        data: _HT/hull.vidispine.addon.sources.folder.secret:FOLDER_INDEX:9
+        data: _HT/hull.vidispine.addon.sources.folder.configmap:FOLDER_INDEX:9
       'custom-installation-files-10':
         enabled: _HT?ge (int (index . "$").Values.hull.config.general.data.installation.config.runtime.sourcesFolders) 10
         sources:
         - custom-installation-files-setup
         - _HULL_OBJECT_TYPE_DEFAULT_
-        data: _HT/hull.vidispine.addon.sources.folder.secret:FOLDER_INDEX:10
+        data: _HT/hull.vidispine.addon.sources.folder.configmap:FOLDER_INDEX:10
       'custom-installation-files-11':
         enabled: _HT?ge (int (index . "$").Values.hull.config.general.data.installation.config.runtime.sourcesFolders) 11
         sources:
         - custom-installation-files-setup
         - _HULL_OBJECT_TYPE_DEFAULT_
-        data: _HT/hull.vidispine.addon.sources.folder.secret:FOLDER_INDEX:11
+        data: _HT/hull.vidispine.addon.sources.folder.configmap:FOLDER_INDEX:11
       'custom-installation-files-12':
         enabled: _HT?ge (int (index . "$").Values.hull.config.general.data.installation.config.runtime.sourcesFolders) 12
         sources:
         - custom-installation-files-setup
         - _HULL_OBJECT_TYPE_DEFAULT_
-        data: _HT/hull.vidispine.addon.sources.folder.secret:FOLDER_INDEX:12
+        data: _HT/hull.vidispine.addon.sources.folder.configmap:FOLDER_INDEX:12
       'custom-installation-files-13':
         enabled: _HT?ge (int (index . "$").Values.hull.config.general.data.installation.config.runtime.sourcesFolders) 13
         sources:
         - custom-installation-files-setup
         - _HULL_OBJECT_TYPE_DEFAULT_
-        data: _HT/hull.vidispine.addon.sources.folder.secret:FOLDER_INDEX:13
+        data: _HT/hull.vidispine.addon.sources.folder.configmap:FOLDER_INDEX:13
       'custom-installation-files-14':
         enabled: _HT?ge (int (index . "$").Values.hull.config.general.data.installation.config.runtime.sourcesFolders) 14
         sources:
         - custom-installation-files-setup
         - _HULL_OBJECT_TYPE_DEFAULT_
-        data: _HT/hull.vidispine.addon.sources.folder.secret:FOLDER_INDEX:14
+        data: _HT/hull.vidispine.addon.sources.folder.configmap:FOLDER_INDEX:14
       'custom-installation-files-15':
         enabled: _HT?ge (int (index . "$").Values.hull.config.general.data.installation.config.runtime.sourcesFolders) 15
         sources:
         - custom-installation-files-setup
         - _HULL_OBJECT_TYPE_DEFAULT_
-        data: _HT/hull.vidispine.addon.sources.folder.secret:FOLDER_INDEX:15
+        data: _HT/hull.vidispine.addon.sources.folder.configmap:FOLDER_INDEX:15
       'custom-installation-files-16':
         enabled: _HT?ge (int (index . "$").Values.hull.config.general.data.installation.config.runtime.sourcesFolders) 16
         sources:
         - custom-installation-files-setup
         - _HULL_OBJECT_TYPE_DEFAULT_
-        data: _HT/hull.vidispine.addon.sources.folder.secret:FOLDER_INDEX:16
+        data: _HT/hull.vidispine.addon.sources.folder.configmap:FOLDER_INDEX:16
       'custom-installation-files-17':
         enabled: _HT?ge (int (index . "$").Values.hull.config.general.data.installation.config.runtime.sourcesFolders) 17
         sources:
         - custom-installation-files-setup
         - _HULL_OBJECT_TYPE_DEFAULT_
-        data: _HT/hull.vidispine.addon.sources.folder.secret:FOLDER_INDEX:17
+        data: _HT/hull.vidispine.addon.sources.folder.configmap:FOLDER_INDEX:17
       'custom-installation-files-18':
         enabled: _HT?ge (int (index . "$").Values.hull.config.general.data.installation.config.runtime.sourcesFolders) 18
         sources:
         - custom-installation-files-setup
         - _HULL_OBJECT_TYPE_DEFAULT_
-        data: _HT/hull.vidispine.addon.sources.folder.secret:FOLDER_INDEX:18
+        data: _HT/hull.vidispine.addon.sources.folder.configmap:FOLDER_INDEX:18
       'custom-installation-files-19':
         enabled: _HT?ge (int (index . "$").Values.hull.config.general.data.installation.config.runtime.sourcesFolders) 19
         sources:
         - custom-installation-files-setup
         - _HULL_OBJECT_TYPE_DEFAULT_
-        data: _HT/hull.vidispine.addon.sources.folder.secret:FOLDER_INDEX:19
+        data: _HT/hull.vidispine.addon.sources.folder.configmap:FOLDER_INDEX:19
       'custom-installation-files-20':
         enabled: _HT?ge (int (index . "$").Values.hull.config.general.data.installation.config.runtime.sourcesFolders) 20
         sources:
         - custom-installation-files-setup
         - _HULL_OBJECT_TYPE_DEFAULT_
-        data: _HT/hull.vidispine.addon.sources.folder.secret:FOLDER_INDEX:20
+        data: _HT/hull.vidispine.addon.sources.folder.configmap:FOLDER_INDEX:20
       hull-database:
         enabled: false
         annotations:

