From 3adaf763d290477b376b1978c1a3e5bdde4e19d8 Mon Sep 17 00:00:00 2001 From: Yosef Mihretie Date: Wed, 31 Jul 2024 16:34:02 -0400 Subject: [PATCH] fix connections templating for cloud sql proxy --- applications/job/templates/_helpers.tpl | 28 ++++++++++++++++++ applications/job/templates/cronjob.yaml | 2 +- .../job/templates/hook-configmap.yaml | 2 +- applications/job/values.yaml | 9 +++++- applications/web/templates/_helpers.tpl | 29 +++++++++++++++++++ .../deployment-blue-green-legacy.yaml | 2 +- applications/web/templates/deployment.yaml | 6 +--- applications/web/values.yaml | 7 +++-- applications/worker/templates/_helpers.tpl | 28 ++++++++++++++++++ applications/worker/templates/deployment.yaml | 2 +- applications/worker/values.yaml | 9 +++++- 11 files changed, 111 insertions(+), 13 deletions(-) diff --git a/applications/job/templates/_helpers.tpl b/applications/job/templates/_helpers.tpl index dd3a1702e..ba641cb33 100644 --- a/applications/job/templates/_helpers.tpl +++ b/applications/job/templates/_helpers.tpl @@ -75,3 +75,31 @@ Name of the service account json secret to use with the CloudSQL proxy {{- define "cloudsql.serviceAccountJSONSecret" -}} {{- default (printf "cloudsql-secret-%s" (include "docker-template.fullname" .)) .Values.cloudsql.serviceAccountJSONSecret }} {{- end }} + +{{/* +The connection string to be passed to the CloudSQL proxy. +For backwards compatibility, this concatenates targets from cloudsql.connectionName/dbPort, cloudsql.additionalConnection.connectionName/dbPort in addition to the cloudsql.connections list +*/}} +{{- define "cloudsql.connectionString" -}} +{{- $singleConnection := .Values.cloudsql.connectionName -}} +{{- $additionalConnection := .Values.cloudsql.additionalConnection -}} +{{- $connections := default (list) .Values.cloudsql.connections -}} +{{- $hasConnections := or $singleConnection (gt (len $connections) 0) $additionalConnection.enabled -}} +{{- if $hasConnections -}} + + {{- if $singleConnection -}} + {{- $singleConnection -}}=tcp:{{.Values.cloudsql.dbPort }} + {{- end -}} + + {{- if $additionalConnection.enabled -}} + {{- if $singleConnection }},{{ end -}} + {{ $additionalConnection.connectionName }}=tcp:{{ $additionalConnection.dbPort }} + {{- end -}} + + {{- range $index, $conn := $connections -}} + {{- if or $index $singleConnection $additionalConnection.enabled }},{{ end -}} + {{ $conn.name }}=tcp:{{ $conn.port }} + {{- end -}} + +{{- end }} +{{- end }} \ No newline at end of file diff --git a/applications/job/templates/cronjob.yaml b/applications/job/templates/cronjob.yaml index 18f502e8c..f7ccfae58 100644 --- a/applications/job/templates/cronjob.yaml +++ b/applications/job/templates/cronjob.yaml @@ -207,7 +207,7 @@ spec: image: gcr.io/cloudsql-docker/gce-proxy:1.17 command: - "/cloud_sql_proxy" - - "-instances={{ .Values.cloudsql.connectionName }}=tcp:{{ .Values.cloudsql.dbPort }}" + - "-instances={{- include "cloudsql.connectionString" . -}}" - "-credential_file=/secrets/service_account.json" {{ if .Values.terminationGracePeriodSeconds }} - "-term_timeout={{ .Values.terminationGracePeriodSeconds }}s" diff --git a/applications/job/templates/hook-configmap.yaml b/applications/job/templates/hook-configmap.yaml index 4523e7459..1a995c1b5 100644 --- a/applications/job/templates/hook-configmap.yaml +++ b/applications/job/templates/hook-configmap.yaml @@ -192,7 +192,7 @@ data: image: gcr.io/cloudsql-docker/gce-proxy:1.17 command: - "/cloud_sql_proxy" - - "-instances={{ .Values.cloudsql.connectionName }}=tcp:{{ .Values.cloudsql.dbPort }}" + - "-instances={{- include "cloudsql.connectionString" . -}}" - "-credential_file=/secrets/service_account.json" {{ if .Values.terminationGracePeriodSeconds }} - "-term_timeout={{ .Values.terminationGracePeriodSeconds }}s" diff --git a/applications/job/values.yaml b/applications/job/values.yaml