Bitnami/charts
2
0
Fork 0
mirror of https://github.com/bitnami/charts.git synced 2026-03-06 15:10:15 +08:00
Code Issues Packages Projects Releases Wiki Activity

[bitnami/mongodb] Add support for several custom users/dbs (#7930)

Browse Source 
* [bitnami/mongodb] Add support for several custom users/dbs

Signed-off-by: juan131 <juanariza@vmware.com>

* Split export commands

Signed-off-by: juan131 <juanariza@vmware.com>

* [bitnami/mongodb] Update components versions

Signed-off-by: Bitnami Containers <containers@bitnami.com>

Co-authored-by: Bitnami Containers <containers@bitnami.com>
This commit is contained in:
Juan Ariza Toledano
2021-11-02 09:42:23 +01:00
committed by GitHub
parent ab31422d72
commit 4d8106fc73
10 changed files with 191 additions and 94 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
bitnami/mongodb/Chart.yaml
View File

@@ -26,4 +26,4 @@ name: mongodb
sources:
- https://github.com/bitnami/bitnami-docker-mongodb
- https://mongodb.org
version: 10.28.7
version: 10.29.0

9
bitnami/mongodb/README.md
View File

@@ -99,9 +99,12 @@ Refer to the [chart documentation for more information on each of these architec
| `auth.enabled` | Enable authentication | `true` |
| `auth.rootUser` | MongoDB&reg; root user | `root` |
| `auth.rootPassword` | MongoDB&reg; root password | `""` |
| `auth.username` | MongoDB&reg; custom user (mandatory if `auth.database` is set) | `""` |
| `auth.password` | MongoDB&reg; custom user password | `""` |
| `auth.database` | MongoDB&reg; custom database | `""` |
| `auth.usernames` | List of custom users to be created during the initialization | `[]` |
| `auth.passwords` | List of passwords for the custom users set at `auth.usernames` | `[]` |
| `auth.databases` | List of custom databases to be created during the initialization | `[]` |
| `auth.username` | DEPRECATED: use `auth.usernames` instead | `""` |
| `auth.password` | DEPRECATED: use `auth.passwords` instead | `""` |
| `auth.database` | DEPRECATED: use `auth.databases` instead | `""` |
| `auth.replicaSetKey` | Key used for authentication in the replicaset (only when `architecture=replicaset`) | `""` |
| `auth.existingSecret` | Existing secret with MongoDB&reg; credentials (keys: `mongodb-password`, `mongodb-root-password`, ` mongodb-replica-set-key`) | `""` |
| `tls.enabled` | Enable MongoDB&reg; TLS support between nodes in the cluster as well as between mongo clients and nodes | `false` |

11
bitnami/mongodb/templates/NOTES.txt
View File

@@ -97,13 +97,18 @@ To get the root password run:
export MONGODB_ROOT_PASSWORD=$(kubectl get secret --namespace {{ template "mongodb.namespace" . }} {{ template "mongodb.secretName" . }} -o jsonpath="{.data.mongodb-root-password}" | base64 --decode)
{{- end }}
{{- if and .Values.auth.username .Values.auth.database .Values.auth.password }}
{{- $customUsers := include "mongodb.customUsers" . -}}
{{- $customDatabases := include "mongodb.customDatabases" . -}}
{{- if and (not (empty $customUsers)) (not (empty $customDatabases)) }}
{{- $customUsersList := splitList "," $customUsers }}
{{- range $index, $user := $customUsersList }}
To get the password for "{{ .Values.auth.username }}" run:
To get the password for "{{ $user }}" run:
export MONGODB_PASSWORD=$(kubectl get secret --namespace {{ template "mongodb.namespace" . }} {{ template "mongodb.secretName" . }} -o jsonpath="{.data.mongodb-password}" | base64 --decode)
export MONGODB_PASSWORD=$(kubectl get secret --namespace {{ include "mongodb.namespace" $ }} {{ include "mongodb.secretName" $ }} -o jsonpath="{.data.mongodb-passwords}" | base64 --decode | awk -F',' '{print ${{ add 1 $index }}}')
{{- end }}
{{- end }}
To connect to your database, create a MongoDB&reg; client container:

