github.com/aquasecurity/trivy-iac@v0.8.1-0.20240127024015-3d8e412cf0ab/pkg/scanners/helm/test/mysql/templates/_helpers.tpl (about) 1 {{/* vim: set filetype=mustache: */}} 2 3 {{- define "mysql.primary.fullname" -}} 4 {{- if eq .Values.architecture "replication" }} 5 {{- printf "%s-%s" (include "common.names.fullname" .) "primary" | trunc 63 | trimSuffix "-" -}} 6 {{- else -}} 7 {{- include "common.names.fullname" . -}} 8 {{- end -}} 9 {{- end -}} 10 11 {{- define "mysql.secondary.fullname" -}} 12 {{- printf "%s-%s" (include "common.names.fullname" .) "secondary" | trunc 63 | trimSuffix "-" -}} 13 {{- end -}} 14 15 {{/* 16 Return the proper MySQL image name 17 */}} 18 {{- define "mysql.image" -}} 19 {{ include "common.images.image" (dict "imageRoot" .Values.image "global" .Values.global) }} 20 {{- end -}} 21 22 {{/* 23 Return the proper metrics image name 24 */}} 25 {{- define "mysql.metrics.image" -}} 26 {{ include "common.images.image" (dict "imageRoot" .Values.metrics.image "global" .Values.global) }} 27 {{- end -}} 28 29 {{/* 30 Return the proper image name (for the init container volume-permissions image) 31 */}} 32 {{- define "mysql.volumePermissions.image" -}} 33 {{ include "common.images.image" (dict "imageRoot" .Values.volumePermissions.image "global" .Values.global) }} 34 {{- end -}} 35 36 {{/* 37 Return the proper Docker Image Registry Secret Names 38 */}} 39 {{- define "mysql.imagePullSecrets" -}} 40 {{ include "common.images.pullSecrets" (dict "images" (list .Values.image .Values.metrics.image .Values.volumePermissions.image) "global" .Values.global) }} 41 {{- end -}} 42 43 {{ template "mysql.initdbScriptsCM" . }} 44 {{/* 45 Get the initialization scripts ConfigMap name. 46 */}} 47 {{- define "mysql.initdbScriptsCM" -}} 48 {{- if .Values.initdbScriptsConfigMap -}} 49 {{- printf "%s" .Values.initdbScriptsConfigMap -}} 50 {{- else -}} 51 {{- printf "%s-init-scripts" (include "mysql.primary.fullname" .) -}} 52 {{- end -}} 53 {{- end -}} 54 55 {{/* 56 Returns the proper service account name depending if an explicit service account name is set 57 in the values file. If the name is not set it will default to either mysql.fullname if serviceAccount.create 58 is true or default otherwise. 59 */}} 60 {{- define "mysql.serviceAccountName" -}} 61 {{- if .Values.serviceAccount.create -}} 62 {{ default (include "common.names.fullname" .) .Values.serviceAccount.name }} 63 {{- else -}} 64 {{ default "default" .Values.serviceAccount.name }} 65 {{- end -}} 66 {{- end -}} 67 68 {{/* 69 Return the configmap with the MySQL Primary configuration 70 */}} 71 {{- define "mysql.primary.configmapName" -}} 72 {{- if .Values.primary.existingConfigmap -}} 73 {{- printf "%s" (tpl .Values.primary.existingConfigmap $) -}} 74 {{- else -}} 75 {{- printf "%s" (include "mysql.primary.fullname" .) -}} 76 {{- end -}} 77 {{- end -}} 78 79 {{/* 80 Return true if a configmap object should be created for MySQL Secondary 81 */}} 82 {{- define "mysql.primary.createConfigmap" -}} 83 {{- if and .Values.primary.configuration (not .Values.primary.existingConfigmap) }} 84 {{- true -}} 85 {{- else -}} 86 {{- end -}} 87 {{- end -}} 88 89 {{/* 90 Return the configmap with the MySQL Primary configuration 91 */}} 92 {{- define "mysql.secondary.configmapName" -}} 93 {{- if .Values.secondary.existingConfigmap -}} 94 {{- printf "%s" (tpl .Values.secondary.existingConfigmap $) -}} 95 {{- else -}} 96 {{- printf "%s" (include "mysql.secondary.fullname" .) -}} 97 {{- end -}} 98 {{- end -}} 99 100 {{/* 101 Return true