fix deploy

.woodpecker.yml

@@ -25,6 +25,8 @@ steps:
     commands:
       - printf "$KUBE_CONFIG_CONTENT" > /tmp/kubeconfig
       - export KUBECONFIG=/tmp/kubeconfig
-      - cat $CI_WORKSPACE/deployment/deploy-yml.tmpl | sed -e 's,%IMAGE%,'$IMAGE_NAME':'$CI_COMMIT_TAG',' | kubectl apply -f - 
+      - for N in "udi udi-pg"; do
+          cat $CI_WORKSPACE/deployment/deploy-yml.tmpl | sed -e 's,%IMAGE%,'$IMAGE_NAME':'$CI_COMMIT_TAG',' | kubectl apply -n $N -f - 
+        done
     when:
       - event: tag

deployment/deploy-yml.tmpl

@@ -2,7 +2,6 @@ apiVersion: v1
 kind: PersistentVolumeClaim
 metadata:
   name: udi-archive
-  namespace: udi
 spec:
   accessModes:
     - ReadWriteOnce
@@ -15,11 +14,10 @@ apiVersion: apps/v1
 kind: Deployment
 metadata:
   name: udi
-  namespace: udi
   labels:
     app: udi
   annotations:
-    secret.reloader.stakater.com/reload: "udi-conf,udi-db-cred"
+    secret.reloader.stakater.com/reload: "udi-conf,udi-db-cred,mqtt-password"
 spec:
   replicas: 1
   selector:
@@ -33,15 +31,13 @@ spec:
       containers:
         - name: udi
           image: %IMAGE%
-          env:
-            - name: UDI_CONF
-              valueFrom:
-                secretKeyRef:
-                  name: udi-conf
-                  key: UDI_CONF
           envFrom:
             - secretRef: 
                 name: udi-db-cred
+            - secretRef:
+                name: mqtt-password
+            - secretRef:
+                name: udi-conf
           volumeMounts:
             - mountPath: /archive
               name: udi-archive

deployment/load-config.sh

@@ -5,9 +5,9 @@ if [ "$FILE" = "" ]; then
   echo "give config file to load as first argument"
   exit 1
 fi
-SECRET_NAME=$2
+MQTT_PASSWORD=$2
-if [ "$SECRET_NAME" = "" ]; then
+if [ "$MQTT_PASSWORD" = "" ]; then
-  echo "give secret name to create/modify as second argument"
+  echo "give mqtt password as second argument"
   exit 1
 fi
 NAMESPACE=$3
@@ -16,7 +16,7 @@ if [ "$NAMESPACE" = "" ]; then
   exit 1
 fi
 
-kubectl create secret generic $SECRET_NAME \
+kubectl create secret generic udi-conf \
   --from-literal=UDI_CONF="`cat $FILE`" \
   -n $NAMESPACE \
   --dry-run=client \
@@ -24,13 +24,21 @@ kubectl create secret generic $SECRET_NAME \
   --save-config | \
 kubectl apply -f -
 
+kubectl create secret generic mqtt-password \
+  --from-literal=MQTT_PASSWORD="$MQTT_PASSWORD" \
+  -n $NAMESPACE \
+  --dry-run=client \
+  -o yaml \
+  --save-config | \
+kubectl apply -f -
+
 . ~/Workspace/MyKubernetesEnv/ENVDB
-DATABASE=udi
+DATABASE="udi-$NAMESPACE"
-LOGIN=udi
+LOGIN="udi-$NAMESPACE"
 PASSWORD=`openssl rand -base64 24` 
 psql <<EOF
-ALTER USER $LOGIN WITH PASSWORD '$PASSWORD';
+ALTER USER "$LOGIN" WITH PASSWORD '$PASSWORD';
-GRANT ALL PRIVILEGES ON DATABASE $DATABASE TO $LOGIN;
+GRANT ALL PRIVILEGES ON DATABASE "$DATABASE" TO "$LOGIN";
 COMMIT;
 EOF
 

src/udi/config-pg-cluster.json

@@ -0,0 +1,23 @@
+{
+  "mqtt": {
+    "broker": "ssl://eu1.cloud.thethings.network:8883",
+    "username": "com-passavant-geiger-poc@ttn",
+    "password": "ENV",
+    "tlsEnable": "true"
+  },
+  "topicMappings": [
+    {
+      "topics": [ "v3/com-passavant-geiger-poc@ttn/devices/#" ],
+      "handler": "TTN",
+      "id": "TTN0",
+      "config": {
+        "databaseConnStr": "",
+        "attributes": {
+        }
+      }
+    }
+  ],
+  "archiver": {
+    "dir": "/archive"
+  }
+}