Skip to content

Commit

Permalink
Added support for clickhouse and kafka user secret ref
Browse files Browse the repository at this point in the history
  • Loading branch information
amanpruthi authored and velotioaastha committed Dec 5, 2024
1 parent f755b94 commit 20e70bd
Show file tree
Hide file tree
Showing 7 changed files with 52 additions and 6 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -60,7 +60,7 @@ spec:
valueFrom:
secretKeyRef:
name: {{ include "wandb.clickhouse.passwordSecret" . }}
key: CLICKHOUSE_PASSWORD
key: {{ include "wandb.clickhouse.passwordSecret.passwordKey" . }}
{{- include "weaveTrace.extraEnv" (dict "global" .Values.global "local" .Values) | nindent 12 }}
{{- include "wandb.extraEnvFrom" (dict "root" $ "local" .) | nindent 12 }}
{{- end }}
Expand Down Expand Up @@ -97,7 +97,7 @@ spec:
valueFrom:
secretKeyRef:
name: {{ include "wandb.clickhouse.passwordSecret" . }}
key: CLICKHOUSE_PASSWORD
key: {{ include "wandb.clickhouse.passwordSecret.passwordKey" . }}
{{- include "weaveTrace.extraEnv" (dict "global" .Values.global "local" .Values) | nindent 12 }}
{{- include "wandb.extraEnvFrom" (dict "root" $ "local" .) | nindent 12 }}
{{- if not .Values.datadog.enabled }}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -61,7 +61,7 @@ spec:
valueFrom:
secretKeyRef:
name: {{ include "wandb.clickhouse.passwordSecret" . }}
key: CLICKHOUSE_PASSWORD
key: {{ include "wandb.clickhouse.passwordSecret.passwordKey" . }}
{{- include "weaveTrace.extraEnv" (dict "global" .Values.global "local" .Values) | nindent 12 }}
{{- include "wandb.extraEnvFrom" (dict "root" $ "local" .) | nindent 12 }}
restartPolicy: "Never"
Expand Down
17 changes: 16 additions & 1 deletion charts/operator-wandb/templates/_clickhouse.tpl
Original file line number Diff line number Diff line change
Expand Up @@ -9,8 +9,23 @@ Return the kafka client password
Return name of secret where clickhouse information is stored
*/}}
{{- define "wandb.clickhouse.passwordSecret" -}}
{{- print .Release.Name "-clickhouse" -}}
{{- if .Values.global.clickhouse.passwordSecret.name }}
{{- .Values.global.clickhouse.passwordSecret.name -}}
{{- else -}}
{{- print .Release.Name "-clickhouse" -}}
{{- end -}}
{{- end }}

{{/*
Return name of secret where clickhouse information is stored
*/}}
{{- define "wandb.clickhouse.passwordSecret.passwordKey" -}}
{{- if .Values.global.clickhouse.passwordSecret.name }}
{{- .Values.global.clickhouse.passwordSecret.passwordKey -}}
{{- else -}}
CLICKHOUSE_PASSWORD
{{- end -}}
{{- end }}

{{/*
Return the redis host
Expand Down
17 changes: 16 additions & 1 deletion charts/operator-wandb/templates/_kafka.tpl
Original file line number Diff line number Diff line change
Expand Up @@ -31,8 +31,23 @@ Return the kafka client password
Return name of secret where kafka information is stored
*/}}
{{- define "wandb.kafka.passwordSecret" -}}
{{- print .Release.Name "-kafka" -}}
{{- if .Values.global.kafka.passwordSecret.name }}
{{- .Values.global.kafka.passwordSecret.name -}}
{{- else -}}
{{- print .Release.Name "-kafka" -}}
{{- end -}}
{{- end }}

{{/*
Return name of secret where kafka information is stored
*/}}
{{- define "wandb.kafka.passwordSecret.passwordKey" -}}
{{- if .Values.global.kafka.passwordSecret.name }}
{{- .Values.global.kafka.passwordSecret.passwordKey -}}
{{- else -}}
KAFKA_CLIENT_PASSWORD
{{- end -}}
{{- end }}

{{/*
Return the kafka broker url port
Expand Down
4 changes: 3 additions & 1 deletion charts/operator-wandb/templates/clickhouse.yaml
Original file line number Diff line number Diff line change
@@ -1,4 +1,5 @@
---
{{- if not .Values.global.clickhouse.passwordSecret.name }}
{{- $secretName := (include "wandb.clickhouse.passwordSecret" .) }}
apiVersion: v1
kind: Secret
Expand All @@ -7,4 +8,5 @@ metadata:
labels:
{{- include "wandb.commonLabels" . | nindent 4 }}
data:
CLICKHOUSE_PASSWORD: {{ include "wandb.clickhouse.password" . | b64enc }}
CLICKHOUSE_PASSWORD: {{ include "wandb.clickhouse.password" . | b64enc }}
{{- end }}
2 changes: 2 additions & 0 deletions charts/operator-wandb/templates/kafka.yaml
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
{{- if not .Values.global.kafka.passwordSecret.name }}
{{- $secretName := (include "wandb.kafka.passwordSecret" .) }}
apiVersion: v1
kind: Secret
Expand All @@ -7,3 +8,4 @@ metadata:
{{- include "wandb.commonLabels" . | nindent 4 }}
data:
KAFKA_CLIENT_PASSWORD: {{ include "wandb.kafka.password" . | b64enc }}
{{- end }}
12 changes: 12 additions & 0 deletions charts/operator-wandb/values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -76,6 +76,9 @@ global:
host: ""
port: 8443
password: "fake"
passwordSecret:
name: ""
passwordKey: "CLICKHOUSE_PASSWORD"
database: "weave_trace_db"
user: "default"

Expand Down Expand Up @@ -141,6 +144,13 @@ global:
# the kafka dependency chart.
user: &kafkaUser "wandb"
password: &kafkaPassword "wandb"
## The secret can be created using the following command:
## "kubectl create secret generic SECRET_NAME --from-literal=client-passwords=CLIENT_PASSWORD1 --from-literal=inter-broker-password=INTER_BROKER_PASSWORD --from-literal=controller-password=CONTROLLER_PASSWORD"
## Replace SECRET_NAME, CLIENT_PASSWORD1, INTER_BROKER_PASSWORD, and CONTROLLER_PASSWORD with appropriate values.
passwordSecret:
name: &kafkaSecretName ""
# This (client-passwords) should match the key name used in the secret
passwordKey: "client-passwords"
brokerHost: ""
brokerPort: 9092
runUpdatesShadowTopic: ""
Expand Down Expand Up @@ -372,6 +382,8 @@ kafka:
users:
- *kafkaUser
passwords: *kafkaPassword
existingSecret: *kafkaSecretName

kraft:
# This field is a UUID. It is *strongly* recommended to supply a new UUID yourself for production installs.
clusterId: "ffFF1H3AQKGdBnsqAbJKew"
Expand Down

0 comments on commit 20e70bd

Please sign in to comment.