From b850960fb07b630ebad513336ef11d20dc0750c9 Mon Sep 17 00:00:00 2001 From: Laur IVAN Date: Thu, 26 Feb 2026 02:39:50 +0100 Subject: [PATCH] chore: Attempt to install mysql --- kubernetes/apps/database-system/kustomization.yaml | 2 +- .../mysql-operator/cluster/secrets.sops.yaml | 9 +++++---- .../database-system/mysql-operator/kustomization.yaml | 6 ++++++ kubernetes/apps/security/infisical/app/helmrelease.yaml | 7 ++++++- .../apps/security/infisical/app/kustomization.yaml | 1 + .../apps/security/infisical/app/postgres-cluster.yaml | 8 +++++--- 6 files changed, 24 insertions(+), 9 deletions(-) diff --git a/kubernetes/apps/database-system/kustomization.yaml b/kubernetes/apps/database-system/kustomization.yaml index 69def6b..bfb197d 100644 --- a/kubernetes/apps/database-system/kustomization.yaml +++ b/kubernetes/apps/database-system/kustomization.yaml @@ -6,6 +6,6 @@ namespace: database-system resources: - ./namespace.yaml - ./crunchy-postgres-operator - # - ./mysql-operator + - ./mysql-operator # - ./dragonfly-operator # - ./rabbitmq-operator diff --git a/kubernetes/apps/database-system/mysql-operator/cluster/secrets.sops.yaml b/kubernetes/apps/database-system/mysql-operator/cluster/secrets.sops.yaml index a26b5ed..26cfb67 100644 --- a/kubernetes/apps/database-system/mysql-operator/cluster/secrets.sops.yaml +++ b/kubernetes/apps/database-system/mysql-operator/cluster/secrets.sops.yaml @@ -1,9 +1,10 @@ apiVersion: v1 kind: Secret metadata: - name: rook-ceph-dashboard-password + name: mysql-secret stringData: - api-token: ENC[AES256_GCM,data:Q/EO1flnXjhh/GuaFMufV4T6a6X6+slo1g==,iv:YsQmkJ6VRkmAWya6Fmlt6YUW/yX3DTqZOS6Z2c8+WwA=,tag:hAUOIr8hDFRRHYeXyxvhpg==,type:str] + rootUser: ENC[AES256_GCM,data:Z5eHWPs=,iv:KYdW7Ysg+n0yE0DpyTEla7ClpFXSe5yZoaffeLndBDU=,tag:F+cfs2hWo4NwpkAEsPs7gw==,type:str] + rootPassword: ENC[AES256_GCM,data:+/AqFPtyhC7dYEV/xFrcRYY1lw==,iv:vzi0RC2kvQrI9uK8a2Dv6RmSRrBPXjfSO8hCoJVbEFg=,tag:+Q/qbkJGsYlzsuPE8rsS0A==,type:str] sops: age: - recipient: age1yzrqhl9dk8ljswpmzsqme3enad5kxxhsptdvecy3lwlq0ms80gaqxrctst @@ -15,8 +16,8 @@ sops: YWxtMWJrd3hUQlQ3dG04TlRWdy9VbzQKNcokkZu9wDTKM17sLcJ7OkafSI1nFhyO /IM1vRlkJh12vPFE4351skFkgDdExf4gRoZH9MzXdDSh5b/2YBl8Ig== -----END AGE ENCRYPTED FILE----- - lastmodified: "2026-02-24T13:42:07Z" - mac: ENC[AES256_GCM,data:l5WfPr1HQ94V+TbgLFavTF569qO/9hcgqh7XP3NRZH/Z8/xfL496Cint2DwNkE6RB1JPAM4CpsOeCF3HItOgvonokIgZswyCeKwdU5nrWH9UO9pkAIsVjVLRNSbXJhsZiRJQmdQ2SescDSs/5S3wo+x8EO8PPj41TbZBvzUolcw=,iv:3QsirCiB81SVZ+yNAMr1IdWAbtHywPC8E444y+UEem8=,tag:u6uk/YdzQ2Svb3Tbbx3TGw==,type:str] + lastmodified: "2026-02-26T01:36:30Z" + mac: ENC[AES256_GCM,data:gScc0LfX2vkQ0mywISwFHLC6Mf8822knzSMkM31QQI58hPfctH1JJ1sOC6f7v5ubNONUrhUOxRUjOkEp0cHB/IGeSj+bC/jbFFR5et8BN6RWRO3P/FZmtSOLgLe/ydGCO1zqqXHbZWbUZ3sR6bBJfpRCPpmFTf59WFfyQj2P+1o=,iv:5Etf8hUeVRRJuy1gpbcxf8uPHjYvsoMEOomhp5vAwWM=,tag:NyYUcaERK7vrBUySGHb+Hw==,type:str] encrypted_regex: ^(data|stringData)$ mac_only_encrypted: true version: 3.11.0 diff --git a/kubernetes/apps/database-system/mysql-operator/kustomization.yaml b/kubernetes/apps/database-system/mysql-operator/kustomization.yaml index e69de29..7aacfdb 100644 --- a/kubernetes/apps/database-system/mysql-operator/kustomization.yaml +++ b/kubernetes/apps/database-system/mysql-operator/kustomization.yaml @@ -0,0 +1,6 @@ +--- +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +resources: + - ./app.ks.yaml diff --git a/kubernetes/apps/security/infisical/app/helmrelease.yaml b/kubernetes/apps/security/infisical/app/helmrelease.yaml index c0defd9..ccdc5f9 100644 --- a/kubernetes/apps/security/infisical/app/helmrelease.yaml +++ b/kubernetes/apps/security/infisical/app/helmrelease.yaml @@ -35,6 +35,10 @@ spec: name: infisical-secret valuesKey: authSecret targetPath: backendEnvironmentVariables.JWT_AUTH_SECRET + - kind: Secret + name: infisical-db-pguser-infisical + valuesKey: uri + targetPath: backendEnvironmentVariables.DB_CONNECTION_URI values: fullnameOverride: *name @@ -58,6 +62,7 @@ spec: image: registry: docker.io repository: bitnami/redis - tag: "7.0.11-debian-11-r12" + tag: "7.0.12-debian-11-r0" + auth: enabled: false diff --git a/kubernetes/apps/security/infisical/app/kustomization.yaml b/kubernetes/apps/security/infisical/app/kustomization.yaml index 27dd215..3648a37 100644 --- a/kubernetes/apps/security/infisical/app/kustomization.yaml +++ b/kubernetes/apps/security/infisical/app/kustomization.yaml @@ -7,3 +7,4 @@ resources: - ./helmrepository.yaml - ./httproute.yaml - ./secret.sops.yaml + - ./postgres-cluster.yaml diff --git a/kubernetes/apps/security/infisical/app/postgres-cluster.yaml b/kubernetes/apps/security/infisical/app/postgres-cluster.yaml index da8b2b6..ad47c09 100644 --- a/kubernetes/apps/security/infisical/app/postgres-cluster.yaml +++ b/kubernetes/apps/security/infisical/app/postgres-cluster.yaml @@ -1,10 +1,11 @@ -apiVersion: postgres-operator.crunchydata.com/v1beta1 +apiVersion: postgres-operator.crunchydata.com/v1 + kind: PostgresCluster metadata: name: infisical-db namespace: security spec: - image: registry.developers.crunchydata.com/crunchydata/crunchy-postgres:centos8-15.0-0 + image: registry.developers.crunchydata.com/crunchydata/crunchy-postgres:ubi9-15.15-2550 postgresVersion: 15 instances: - name: instance1 @@ -16,7 +17,8 @@ spec: storage: 5Gi backups: pgbackrest: - image: registry.developers.crunchydata.com/crunchydata/crunchy-pgbackrest:centos8-2.41-0 + image: registry.developers.crunchydata.com/crunchydata/crunchy-pgbackrest:ubi9-2.56.0-2550 + repos: - name: repo1 volume: