feat(Odoo)!: remove explicit db secrets and superuser (#76)

glasskube · Feb 20, 2023 · 0db762a · 0db762a
1 parent 1ea4443
commit 0db762a
Show file tree

Hide file tree

Showing 7 changed files with 11 additions and 124 deletions.
diff --git a/operator/src/main/kotlin/eu/glasskube/operator/odoo/Odoo.kt b/operator/src/main/kotlin/eu/glasskube/operator/odoo/Odoo.kt
@@ -31,7 +31,6 @@ class Odoo : CustomResource<OdooSpec, OdooStatus>(), Namespaced {
         const val configFile = "odoo.conf"
         const val configPath = "/etc/odoo"
         const val dbName = "odoo"
-        const val dbUsername = "odoo"
     }
 }
 
@@ -57,10 +56,7 @@ val Odoo.dbName
     get() = "$genericResourceName-db"
 
 val Odoo.dbSecretName
-    get() = "$genericResourceName-db"
-
-val Odoo.dbSuperuserSecretName
-    get() = "$genericResourceName-db-superuser"
+    get() = "$dbName-app"
 
 val Odoo.serviceName
     get() = genericResourceName

diff --git a/operator/src/main/kotlin/eu/glasskube/operator/odoo/OdooReconciler.kt b/operator/src/main/kotlin/eu/glasskube/operator/odoo/OdooReconciler.kt
@@ -4,8 +4,6 @@ import eu.glasskube.operator.api.reconciler.informerEventSource
 import eu.glasskube.operator.decodeBase64
 import eu.glasskube.operator.odoo.dependent.OdooConfigMap
 import eu.glasskube.operator.odoo.dependent.OdooDatabaseBackupSecret
-import eu.glasskube.operator.odoo.dependent.OdooDatabaseSecret
-import eu.glasskube.operator.odoo.dependent.OdooDatabaseSuperuserSecret
 import eu.glasskube.operator.odoo.dependent.OdooDeployment
 import eu.glasskube.operator.odoo.dependent.OdooIngress
 import eu.glasskube.operator.odoo.dependent.OdooPersistentVolumeClaim
@@ -53,17 +51,7 @@ import org.slf4j.LoggerFactory
         Dependent(
             name = "OdooPostgresCluster",
             type = OdooPostgresCluster::class,
-            dependsOn = ["OdooDatabaseSecret", "OdooDatabaseSuperuserSecret", "OdooDatabaseBackupSecret"]
-        ),
-        Dependent(
-            name = "OdooDatabaseSecret",
-            type = OdooDatabaseSecret::class,
-            useEventSourceWithName = OdooReconciler.SECRETS_EVENT_SOURCE_NAME
-        ),
-        Dependent(
-            name = "OdooDatabaseSuperuserSecret",
-            type = OdooDatabaseSuperuserSecret::class,
-            useEventSourceWithName = OdooReconciler.SECRETS_EVENT_SOURCE_NAME,
+            dependsOn = ["OdooDatabaseBackupSecret"]
         ),
         Dependent(
             name = "OdooDatabaseBackupSecret",

diff --git a/operator/src/main/kotlin/eu/glasskube/operator/odoo/dependent/OdooDatabaseSecret.kt b/operator/src/main/kotlin/eu/glasskube/operator/odoo/dependent/OdooDatabaseSecret.kt
diff --git a/operator/src/main/kotlin/eu/glasskube/operator/odoo/dependent/OdooDatabaseSuperuserSecret.kt b/operator/src/main/kotlin/eu/glasskube/operator/odoo/dependent/OdooDatabaseSuperuserSecret.kt
diff --git a/operator/src/main/kotlin/eu/glasskube/operator/odoo/dependent/OdooPostgresCluster.kt b/operator/src/main/kotlin/eu/glasskube/operator/odoo/dependent/OdooPostgresCluster.kt
@@ -8,27 +8,24 @@ import eu.glasskube.operator.odoo.OdooReconciler
 import eu.glasskube.operator.odoo.bucketName
 import eu.glasskube.operator.odoo.dbBackupSecretName
 import eu.glasskube.operator.odoo.dbName
-import eu.glasskube.operator.odoo.dbSecretName
-import eu.glasskube.operator.odoo.dbSuperuserSecretName
 import eu.glasskube.operator.odoo.resourceLabels
 import eu.glasskube.operator.postgres.BackupConfiguration
 import eu.glasskube.operator.postgres.BarmanObjectStoreConfiguration
 import eu.glasskube.operator.postgres.BootstrapConfiguration
 import eu.glasskube.operator.postgres.BootstrapInitDB
-import eu.glasskube.operator.postgres.Cluster
 import eu.glasskube.operator.postgres.ClusterSpec
 import eu.glasskube.operator.postgres.MonitoringConfiguration
+import eu.glasskube.operator.postgres.PostgresCluster
 import eu.glasskube.operator.postgres.S3Credentials
 import eu.glasskube.operator.postgres.StorageConfiguration
 import eu.glasskube.operator.postgres.postgresCluster
-import io.fabric8.kubernetes.api.model.LocalObjectReference
 import io.fabric8.kubernetes.api.model.SecretKeySelector
 import io.javaoperatorsdk.operator.api.reconciler.Context
 import io.javaoperatorsdk.operator.processing.dependent.kubernetes.CRUDKubernetesDependentResource
 import io.javaoperatorsdk.operator.processing.dependent.kubernetes.KubernetesDependent
 
