scottk/cozystack
1
0
Fork 0
mirror of https://github.com/outbackdingo/cozystack.git synced 2026-03-21 16:41:17 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
secureboot
cozystack/packages/apps/mysql/templates/db.yaml
Andrei Kvapil aa2f553281 Update mariadb-operator and mysql chart (#328) 
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>


<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->

## Summary by CodeRabbit

- **New Features**
- Enhanced database user management with role definitions for `admin`
and `readonly` users.
- Introduced support for additional environment variables in the MariaDB
operator deployment.
	- Added new RBAC roles for viewing and editing MariaDB resources.

- **Changes**
- Updated configuration structure for database and user management,
shifting from arrays to objects.
- Improved webhook certificate management with revision history control.
	- Updated image repository for the MariaDB operator.

- **Bug Fixes**
- Adjusted permissions in RBAC configuration for better security and
resource management.

<!-- end of auto-generated comment: release notes by coderabbit.ai -->

Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
2024-09-04 15:14:31 +02:00

48 lines
1.1 KiB
YAML
Raw Permalink Blame History

{{- range $name, $db := .Values.databases }}
{{ $dbDNSName := replace "_" "-" $name }}
---
apiVersion: k8s.mariadb.com/v1alpha1
kind: Database
metadata:
name: {{ $.Release.Name }}-{{ $dbDNSName }}
spec:
name: {{ $name }}
mariaDbRef:
name: {{ $.Release.Name }}
characterSet: utf8
collate: utf8_general_ci
{{- range $user := $db.roles.admin }}
{{ $userDNSName := replace "_" "-" $user }}
---
apiVersion: k8s.mariadb.com/v1alpha1
kind: Grant
metadata:
name: {{ $.Release.Name }}-{{ $dbDNSName }}-{{ $userDNSName }}
spec:
mariaDbRef:
name: {{ $.Release.Name }}
privileges: ['ALL']
database: {{ $name }}
table: "*"
username: {{ $user }}
grantOption: true
{{- end }}
{{- range $user := $db.roles.readonly }}
{{ $userDNSName := replace "_" "-" $user }}
---
apiVersion: k8s.mariadb.com/v1alpha1
kind: Grant
metadata:
name: {{ $.Release.Name }}-{{ $dbDNSName }}-{{ $userDNSName }}
spec:
mariaDbRef:
name: {{ $.Release.Name }}
privileges: ['SELECT']
database: {{ $name }}
table: "*"
username: {{ $user }}
grantOption: true
{{- end }}
{{- end }}
Reference in New Issue View Git Blame Copy Permalink