refactor mariadb location a bit, create cluster secret file

2026-04-10 19:55:50 +12:00 · 2026-04-10 19:55:50 +12:00 · 025550608a
parent ec343739f6
commit 025550608a
7 changed files with 67 additions and 9 deletions
--- a/infrastructure/databases/mariadb-operator/cluster/kustomization.yaml
+++ b/infrastructure/databases/mariadb-operator/cluster/kustomization.yaml
@ -0,0 +1,4 @@
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 resources:
 - mariadb.yaml
--- a/infrastructure/databases/mariadb-operator/cluster/mariadb.yaml
+++ b/infrastructure/databases/mariadb-operator/cluster/mariadb.yaml
@ -0,0 +1,31 @@
 apiVersion: k8s.mariadb.com/v1alpha1
 kind: MariaDB
 metadata:
  name: mariadb
  namespace: mariadb-opeartor-system
 spec:
  replicas: 3
  rootPasswordSecretKeyRef:
    name: mariadb-root
    key: password
  storage:
    size: 20Gi
  # Optional but recommended
  service:
    type: ClusterIP
  # Helps with stable operation in GitOps
  updateStrategy:
    type: ReplicasFirstPrimaryLast
  # Basic resource safety
  resources:
    requests:
      cpu: 250m
      memory: 512Mi
    limits:
      cpu: "1"
      memory: 1Gi
--- a/infrastructure/databases/mariadb-operator/cluster/rootsecret.yaml
+++ b/infrastructure/databases/mariadb-operator/cluster/rootsecret.yaml
@ -0,0 +1,8 @@
 apiVersion: v1
 kind: Secret
 metadata:
  name: mariadb-root
  namespace: databases
 type: Opaque
 stringData:
  password: supersecure-root-password#
--- a/infrastructure/databases/mariadb-operator/kustomization.yaml
+++ b/infrastructure/databases/mariadb-operator/kustomization.yaml
@ -4,13 +4,5 @@ resources:
 - helmrelease.yaml
 - namespace.yaml
 - crds
 - cluster
 #namespace: mariadb-operator-system
 #configMapGenerator:
 #  - name: mariadb-operator-values
 #    files:
 #      - values.yaml
 #generatorOptions:
 #  disableNameSuffixHash: true
--- a/infrastructure/databases/mariadb-operator/values.yaml
+++ b/infrastructure/databases/mariadb-operator/values.yaml
--- a/secrets/kustomization.yaml
+++ b/secrets/kustomization.yaml
@ -5,3 +5,4 @@ resources:
 - namespace.yaml
 - velerosecrets.yaml
 - fireflysecrets.yaml
 - mariadb-clustersecrets.yaml
--- a/secrets/mariadb-clustersecrets.yaml
+++ b/secrets/mariadb-clustersecrets.yaml
@ -0,0 +1,22 @@
 apiVersion: external-secrets.io/v1
 kind: ExternalSecret
 metadata:
  name: mariadb-secrets
  namespace: mariadb-operator-system
 spec:
  refreshInterval: 1h
  secretStoreRef:
    name: bitwarden
    kind: ClusterSecretStore
  target:
    name: mariadb-secrets
    creationPolicy: Owner
    template:
      engineVersion: v2
      mergePolicy: Merge
      data:
        root-password: '{{ index . "mariadb-cluster-root-password" }}'
  data:
    - secretKey: mariadb-cluster-root-password
      remoteRef:
        key: mariadb-cluster-root-password