71
bitnami/mongodb/templates/_helpers.tpl
View File

@@ -129,6 +129,48 @@ is true or default otherwise.
{{- end -}}
{{- end -}}
{{/*
Return the list of custom users to create during the initialization (string format)
*/}}
{{- define "mongodb.customUsers" -}}
{{- $customUsers := list -}}
{{- if .Values.auth.username -}}
{{- $customUsers = append $customUsers .Values.auth.username }}
{{- end }}
{{- range .Values.auth.usernames }}
{{- $customUsers = append $customUsers . }}
{{- end }}
{{- printf "%s" (default "" (join "," $customUsers)) -}}
{{- end -}}
{{/*
Return the list of passwords for the custom users (string format)
*/}}
{{- define "mongodb.customPasswords" -}}
{{- $customPasswords := list -}}
{{- if .Values.auth.password -}}
{{- $customPasswords = append $customPasswords .Values.auth.password }}
{{- end }}
{{- range .Values.auth.passwords }}
{{- $customPasswords = append $customPasswords . }}
{{- end }}
{{- printf "%s" (default "" (join "," $customPasswords)) -}}
{{- end -}}
{{/*
Return the list of custom databases to create during the initialization (string format)
*/}}
{{- define "mongodb.customDatabases" -}}
{{- $customDatabases := list -}}
{{- if .Values.auth.database -}}
{{- $customDatabases = append $customDatabases .Values.auth.database }}
{{- end }}
{{- range .Values.auth.databases }}
{{- $customDatabases = append $customDatabases . }}
{{- end }}
{{- printf "%s" (default "" (join "," $customDatabases)) -}}
{{- end -}}
{{/*
Return the configmap with the MongoDB&reg; configuration
*/}}
@@ -249,7 +291,8 @@ Compile all warnings into a single message, and call fail.
{{- $messages := list -}}
{{- $messages := append $messages (include "mongodb.validateValues.pspAndRBAC" .) -}}
{{- $messages := append $messages (include "mongodb.validateValues.architecture" .) -}}
{{- $messages := append $messages (include "mongodb.validateValues.customDatabase" .) -}}
{{- $messages := append $messages (include "mongodb.validateValues.customUsersDBs" .) -}}
{{- $messages := append $messages (include "mongodb.validateValues.customUsersDBsLength" .) -}}
{{- $messages := append $messages (include "mongodb.validateValues.externalAccessServiceType" .) -}}
{{- $messages := append $messages (include "mongodb.validateValues.loadBalancerIPsListLength" .) -}}
{{- $messages := append $messages (include "mongodb.validateValues.nodePortListLength" .) -}}
@@ -281,18 +324,30 @@ mongodb: architecture
{{- end -}}
{{/*
Validate values of MongoDB&reg; - both auth.username and auth.database are necessary
Validate values of MongoDB&reg; - both auth.usernames and auth.databases are necessary
to create a custom user and database during 1st initialization
*/}}
{{- define "mongodb.validateValues.customDatabase" -}}
{{- if or (and .Values.auth.username (not .Values.auth.database)) (and (not .Values.auth.username) .Values.auth.database) }}
mongodb: auth.username, auth.database
Both auth.username and auth.database must be provided to create
a custom user and database during 1st initialization.
Please set both of them (--set auth.username="xxxx",auth.database="yyyy")
{{- define "mongodb.validateValues.customUsersDBs" -}}
{{- $customUsers := include "mongodb.customUsers" . -}}
{{- $customDatabases := include "mongodb.customDatabases" . -}}
{{- if or (and (empty $customUsers) (not (empty $customDatabases))) (and (not (empty $customUsers)) (empty $customDatabases)) }}
mongodb: auth.usernames, auth.databases
Both auth.usernames and auth.databases must be provided to create
custom users and databases during 1st initialization.
Please set both of them (--set auth.usernames[0]="xxxx",auth.databases[0]="yyyy")
{{- end -}}
{{- end -}}
{{/*
Validate values of MongoDB&reg; - both auth.usernames and auth.databases arrays should have the same length
to create a custom user and database during 1st initialization
*/}}
{{- define "mongodb.validateValues.customUsersDBsLength" -}}
{{- if ne (len .Values.auth.usernames) (len .Values.auth.databases) }}
mongodb: auth.usernames, auth.databases
Both auth.usernames and auth.databases arrays should have the same length
{{- end -}}
{{- end -}}
{{/*
Validate values of MongoDB&reg; - service type for external access

42
bitnami/mongodb/templates/hidden/statefulset.yaml
View File

@@ -236,33 +236,26 @@ spec:
- name: MONGODB_ADVERTISED_HOSTNAME
value: "$(MY_POD_NAME).$(K8S_HIDDEN_NODE_SERVICE_NAME).$(MY_POD_NAMESPACE).svc.{{ .Values.clusterDomain }}"
{{- end }}
{{- if .Values.auth.username }}
- name: MONGODB_USERNAME
value: {{ .Values.auth.username | quote }}
{{- $customUsers := include "mongodb.customUsers" . -}}
{{- $customDatabases := include "mongodb.customDatabases" . -}}
{{- if not (empty $customUsers) }}
- name: MONGODB_EXTRA_USERNAMES
value: {{ $customUsers | quote }}
{{- end }}
{{- if .Values.auth.database }}
- name: MONGODB_DATABASE
value: {{ .Values.auth.database | quote }}
{{- end }}
{{- if .Values.metrics.username }}
- name: MONGODB_METRICS_USERNAME
value: {{ .Values.metrics.username | quote }}
{{- if not (empty $customDatabases) }}
- name: MONGODB_EXTRA_DATABASES
value: {{ $customDatabases | quote }}
{{- end }}
{{- if .Values.auth.enabled }}
{{- if and .Values.auth.username .Values.auth.database }}
- name: MONGODB_PASSWORD
- name: MONGODB_EXTRA_PASSWORDS
valueFrom:
secretKeyRef:
name: {{ include "mongodb.secretName" . }}
key: mongodb-password
{{- end }}
{{- if .Values.metrics.username }}
- name: MONGODB_METRICS_PASSWORD
valueFrom:
secretKeyRef:
name: {{ include "mongodb.secretName" . }}
key: mongodb-metrics-password
key: mongodb-passwords
{{- end }}
- name: MONGODB_ROOT_USER
value: {{ .Values.auth.rootUser | quote }}
- name: MONGODB_ROOT_PASSWORD
valueFrom:
secretKeyRef:
@@ -274,6 +267,17 @@ spec:
name: {{ include "mongodb.secretName" . }}
key: mongodb-replica-set-key
{{- end }}
{{- if and .Values.metrics.enabled (not (empty .Values.metrics.username)) }}
- name: MONGODB_METRICS_USERNAME
value: {{ .Values.metrics.username | quote }}
{{- if .Values.auth.enabled }}
- name: MONGODB_METRICS_PASSWORD
valueFrom:
secretKeyRef:
name: {{ include "mongodb.secretName" . }}
key: mongodb-metrics-password
{{- end }}
{{- end }}
- name: ALLOW_EMPTY_PASSWORD
value: {{ ternary "no" "yes" .Values.auth.enabled | quote }}
- name: MONGODB_SYSTEM_LOG_VERBOSITY

