From 34410822267f3c2474f3a41dc2e41779fd7c7024 Mon Sep 17 00:00:00 2001 From: Kochetkov S Date: Thu, 16 Apr 2026 13:54:16 +0300 Subject: [PATCH] rework chart + vault logic --- .../infrastructure/patches/postgresql.yaml | 292 +++++++++++++++++- .../postgresql/base/helmrelease.yaml | 2 +- 2 files changed, 288 insertions(+), 6 deletions(-) diff --git a/clusters/yc-k8s-test/infrastructure/patches/postgresql.yaml b/clusters/yc-k8s-test/infrastructure/patches/postgresql.yaml index 059ac61..95606b9 100644 --- a/clusters/yc-k8s-test/infrastructure/patches/postgresql.yaml +++ b/clusters/yc-k8s-test/infrastructure/patches/postgresql.yaml @@ -36,7 +36,7 @@ spec: image: registry: cr.yandex/crp3ccidau046kdj8g9q repository: contour/postgresql - tag: 17.0.4 + tag: 17.0.5 pullPolicy: Always metrics: enabled: false @@ -98,6 +98,7 @@ spec: authPath: auth/kubernetes secretPath: secrets/data/postgresql/admin secretKey: postgres-password + usersSecretPath: secrets/data/postgresql/users sharedPreloadLibraries: "timescaledb,pg_stat_statements" databases: - name: attachments_db @@ -116,9 +117,290 @@ spec: user: keycloak extensions: [] restoreFromDump: false - - name: testdb - user: testdb - extensions: [] - restoreFromDump: false + - name: automation + user: automation + passwordKey: automation + extensions: + - pg_stat_statements + - uuid-ossp + restoreFromDump: false + + # - name: bi + # user: bi + # passwordKey: bi + # extensions: + # - ltree + # - pg_stat_statements + # - uuid-ossp + # restoreFromDump: false + + # - name: camunda_db + # user: camunda + # passwordKey: camunda + # extensions: + # - pg_stat_statements + # restoreFromDump: false + + # - name: camunda_new + # user: camunda + # passwordKey: camunda + # extensions: + # - pg_stat_statements + # restoreFromDump: false + + # - name: checklists + # user: checklists_user + # passwordKey: checklists + # extensions: + # - pg_stat_statements + # - uuid-ossp + # restoreFromDump: false + + # - name: comparator + # user: prod_user + # passwordKey: comparator + # extensions: + # - pg_stat_statements + # - uuid-ossp + # restoreFromDump: false + + # - name: comparisons + # user: comparisons_prod + # passwordKey: comparisons + # extensions: + # - pg_stat_statements + # - uuid-ossp + # restoreFromDump: false + + # - name: contracts_prod_db + # user: prod_user + # passwordKey: contracts + # extensions: + # - btree_gist + # - ltree + # - pg_stat_statements + # - uuid-ossp + # restoreFromDump: false + + # - name: data-engine_db + # user: data-engine + # passwordKey: data-engine + # extensions: + # - btree_gin + # - btree_gist + # - hstore + # - ltree + # - pg_partman + # - pg_trgm + # - uuid-ossp + # restoreFromDump: false + + # - name: drawings + # user: prod_user + # passwordKey: drawings + # extensions: + # - pg_stat_statements + # - uuid-ossp + # restoreFromDump: false + + # - name: flow_db + # user: flow + # passwordKey: flow + # extensions: + # - pg_stat_statements + # restoreFromDump: false + + # - name: inspections + # user: prod_user + # passwordKey: inspections + # extensions: + # - ltree + # - pg_stat_statements + # - postgis + # - timescaledb + # - uuid-ossp + # restoreFromDump: false + + # - name: issues + # user: prod_user + # passwordKey: issues + # extensions: + # - ltree + # - pg_stat_statements + # - pg_trgm + # - postgis + # - timescaledb + # - uuid-ossp + # restoreFromDump: false + + # - name: mailer + # user: mailer + # passwordKey: mailer + # extensions: + # - pg_stat_statements + # - uuid-ossp + # restoreFromDump: false + + # - name: notes_db + # user: note + # passwordKey: notes + # extensions: + # - pg_stat_statements + # restoreFromDump: false + + # - name: pm_db + # user: pm + # passwordKey: pm + # extensions: + # - ltree + # - pg_stat_statements + # restoreFromDump: false + + # - name: premises_db + # user: premises + # passwordKey: premises + # extensions: + # - uuid-ossp + # restoreFromDump: false + + # - name: preprod_sarex_db + # user: preprod_sarex + # passwordKey: preprod-sarex + # extensions: + # - ltree + # - pg_stat_statements + # restoreFromDump: false + + # - name: processing + # user: prod_user + # passwordKey: processing + # extensions: + # - pg_stat_statements + # - uuid-ossp + # restoreFromDump: false + + # - name: pulse_db + # user: pulse + # passwordKey: pulse + # extensions: + # - pg_stat_statements + # restoreFromDump: false + + # - name: remarks + # user: prod_user + # passwordKey: remarks + # extensions: + # - pg_stat_statements + # - uuid-ossp + # restoreFromDump: false + + # - name: resources + # user: prod_user + # passwordKey: resources + # extensions: + # - ltree + # - pg_stat_statements + # - postgis + # restoreFromDump: false + + # - name: restored_flow_db + # user: flow + # passwordKey: flow + # extensions: + # - pg_stat_statements + # restoreFromDump: false + + # - name: rfi + # user: rfi_user + # passwordKey: rfi + # extensions: + # - pg_stat_statements + # restoreFromDump: false + + # - name: sarex_compute + # user: prod_user + # passwordKey: sarex-compute + # extensions: + # - pg_stat_statements + # - uuid-ossp + # restoreFromDump: false + + # - name: sarex_db + # user: sarex + # passwordKey: sarex + # extensions: + # - ltree + # - pg_stat_statements + # restoreFromDump: false + + # - name: srx-data-engine + # user: admin_user + # passwordKey: srx-data-engine + # extensions: + # - btree_gist + # - ltree + # - pg_partman + # - pg_stat_statements + # - uuid-ossp + # restoreFromDump: false + + # - name: subscriptions + # user: prod_user + # passwordKey: subscriptions + # extensions: + # - ltree + # - pg_stat_statements + # - postgis + # - timescaledb + # restoreFromDump: false + + # - name: superset + # user: sarex + # passwordKey: superset + # extensions: + # - pg_stat_statements + # restoreFromDump: false + + # - name: system_log + # user: prod_user + # passwordKey: system-log + # extensions: + # - ltree + # - pg_stat_statements + # - timescaledb + # restoreFromDump: false + + # - name: transmittal + # user: transmittal + # passwordKey: transmittal + # extensions: + # - pg_stat_statements + # restoreFromDump: false + + # - name: workspaces + # user: prod_user + # passwordKey: workspaces + # extensions: + # - pg_stat_statements + # - uuid-ossp + # restoreFromDump: false + + # - name: bim + # user: bim + # passwordKey: bim + # extensions: [] + # restoreFromDump: false + + # - name: documentations + # user: documentations + # passwordKey: documentations + # extensions: [] + # restoreFromDump: false + + # - name: eav + # user: eav + # passwordKey: eav + # extensions: [] + # restoreFromDump: false s3-proxy: endpointUrl: "s3-proxy-service.postgresql.svc.cluster.local" diff --git a/infrastructure/postgresql/base/helmrelease.yaml b/infrastructure/postgresql/base/helmrelease.yaml index f1b05ad..ee13f8c 100644 --- a/infrastructure/postgresql/base/helmrelease.yaml +++ b/infrastructure/postgresql/base/helmrelease.yaml @@ -8,7 +8,7 @@ spec: chart: spec: chart: postgresql-contour - version: "17.0.4" + version: "17.0.5" sourceRef: kind: HelmRepository name: yc-oci-charts