if a configmap object should be created for MySQL Secondary 102 */}} 103 {{- define "mysql.secondary.createConfigmap" -}} 104 {{- if and (eq .Values.architecture "replication") .Values.secondary.configuration (not .Values.secondary.existingConfigmap) }} 105 {{- true -}} 106 {{- else -}} 107 {{- end -}} 108 {{- end -}} 109 110 {{/* 111 Return the secret with MySQL credentials 112 */}} 113 {{- define "mysql.secretName" -}} 114 {{- if .Values.auth.existingSecret -}} 115 {{- printf "%s" .Values.auth.existingSecret -}} 116 {{- else -}} 117 {{- printf "%s" (include "common.names.fullname" .) -}} 118 {{- end -}} 119 {{- end -}} 120 121 {{/* 122 Return true if a secret object should be created for MySQL 123 */}} 124 {{- define "mysql.createSecret" -}} 125 {{- if and (not .Values.auth.existingSecret) (not .Values.auth.customPasswordFiles) }} 126 {{- true -}} 127 {{- end -}} 128 {{- end -}} 129 130 {{/* 131 Returns the available value for certain key in an existing secret (if it exists), 132 otherwise it generates a random value. 133 */}} 134 {{- define "getValueFromSecret" }} 135 {{- $len := (default 16 .Length) | int -}} 136 {{- $obj := (lookup "v1" "Secret" .Namespace .Name).data -}} 137 {{- if $obj }} 138 {{- index $obj .Key | b64dec -}} 139 {{- else -}} 140 {{- randAlphaNum $len -}} 141 {{- end -}} 142 {{- end }} 143 144 {{- define "mysql.root.password" -}} 145 {{- if not (empty .Values.auth.rootPassword) }} 146 {{- .Values.auth.rootPassword }} 147 {{- else if (not .Values.auth.forcePassword) }} 148 {{- include "getValueFromSecret" (dict "Namespace" .Release.Namespace "Name" (include "common.names.fullname" .) "Length" 10 "Key" "mysql-root-password") }} 149 {{- else }} 150 {{- required "A MySQL Root Password is required!" .Values.auth.rootPassword }} 151 {{- end }} 152 {{- end -}} 153 154 {{- define "mysql.password" -}} 155 {{- if and (not (empty .Values.auth.username)) (not (empty .Values.auth.password)) }} 156 {{- .Values.auth.password }} 157 {{- else if (not .Values.auth.forcePassword) }} 158 {{- include "getValueFromSecret" (dict "Namespace" .Release.Namespace "Name" (include "common.names.fullname" .) "Length" 10 "Key" "mysql-password") }} 159 {{- else }} 160 {{- required "A MySQL Database Password is required!" .Values.auth.password }} 161 {{- end }} 162 {{- end -}} 163 164 {{- define "mysql.replication.password" -}} 165 {{- if not (empty .Values.auth.replicationPassword) }} 166 {{- .Values.auth.replicationPassword }} 167 {{- else if (not .Values.auth.forcePassword) }} 168 {{- include "getValueFromSecret" (dict "Namespace" .Release.Namespace "Name" (include "common.names.fullname" .) "Length" 10 "Key" "mysql-replication-password") }} 169 {{- else }} 170 {{- required "A MySQL Replication Password is required!" .Values.auth.replicationPassword }} 171 {{- end }} 172 {{- end -}} 173 174 {{/* Check if there are rolling tags in the images */}} 175 {{- define "mysql.checkRollingTags" -}} 176 {{- include "common.warnings.rollingTag" .Values.image }} 177 {{- include "common.warnings.rollingTag" .Values.metrics.image }} 178 {{- include "common.warnings.rollingTag" .Values.volumePermissions.image }} 179 {{- end -}} 180 181 {{/* 182 Compile all warnings into a single message, and call fail. 183 */}} 184 {{- define "mysql.validateValues" -}} 185 {{- $messages := list -}} 186 {{- $messages := without $messages "" -}} 187 {{- $message := join "\n" $messages -}} 188 189 {{- if $message -}} 190 {{- printf "\nVALUES VALIDATION:\n%s" $message | fail -}} 191 {{- end -}} 192 {{- end -}}