20
bitnami/mongodb/templates/replicaset/scripts-configmap.yaml
View File

@@ -90,8 +90,14 @@ data:
export MONGODB_INITIAL_PRIMARY_ROOT_USER="$MONGODB_ROOT_USER"
export MONGODB_INITIAL_PRIMARY_ROOT_PASSWORD="$MONGODB_ROOT_PASSWORD"
export MONGODB_INITIAL_PRIMARY_PORT_NUMBER="$MONGODB_PORT_NUMBER"
export MONGODB_ROOT_PASSWORD="" MONGODB_USERNAME="" MONGODB_DATABASE="" MONGODB_PASSWORD=""
export MONGODB_ROOT_PASSWORD_FILE="" MONGODB_USERNAME_FILE="" MONGODB_DATABASE_FILE="" MONGODB_PASSWORD_FILE=""
export MONGODB_ROOT_PASSWORD=""
export MONGODB_EXTRA_USERNAMES=""
export MONGODB_EXTRA_DATABASES=""
export MONGODB_EXTRA_PASSWORDS=""
export MONGODB_ROOT_PASSWORD_FILE=""
export MONGODB_EXTRA_USERNAMES_FILE=""
export MONGODB_EXTRA_DATABASES_FILE=""
export MONGODB_EXTRA_PASSWORDS_FILE=""
fi
exec /opt/bitnami/scripts/mongodb/entrypoint.sh /opt/bitnami/scripts/mongodb/run.sh
@@ -122,7 +128,13 @@ data:
export MONGODB_INITIAL_PRIMARY_ROOT_USER="$MONGODB_ROOT_USER"
export MONGODB_INITIAL_PRIMARY_ROOT_PASSWORD="$MONGODB_ROOT_PASSWORD"
export MONGODB_INITIAL_PRIMARY_PORT_NUMBER="$MONGODB_PORT_NUMBER"
export MONGODB_ROOT_PASSWORD="" MONGODB_USERNAME="" MONGODB_DATABASE="" MONGODB_PASSWORD=""
export MONGODB_ROOT_PASSWORD_FILE="" MONGODB_USERNAME_FILE="" MONGODB_DATABASE_FILE="" MONGODB_PASSWORD_FILE=""
export MONGODB_ROOT_PASSWORD=""
export MONGODB_EXTRA_USERNAMES=""
export MONGODB_EXTRA_DATABASES=""
export MONGODB_EXTRA_PASSWORDS=""
export MONGODB_ROOT_PASSWORD_FILE=""
export MONGODB_EXTRA_USERNAMES_FILE=""
export MONGODB_EXTRA_DATABASES_FILE=""
export MONGODB_EXTRA_PASSWORDS_FILE=""
exec /opt/bitnami/scripts/mongodb/entrypoint.sh /opt/bitnami/scripts/mongodb/run.sh
{{- end }}

40
bitnami/mongodb/templates/replicaset/statefulset.yaml
View File

@@ -241,32 +241,23 @@ spec:
- name: MONGODB_ADVERTISED_HOSTNAME
value: "$(MY_POD_NAME).$(K8S_SERVICE_NAME).$(MY_POD_NAMESPACE).svc.{{ .Values.clusterDomain }}"
{{- end }}
{{- if .Values.auth.username }}
- name: MONGODB_USERNAME
value: {{ .Values.auth.username | quote }}
{{- $customUsers := include "mongodb.customUsers" . -}}
{{- $customDatabases := include "mongodb.customDatabases" . -}}
{{- if not (empty $customUsers) }}
- name: MONGODB_EXTRA_USERNAMES
value: {{ $customUsers | quote }}
{{- end }}
{{- if .Values.auth.database }}
- name: MONGODB_DATABASE
value: {{ .Values.auth.database | quote }}
{{- end }}
{{- if .Values.metrics.username }}
- name: MONGODB_METRICS_USERNAME
value: {{ .Values.metrics.username | quote }}
{{- if not (empty $customDatabases) }}
- name: MONGODB_EXTRA_DATABASES
value: {{ $customDatabases | quote }}
{{- end }}
{{- if .Values.auth.enabled }}
{{- if and .Values.auth.username .Values.auth.database }}
- name: MONGODB_PASSWORD
- name: MONGODB_EXTRA_PASSWORDS
valueFrom:
secretKeyRef:
name: {{ include "mongodb.secretName" . }}
key: mongodb-password
{{- end }}
{{- if .Values.metrics.username }}
- name: MONGODB_METRICS_PASSWORD
valueFrom:
secretKeyRef:
name: {{ include "mongodb.secretName" . }}
key: mongodb-metrics-password
key: mongodb-passwords
{{- end }}
- name: MONGODB_ROOT_USER
value: {{ .Values.auth.rootUser | quote }}
@@ -281,6 +272,17 @@ spec:
name: {{ include "mongodb.secretName" . }}
key: mongodb-replica-set-key
{{- end }}
{{- if and .Values.metrics.enabled (not (empty .Values.metrics.username)) }}
- name: MONGODB_METRICS_USERNAME
value: {{ .Values.metrics.username | quote }}
{{- if .Values.auth.enabled }}
- name: MONGODB_METRICS_PASSWORD
valueFrom:
secretKeyRef:
name: {{ include "mongodb.secretName" . }}
key: mongodb-metrics-password
{{- end }}
{{- end }}
- name: ALLOW_EMPTY_PASSWORD
value: {{ ternary "no" "yes" .Values.auth.enabled | quote }}
- name: MONGODB_SYSTEM_LOG_VERBOSITY