hull-vidispine-addon/templates/_library.tpl

@@ -866,19 +866,19 @@ etcssl:
 'DBUSER':
   valueFrom:
     secretKeyRef:
-      name: auth
+      name: "{{ $component }}"
       key: AUTH_BASIC_DATABASE_USERNAME
       optional: true
 'DBPASSWORD':
   valueFrom:
     secretKeyRef:
-      name: auth
+      name: "{{ $component }}"
       key: AUTH_BASIC_DATABASE_PASSWORD
       optional: true
 'DBNAME':
   valueFrom:
     secretKeyRef:
-      name: auth
+      name: "{{ $component }}"
       key: AUTH_BASIC_DATABASE_NAME
       optional: true
 'DBUSERPOSTFIX':

hull-vidispine-addon/templates/_transformations.tpl

@@ -110,12 +110,12 @@ Icon: |-
 {
   "installation":
   { 
-    "secret":{ "secretName": "hull-install" }
+    "configMap":{ "name": "hull-install" }
   },
   {{ if (gt (len ($parent.Files.Glob "files/hull-vidispine-addon/installation/sources/*")) 0) }}  
   "custom-installation-files":
   {
-    "secret": { "secretName": "custom-installation-files" }
+    "configMap": { "name": "custom-installation-files" }
   },
   {{ end }}
   "etcssl":
@@ -150,9 +150,9 @@ Icon: |-
   {{ $_ := set $processedDict $folder "true" }}
   "custom-installation-files-{{ $folder }}":  
   {
-      secret: 
+      configMap: 
       {
-        secretName: "custom-installation-files-{{ $folderCount }}"
+        name: "custom-installation-files-{{ $folderCount }}"
       }
   },
   {{ end }}
@@ -237,7 +237,7 @@ Icon: |-
 
 
 
-{{ define "hull.vidispine.addon.sources.folder.secret" }}
+{{ define "hull.vidispine.addon.sources.folder.configmap" }}
 {{ $parent := (index . "PARENT_CONTEXT") }}
 {{ $folderIndex := (index . "FOLDER_INDEX") }}
 {
@@ -259,7 +259,7 @@ Icon: |-
 
 
 
-{{- define "hull.vidispine.addon.sources.folder.secret.count" -}}
+{{- define "hull.vidispine.addon.sources.folder.configmap.count" -}}
 {{- $parent := (index . "PARENT_CONTEXT") -}}
 {{- $folderIndex := (index . "FOLDER_INDEX") -}}
 {{- $processedDict := dict -}}