sarex/iac
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

add vault support

Browse Source
This commit is contained in:
Kochetkov S 2026-04-16 12:15:38 +03:00
parent 79a4ff4c9b
commit db2293b30b
2 changed files with 13 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
clusters/yc-k8s-test/infrastructure/patches/postgresql.yaml
View File

@ -36,13 +36,14 @@ spec:
image: image:
registry: cr.yandex/crp3ccidau046kdj8g9q registry: cr.yandex/crp3ccidau046kdj8g9q
repository: contour/postgresql repository: contour/postgresql
tag: 17.0.2 tag: 17.0.3
pullPolicy: Always pullPolicy: Always
metrics: metrics:
enabled: false enabled: false
prometheusRule: prometheusRule:
enabled: false enabled: false
primary: primary:
automountServiceAccountToken: true
containerSecurityContext: containerSecurityContext:
readOnlyRootFilesystem: false readOnlyRootFilesystem: false
persistence: persistence:
@ -53,7 +54,7 @@ spec:
command: command:
- /bin/sh - /bin/sh
- -c - -c
- exec pg_isready -U "sarex" -d postgres -h 127.0.0.1 -p 5432 - exec pg_isready -U "postgres" -d postgres -h 127.0.0.1 -p 5432
initialDelaySeconds: 30 initialDelaySeconds: 30
periodSeconds: 10 periodSeconds: 10
timeoutSeconds: 5 timeoutSeconds: 5
@ -64,7 +65,7 @@ spec:
command: command:
- /bin/sh - /bin/sh
- -c - -c
- exec pg_isready -U "sarex" -d postgres -h 127.0.0.1 -p 5432 - exec pg_isready -U "postgres" -d postgres -h 127.0.0.1 -p 5432
initialDelaySeconds: 5 initialDelaySeconds: 5
periodSeconds: 10 periodSeconds: 10
timeoutSeconds: 5 timeoutSeconds: 5
@ -75,7 +76,7 @@ spec:
command: command:
- /bin/sh - /bin/sh
- -c - -c
- exec pg_isready -U "sarex" -d postgres -h 127.0.0.1 -p 5432 - exec pg_isready -U "postgres" -d postgres -h 127.0.0.1 -p 5432
initialDelaySeconds: 30 initialDelaySeconds: 30
periodSeconds: 10 periodSeconds: 10
timeoutSeconds: 5 timeoutSeconds: 5
@ -90,8 +91,13 @@ spec:
effect: NoSchedule effect: NoSchedule
contour: contour:
enabled: true enabled: true
adminUser: "" adminUser: "postgres"
adminPasswordSecretKey: "" vault:
enabled: true
role: postgresql
authPath: auth/kubernetes
secretPath: secrets/data/postgresql/admin
secretKey: postgres-password
sharedPreloadLibraries: "timescaledb,pg_stat_statements" sharedPreloadLibraries: "timescaledb,pg_stat_statements"
databases: databases:
- name: attachments_db - name: attachments_db

2
infrastructure/postgresql/base/helmrelease.yaml
View File

@ -8,7 +8,7 @@ spec:
chart: chart:
spec: spec:
chart: postgresql-contour chart: postgresql-contour
version: "17.0.2" version: "17.0.3"
sourceRef: sourceRef:
kind: HelmRepository kind: HelmRepository
name: yc-oci-charts name: yc-oci-charts