From 64bbf6700ccf227932a7a78006165667544c052e Mon Sep 17 00:00:00 2001
From: Pete Birley <pete@port.direct>
Date: Mon, 3 Apr 2017 10:58:51 -0500
Subject: [PATCH] Update Glance DB Jobs

---
 glance/templates/bin/_db-sync.sh.tpl          | 19 ++++++++++
 glance/templates/bin/_init.sh.tpl             | 32 ----------------
 glance/templates/configmap-bin.yaml           |  6 ++-
 glance/templates/etc/_glance-api.conf.tpl     |  2 +-
 .../templates/etc/_glance-registry.conf.tpl   |  2 +-
 glance/templates/job-db-init.yaml             | 37 +++++++++++++++----
 glance/templates/job-db-sync.yaml             | 16 +++++++-
 glance/templates/secret-db-root.env.yaml      |  7 ++++
 glance/values.yaml                            | 25 ++++++++-----
 9 files changed, 90 insertions(+), 56 deletions(-)
 create mode 100644 glance/templates/bin/_db-sync.sh.tpl
 delete mode 100644 glance/templates/bin/_init.sh.tpl
 create mode 100644 glance/templates/secret-db-root.env.yaml

diff --git a/glance/templates/bin/_db-sync.sh.tpl b/glance/templates/bin/_db-sync.sh.tpl
new file mode 100644
index 00000000..512fc2d5
--- /dev/null
+++ b/glance/templates/bin/_db-sync.sh.tpl
@@ -0,0 +1,19 @@
+#!/bin/bash
+
+# Copyright 2017 The Openstack-Helm Authors.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+set -ex
+
+glance-manage db_sync
diff --git a/glance/templates/bin/_init.sh.tpl b/glance/templates/bin/_init.sh.tpl
deleted file mode 100644
index 199cd48c..00000000
--- a/glance/templates/bin/_init.sh.tpl
+++ /dev/null
@@ -1,32 +0,0 @@
-#!/bin/bash
-
-# Copyright 2017 The Openstack-Helm Authors.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-set -ex
-export HOME=/tmp
-
-ansible localhost -vvv -m mysql_db -a "login_host='{{ .Values.database.address }}' \
-login_port='{{ .Values.database.port }}' \
-login_user='{{ .Values.database.root_user }}' \
-login_password='{{ .Values.database.root_password }}' \
-name='{{ .Values.database.glance_database_name }}'"
-
-ansible localhost -vvv -m mysql_user -a "login_host='{{ .Values.database.address }}' \
-login_port='{{ .Values.database.port }}' \
-login_user='{{ .Values.database.root_user }}' \
-login_password='{{ .Values.database.root_password }}' \
-name='{{ .Values.database.glance_user }}' \
-password='{{ .Values.database.glance_password }}' \
-host='%' priv='{{ .Values.database.glance_database_name }}.*:ALL' append_privs='yes'"
diff --git a/glance/templates/configmap-bin.yaml b/glance/templates/configmap-bin.yaml
index 1cd58c1c..5bfbdcd8 100644
--- a/glance/templates/configmap-bin.yaml
+++ b/glance/templates/configmap-bin.yaml
@@ -17,8 +17,10 @@ kind: ConfigMap
 metadata:
   name: glance-bin
 data:
-  init.sh: |+
-{{ tuple "bin/_init.sh.tpl" . | include "helm-toolkit.template" | indent 4 }}
+  db-init.py: |
+{{- include "helm-toolkit.db_init" . | indent 4 }}
+  db-sync.sh: |
+{{ tuple "bin/_db-sync.sh.tpl" . | include "helm-toolkit.template" | indent 4 }}
   ks-service.sh: |+
 {{- include "helm-toolkit.keystone_service" . | indent 4 }}
   ks-endpoints.sh: |+
diff --git a/glance/templates/etc/_glance-api.conf.tpl b/glance/templates/etc/_glance-api.conf.tpl
index 03648ab9..e872c2fe 100644
--- a/glance/templates/etc/_glance-api.conf.tpl
+++ b/glance/templates/etc/_glance-api.conf.tpl
@@ -24,7 +24,7 @@ registry_host = glance-registry
 show_image_direct_url = True
 
 [database]
-connection = mysql+pymysql://{{ .Values.database.glance_user }}:{{ .Values.database.glance_password }}@{{ .Values.database.address }}/{{ .Values.database.glance_database_name }}
+connection = {{ tuple "oslo_db" "internal" "user" "mysql" . | include "helm-toolkit.authenticated_endpoint_uri_lookup" }}
 max_retries = -1
 
 [keystone_authtoken]
diff --git a/glance/templates/etc/_glance-registry.conf.tpl b/glance/templates/etc/_glance-registry.conf.tpl
index 24f60dc6..1a32f099 100644
--- a/glance/templates/etc/_glance-registry.conf.tpl
+++ b/glance/templates/etc/_glance-registry.conf.tpl
@@ -21,7 +21,7 @@ bind_port = {{ .Values.network.port.registry }}
 workers = {{ .Values.misc.workers }}
 