24
bitnami/mongodb/templates/secrets.yaml
View File

@@ -15,27 +15,35 @@ metadata:
type: Opaque
data:
{{- if .Values.auth.rootPassword }}
mongodb-root-password: {{ .Values.auth.rootPassword | toString | b64enc | quote }}
mongodb-root-password: {{ .Values.auth.rootPassword | toString | b64enc | quote }}
{{- else }}
mongodb-root-password: {{ randAlphaNum 10 | b64enc | quote }}
{{- end }}
{{- if and .Values.auth.username .Values.auth.database }}
{{- if .Values.auth.password }}
mongodb-password: {{ .Values.auth.password | toString | b64enc | quote }}
{{- $customUsers := include "mongodb.customUsers" . -}}
{{- $customDatabases := include "mongodb.customDatabases" . -}}
{{- $customPasswords := include "mongodb.customPasswords" . -}}
{{- if and (not (empty $customUsers)) (not (empty $customDatabases)) }}
{{- if not (empty $customPasswords) }}
mongodb-passwords: {{ $customPasswords | toString | b64enc | quote }}
{{- else }}
mongodb-password: {{ randAlphaNum 10 | b64enc | quote }}
{{- $customUsersList := splitList "," $customUsers }}
{{- $customPasswordsList := list }}
{{- range $customUsersList }}
{{- $customPasswordsList = append $customPasswordsList (randAlphaNum 10) }}
{{- end }}
mongodb-passwords: {{ (join "," $customPasswordsList) | b64enc | quote }}
{{- end }}
{{- end }}
{{- if .Values.metrics.username }}
{{- if .Values.metrics.password }}
mongodb-metrics-password: {{ .Values.metrics.password | toString | b64enc | quote }}
mongodb-metrics-password: {{ .Values.metrics.password | toString | b64enc | quote }}
{{- else }}
mongodb-metrics-password: {{ randAlphaNum 10 | b64enc | quote }}
mongodb-metrics-password: {{ randAlphaNum 10 | b64enc | quote }}
{{- end }}
{{- end }}
{{- if eq .Values.architecture "replicaset" }}
{{- if .Values.auth.replicaSetKey }}
mongodb-replica-set-key: {{ .Values.auth.replicaSetKey | toString | b64enc | quote }}
mongodb-replica-set-key: {{ .Values.auth.replicaSetKey | toString | b64enc | quote }}
{{- else }}
mongodb-replica-set-key: {{ randAlphaNum 10 | b64enc | quote }}
{{- end }}

