kube: standardize top.secretRefs convention
Introduce a convention of declaring a secretsRefs:: object below cfg:: for containing all secretKeyRefs. The goal is to self-document all secrets that need to be created in order to deploy a service
Change-Id: I3a990d54f65a288f5e748262c576d2a120efd815
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1806
Reviewed-by: q3k <q3k@hackerspace.pl>
diff --git a/personal/radex/wordpress/prod.jsonnet b/personal/radex/wordpress/prod.jsonnet
index d8aca0b..21a373d 100644
--- a/personal/radex/wordpress/prod.jsonnet
+++ b/personal/radex/wordpress/prod.jsonnet
@@ -13,7 +13,7 @@
storageSize: "5Gi",
},
- secrets:: {
+ secretRefs:: {
mysql: { secretKeyRef: { name: cfg.name, key: 'mysql_password' } },
wordpress: { secretKeyRef: { name: cfg.name, key: 'wordpress_password' } },
},
@@ -39,9 +39,9 @@
WORDPRESS_DATABASE_HOST: 'wordpress-mysql',
WORDPRESS_DATABASE_NAME: 'wordpress',
WORDPRESS_DATABASE_USER: 'wordpress',
- WORDPRESS_DATABASE_PASSWORD: top.secrets.mysql,
+ WORDPRESS_DATABASE_PASSWORD: top.secretRefs.mysql,
WORDPRESS_USERNAME: 'admin',
- WORDPRESS_PASSWORD: top.secrets.wordpress,
+ WORDPRESS_PASSWORD: top.secretRefs.wordpress,
},
},
},
@@ -85,7 +85,7 @@
MYSQL_RANDOM_ROOT_PASSWORD: "yes",
MYSQL_DATABASE: "wordpress",
MYSQL_USER: "wordpress",
- MYSQL_PASSWORD: top.secrets.mysql,
+ MYSQL_PASSWORD: top.secretRefs.mysql,
},
volumeMounts_: {
data: { mountPath: '/var/lib/mysql' },