 [database]
-connection = mysql+pymysql://{{ .Values.database.glance_user }}:{{ .Values.database.glance_password }}@{{ .Values.database.address }}/{{ .Values.database.glance_database_name }}
+connection = {{ tuple "oslo_db" "internal" "user" "mysql" . | include "helm-toolkit.authenticated_endpoint_uri_lookup" }}
 max_retries = -1
 
 [keystone_authtoken]
diff --git a/glance/templates/job-db-init.yaml b/glance/templates/job-db-init.yaml
index a8450ecb..2283d4df 100644
--- a/glance/templates/job-db-init.yaml
+++ b/glance/templates/job-db-init.yaml
@@ -43,16 +43,37 @@ spec:
               memory: {{ .Values.resources.jobs.init.requests.memory | quote }}
           {{- end }}
           env:
-          - name: ANSIBLE_LIBRARY
-            value: /usr/share/ansible/
+            - name: ROOT_DB_CONNECTION
+              valueFrom:
+                secretKeyRef:
+                  name: glance-db-root
+                  key: DB_CONNECTION
+            - name: OPENSTACK_CONFIG_FILE
+              value: /etc/glance/glance-api.conf
+            - name: OPENSTACK_CONFIG_DB_SECTION
+              value: database
+            - name: OPENSTACK_CONFIG_DB_KEY
+              value: connection
           command:
-            - bash
-            - /tmp/init.sh
+            - python
+            - /tmp/db-init.py
           volumeMounts:
-            - name: initsh
-              mountPath: /tmp/init.sh
-              subPath: init.sh
+            - name: glance-bin
+              mountPath: /tmp/db-init.py
+              subPath: db-init.py
+              readOnly: true
+            - name: etcglance
+              mountPath: /etc/glance
+            - name: glanceapiconf
+              mountPath: /etc/glance/glance-api.conf
+              subPath: glance-api.conf
+              readOnly: true
       volumes:
-        - name: initsh
+        - name: etcglance
+          emptyDir: {}
+        - name: glanceapiconf
+          configMap:
+            name: glance-etc
+        - name: glance-bin
           configMap:
             name: glance-bin
diff --git a/glance/templates/job-db-sync.yaml b/glance/templates/job-db-sync.yaml
index f3987ba0..c1545f28 100644
--- a/glance/templates/job-db-sync.yaml
+++ b/glance/templates/job-db-sync.yaml
@@ -43,13 +43,25 @@ spec:
               memory: {{ .Values.resources.jobs.db.requests.memory | quote }}
           {{- end }}
           command:
-            - glance-manage
-            - db_sync
+            - bash
+            - /tmp/db-sync.sh
           volumeMounts:
+            - name: glance-bin
+              mountPath: /tmp/db-sync.sh
+              subPath: db-sync.sh
+              readOnly: true
+            - name: etcglance
+              mountPath: /etc/glance
             - name: glanceapiconf
               mountPath: /etc/glance/glance-api.conf
               subPath: glance-api.conf
+              readOnly: true
       volumes:
+        - name: etcglance
+          emptyDir: {}
         - name: glanceapiconf
           configMap:
             name: glance-etc
+        - name: glance-bin
+          configMap:
+            name: glance-bin
diff --git a/glance/templates/secret-db-root.env.yaml b/glance/templates/secret-db-root.env.yaml
new file mode 100644
index 00000000..188e4d79
--- /dev/null
+++ b/glance/templates/secret-db-root.env.yaml
@@ -0,0 +1,7 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: glance-db-root
+type: Opaque
+data:
+  DB_CONNECTION: {{ tuple "oslo_db" "internal" "admin" "mysql" . | include "helm-toolkit.authenticated_endpoint_uri_lookup" | b64enc }}
diff --git a/glance/values.yaml b/glance/values.yaml
index c02d11b7..a5e1132d 100644
--- a/glance/values.yaml
+++ b/glance/values.yaml
@@ -30,7 +30,7 @@ labels:
   node_selector_value: enabled
 
 images:
-  db_init: quay.io/stackanetes/stackanetes-kolla-toolbox:newton
+  db_init: quay.io/stackanetes/stackanetes-glance-api:newton
   db_sync: quay.io/stackanetes/stackanetes-glance-api:newton
   ks_user: quay.io/stackanetes/stackanetes-kolla-toolbox:newton
   ks_service: quay.io/stackanetes/stackanetes-kolla-toolbox:newton
@@ -68,15 +68,6 @@ network:
     api: 9292
     registry: 9191
 
-database:
-  address: mariadb
-  port: 3306
-  root_user: root
-  root_password: password
-  glance_database_name: glance
-  glance_password: password
-  glance_user: glance
-
 ceph:
   enabled: true
   monitors: []
@@ -192,3 +183,17 @@ endpoints:
     port:
       api: 9292
       registry: 9191
+  oslo_db:
+    auth:
+      admin:
+        username: root
+        password: password
+      user:
+        username: glance
+        password: password
+    hosts:
+      default: mariadb
+    path: /glance
+    scheme: mysql+pymysql
+    port:
+      mysql: 3306