index 890a18ee7..e21d4cd3f 100644 --- a/applications/job/values.yaml +++ b/applications/job/values.yaml @@ -50,10 +50,17 @@ paused: false cloudsql: enabled: false - connectionName: "" + connections: [] + # - name: "abcdedfg" + # port: 34343 + connectionName: "" # deprecated, keeping for backwards compatibility. use connections instead. dbPort: 5432 serviceAccountJSON: "" serviceAccountJSONSecret: "" + additionalConnection: # deprecated, keeping for backwards compatibility. use connections instead. + enabled: false + dbPort: 5432 + connectionName: "" # Set this for enabling DNS extensions over TCP # We enable this by default. diff --git a/applications/web/templates/_helpers.tpl b/applications/web/templates/_helpers.tpl index a9bc72cfb..15ebbf26b 100644 --- a/applications/web/templates/_helpers.tpl +++ b/applications/web/templates/_helpers.tpl @@ -75,3 +75,32 @@ Name of the service account json secret to use with the CloudSQL proxy {{- define "cloudsql.serviceAccountJSONSecret" -}} {{- default (printf "cloudsql-secret-%s" (include "docker-template.fullname" .)) .Values.cloudsql.serviceAccountJSONSecret }} {{- end }} + + +{{/* +The connection string to be passed to the CloudSQL proxy. +For backwards compatibility, this concatenates targets from cloudsql.connectionName/dbPort, cloudsql.additionalConnection.connectionName/dbPort in addition to the cloudsql.connections list +*/}} +{{- define "cloudsql.connectionString" -}} +{{- $singleConnection := .Values.cloudsql.connectionName -}} +{{- $additionalConnection := .Values.cloudsql.additionalConnection -}} +{{- $connections := default (list) .Values.cloudsql.connections -}} +{{- $hasConnections := or $singleConnection (gt (len $connections) 0) $additionalConnection.enabled -}} +{{- if $hasConnections -}} + + {{- if $singleConnection -}} + {{- $singleConnection -}}=tcp:{{.Values.cloudsql.dbPort }} + {{- end -}} + + {{- if $additionalConnection.enabled -}} + {{- if $singleConnection }},{{ end -}} + {{ $additionalConnection.connectionName }}=tcp:{{ $additionalConnection.dbPort }} + {{- end -}} + + {{- range $index, $conn := $connections -}} + {{- if or $index $singleConnection $additionalConnection.enabled }},{{ end -}} + {{ $conn.name }}=tcp:{{ $conn.port }} + {{- end -}} + +{{- end }} +{{- end }} \ No newline at end of file diff --git a/applications/web/templates/deployment-blue-green-legacy.yaml b/applications/web/templates/deployment-blue-green-legacy.yaml index bb5c0c08b..da2f1ec2d 100644 --- a/applications/web/templates/deployment-blue-green-legacy.yaml +++ b/applications/web/templates/deployment-blue-green-legacy.yaml @@ -241,7 +241,7 @@ spec: image: gcr.io/cloudsql-docker/gce-proxy:1.17 command: - "/cloud_sql_proxy" - - "-instances={{ $.Values.cloudsql.connectionName }}=tcp:{{ $.Values.cloudsql.dbPort }}" + - "-instances={{- include "cloudsql.connectionString" . -}}" - "-credential_file=/secrets/service_account.json" {{ if $.Values.terminationGracePeriodSeconds }} - "-term_timeout={{ $.Values.terminationGracePeriodSeconds }}s" diff --git a/applications/web/templates/deployment.yaml b/applications/web/templates/deployment.yaml index 4fbc14f31..db879fa80 100644 --- a/applications/web/templates/deployment.yaml +++ b/applications/web/templates/deployment.yaml @@ -406,11 +406,7 @@ spec: image: gcr.io/cloudsql-docker/gce-proxy:1.17 command: - "/cloud_sql_proxy" - {{- if .Values.cloudsql.additionalConnection.enabled }} - - "-instances={{ .Values.cloudsql.connectionName }}=tcp:{{ .Values.cloudsql.dbPort }},{{ .Values.cloudsql.additionalConnection.connectionName }}=tcp:{{ .Values.cloudsql.additionalConnection.dbPort }}" - {{- else }} - - "-instances={{ .Values.cloudsql.connectionName }}=tcp:{{ .Values.cloudsql.dbPort }}" - {{- end }} + - "-instances={{- include "cloudsql.connectionString" . -}}" - "-credential_file=/secrets/service_account.json" {{ if .Values.terminationGracePeriodSeconds }} - "-term_timeout={{ .Values.terminationGracePeriodSeconds }}s" diff --git a/applications/web/values.yaml b/applications/web/values.yaml index 92f92900c..2799722aa 100644 --- a/applications/web/values.yaml +++ b/applications/web/values.yaml @@ -232,11 +232,14 @@ pvc: cloudsql: enabled: false - connectionName: "" + connections: [] + # - name: "abcdedfg" + # port: 34343 + connectionName: "" # deprecated, keeping for backwards compatibility. use connections instead. dbPort: 5432 serviceAccountJSON: "" serviceAccountJSONSecret: "" - additionalConnection: + additionalConnection: # deprecated, keeping for backwards compatibility. use connections instead. enabled: false dbPort: 5432 connectionName: "" diff --git a/applications/worker/templates/_helpers.tpl b/applications/worker/templates/_helpers.tpl index dbae4a9c6..1058310e5 100644 --- a/applications/worker/templates/_helpers.tpl +++ b/applications/worker/templates/_helpers.tpl @@ -68,3 +68,31 @@ Name of the service account json secret to use with the CloudSQL proxy {{- define "cloudsql.serviceAccountJSONSecret" -}} {{- default (printf "cloudsql-secret-%s" (include "docker-template.fullname" .)) .Values.cloudsql.serviceAccountJSONSecret }} {{- end }} + +{{/* +The connection string to be passed to the CloudSQL proxy. +For backwards compatibility, this concatenates targets from cloudsql.connectionName/dbPort, cloudsql.additionalConnection.connectionName/dbPort in addition to the cloudsql.connections list +*/}} +{{- define "cloudsql.connectionString" -}} +{{- $singleConnection := .Values.cloudsql.connectionName -}} +{{- $additionalConnection := .Values.cloudsql.additionalConnection -}} +{{- $connections := default (list) .Values.cloudsql.connections -}} +{{- $hasConnections := or $singleConnection (gt (len $connections) 0) $additionalConnection.enabled -}} +{{- if $hasConnections -}} + + {{- if $singleConnection -}} + {{- $singleConnection -}}=tcp:{{.Values.cloudsql.dbPort }} + {{- end -}} + + {{- if $additionalConnection.enabled -}} + {{- if $singleConnection }},{{ end -}} + {{ $additionalConnection.connectionName }}=tcp:{{ $additionalConnection.dbPort }} + {{- end -}} + + {{- range $index, $conn := $connections -}} + {{- if or $index $singleConnection $additionalConnection.enabled }},{{ end -}} + {{ $conn.name }}=tcp:{{ $conn.port }} + {{- end -}} + +{{- end }} +{{- end }} \ No newline at end of file diff --git a/applications/worker/templates/deployment.yaml b/applications/worker/templates/deployment.yaml index 12ae9aa0d..1c495b24f 100644 --- a/applications/worker/templates/deployment.yaml +++ b/applications/worker/templates/deployment.yaml @@ -326,7 +326,7 @@ spec: image: gcr.io/cloudsql-docker/gce-proxy:1.17 command: - "/cloud_sql_proxy" - - "-instances={{ .Values.cloudsql.connectionName }}=tcp:{{ .Values.cloudsql.dbPort }}" + - "-instances={{- include "cloudsql.connectionString" . -}}" - "-credential_file=/secrets/service_account.json" {{ if .Values.terminationGracePeriodSeconds }} - "-term_timeout={{ .Values.terminationGracePeriodSeconds }}s" diff --git a/applications/worker/values.yaml b/applications/worker/values.yaml index fc8332808..4485ee97d 100644 --- a/applications/worker/values.yaml +++ b/applications/worker/values.yaml @@ -133,10 +133,17 @@ pvc: cloudsql: enabled: false - connectionName: "" + connections: [] + # - name: "abcdedfg" + # port: 34343 + connectionName: "" # deprecated, keeping for backwards compatibility. use connections instead. dbPort: 5432 serviceAccountJSON: "" serviceAccountJSONSecret: "" + additionalConnection: # deprecated, keeping for backwards compatibility. use connections instead. + enabled: false + dbPort: 5432 + connectionName: "" # Set this to add entries to the /etc/hosts file # Format: hostAliases: [{ip: , hostnames: [,..]},..]