40
bitnami/mongodb/templates/standalone/dep-sts.yaml
View File

@@ -200,32 +200,23 @@ spec:
env:
- name: BITNAMI_DEBUG
value: {{ ternary "true" "false" (or .Values.image.debug .Values.diagnosticMode.enabled) | quote }}
{{- if .Values.auth.username }}
- name: MONGODB_USERNAME
value: {{ .Values.auth.username | quote }}
{{- $customUsers := include "mongodb.customUsers" . -}}
{{- $customDatabases := include "mongodb.customDatabases" . -}}
{{- if not (empty $customUsers) }}
- name: MONGODB_EXTRA_USERNAMES
value: {{ $customUsers | quote }}
{{- end }}
{{- if .Values.auth.database }}
- name: MONGODB_DATABASE
value: {{ .Values.auth.database | quote }}
{{- end }}
{{- if .Values.metrics.username }}
- name: MONGODB_METRICS_USERNAME
value: {{ .Values.metrics.username | quote }}
{{- if not (empty $customDatabases) }}
- name: MONGODB_EXTRA_DATABASES
value: {{ $customDatabases | quote }}
{{- end }}
{{- if .Values.auth.enabled }}
{{- if and .Values.auth.username .Values.auth.database }}
- name: MONGODB_PASSWORD
- name: MONGODB_EXTRA_PASSWORDS
valueFrom:
secretKeyRef:
name: {{ include "mongodb.secretName" . }}
key: mongodb-password
{{- end }}
{{- if .Values.metrics.username }}
- name: MONGODB_METRICS_PASSWORD
valueFrom:
secretKeyRef:
name: {{ include "mongodb.secretName" . }}
key: mongodb-metrics-password
key: mongodb-passwords
{{- end }}
- name: MONGODB_ROOT_USER
value: {{ .Values.auth.rootUser | quote }}
@@ -235,6 +226,17 @@ spec:
name: {{ include "mongodb.secretName" . }}
key: mongodb-root-password
{{- end }}
{{- if and .Values.metrics.enabled (not (empty .Values.metrics.username)) }}
- name: MONGODB_METRICS_USERNAME
value: {{ .Values.metrics.username | quote }}
{{- if .Values.auth.enabled }}
- name: MONGODB_METRICS_PASSWORD
valueFrom:
secretKeyRef:
name: {{ include "mongodb.secretName" . }}
key: mongodb-metrics-password
{{- end }}
{{- end }}
- name: ALLOW_EMPTY_PASSWORD
value: {{ ternary "no" "yes" .Values.auth.enabled | quote }}
- name: MONGODB_SYSTEM_LOG_VERBOSITY

26
bitnami/mongodb/values.yaml
View File

@@ -99,7 +99,7 @@ diagnosticMode:
image:
registry: docker.io
repository: bitnami/mongodb
tag: 4.4.10-debian-10-r15
tag: 4.4.10-debian-10-r20
## Specify a imagePullPolicy
## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images
##
@@ -140,12 +140,18 @@ auth:
## ref: https://github.com/bitnami/bitnami-docker-mongodb/blob/master/README.md#setting-the-root-password-on-first-run
##
rootPassword: ""
## MongoDB&reg; custom user and database
## ref: https://github.com/bitnami/bitnami-docker-mongodb/blob/master/README.md#creating-a-user-and-database-on-first-run
## @param auth.username MongoDB&reg; custom user (mandatory if `auth.database` is set)
## @param auth.password MongoDB&reg; custom user password
## @param auth.database MongoDB&reg; custom database
## MongoDB&reg; custom users and databases
## ref: https://github.com/bitnami/bitnami-docker-mongodb/blob/master/README.md#creating-users-and-databases-on-first-run
## @param auth.usernames List of custom users to be created during the initialization
## @param auth.passwords List of passwords for the custom users set at `auth.usernames`
## @param auth.databases List of custom databases to be created during the initialization
##
usernames: []
passwords: []
databases: []
## @param auth.username DEPRECATED: use `auth.usernames` instead
## @param auth.password DEPRECATED: use `auth.passwords` instead
## @param auth.database DEPRECATED: use `auth.databases` instead
username: ""
password: ""
database: ""
@@ -183,7 +189,7 @@ tls:
image:
registry: docker.io
repository: bitnami/nginx
tag: 1.21.3-debian-10-r50
tag: 1.21.3-debian-10-r54
pullPolicy: IfNotPresent
## e.g:
## extraDnsNames
@@ -631,7 +637,7 @@ externalAccess:
image:
registry: docker.io
repository: bitnami/kubectl
tag: 1.19.16-debian-10-r0
tag: 1.19.16-debian-10-r4
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images
@@ -926,7 +932,7 @@ volumePermissions:
image:
registry: docker.io
repository: bitnami/bitnami-shell
tag: 10-debian-10-r234
tag: 10-debian-10-r239
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images
@@ -1509,7 +1515,7 @@ metrics:
image:
registry: docker.io
repository: bitnami/mongodb-exporter
tag: 0.11.2-debian-10-r322
tag: 0.11.2-debian-10-r327
pullPolicy: IfNotPresent
## Optionally specify an array of imagePullSecrets.
## Secrets must be manually created in the namespace.