 @KubernetesDependent(labelSelector = OdooReconciler.SELECTOR)
-class OdooPostgresCluster : CRUDKubernetesDependentResource<Cluster, Odoo>(Cluster::class.java) {
+class OdooPostgresCluster : CRUDKubernetesDependentResource<PostgresCluster, Odoo>(PostgresCluster::class.java) {
     override fun desired(primary: Odoo, context: Context<Odoo>) = postgresCluster {
         metadata {
             name = primary.dbName
@@ -37,13 +34,9 @@ class OdooPostgresCluster : CRUDKubernetesDependentResource<Cluster, Odoo>(Clust
         }
         spec = ClusterSpec(
             instances = 1,
-            superuserSecret = LocalObjectReference(primary.dbSuperuserSecretName),
+            enableSuperuserAccess = false,
             bootstrap = BootstrapConfiguration(
-                initdb = BootstrapInitDB(
-                    database = Odoo.dbName,
-                    owner = Odoo.dbUsername,
-                    secret = LocalObjectReference(primary.dbSecretName)
-                )
+                initdb = BootstrapInitDB(database = Odoo.dbName)
             ),
             storage = StorageConfiguration(
                 storageClass = getConfig(client, ConfigKey.databaseStorageClassName),

diff --git a/operator/src/main/kotlin/eu/glasskube/operator/postgres/BootstrapInitDB.kt b/operator/src/main/kotlin/eu/glasskube/operator/postgres/BootstrapInitDB.kt
@@ -7,7 +7,7 @@ import io.fabric8.kubernetes.api.model.LocalObjectReference
 //  - postInitApplicationSQLRefs
 data class BootstrapInitDB(
     val database: String,
-    val owner: String,
+    val owner: String? = null,
     val secret: LocalObjectReference? = null,
     val options: List<String>? = null,
     val dataChecksums: Boolean? = null,

diff --git a/...eu/glasskube/operator/postgres/Cluster.kt → ...kube/operator/postgres/PostgresCluster.kt b/...eu/glasskube/operator/postgres/Cluster.kt → ...kube/operator/postgres/PostgresCluster.kt
@@ -3,14 +3,16 @@ package eu.glasskube.operator.postgres
 import io.fabric8.kubernetes.api.model.Namespaced
 import io.fabric8.kubernetes.client.CustomResource
 import io.fabric8.kubernetes.model.annotation.Group
+import io.fabric8.kubernetes.model.annotation.Kind
 import io.fabric8.kubernetes.model.annotation.Version
 
+@Kind("Cluster")
 @Group("postgresql.cnpg.io")
 @Version("v1")
-class Cluster : CustomResource<ClusterSpec, ClusterStatus>(), Namespaced {
+class PostgresCluster : CustomResource<ClusterSpec, ClusterStatus>(), Namespaced {
     override fun setSpec(spec: ClusterSpec?) {
         super.setSpec(spec)
     }
 }
 
-inline fun postgresCluster(block: (Cluster).() -> Unit) = Cluster().apply(block)
+inline fun postgresCluster(block: (PostgresCluster).() -> Unit) = PostgresCluster().apply(block)