rocky-linux
/
peridot
mirror of https://github.com/rocky-linux/peridot.git
4
0
Fork 0
Code Issues Projects Releases Activity
peridot/spicedb/deploy/common.jsonnet

34 lines
931 B
Plaintext
Raw Blame History

local kubernetes = import 'ci/kubernetes.jsonnet';
local db = import 'ci/db.jsonnet';
local tag = std.extVar('tag');
local DSN = db.dsn('hydra');
{
image: 'quay.io/peridot/spicedb',
tag: 'v0.3.21',
legacyDb: true,
dsn: {
name: 'DSN',
value: std.strReplace(db.dsn_legacy('spicedb'), 'postgresql://', 'postgres://'),
},
env: [
{
name: 'SPICEDB_GRPC_PRESHARED_KEY',
// This may be insecure, but it's a necessary evil.
// todo(mustafa): Evaluate whether we can use a gRPC proxy instead
value: 'iKeNRY7ZMZaksFO0mX8uMFCzL8Ayzcq1',
/*valueFrom: true,
secret: {
name: 'spicedb',
key: 'grpc-preshared-key',
}*/
},
$.dsn
],
sh_args(cmd): [
'-c',
'export REAL_DSN=`echo $%s | sed -e "s/REPLACEME/${DATABASE_PASSWORD}/g"%s`; DSN=$REAL_DSN %s' % [$.dsn.name, if $.legacyDb then '' else ' | sed -e "s/postgresql/cockroachdb/g"', cmd],
]
}
View Git Blame Copy Permalink