Add pgo/external db support to coral credits

roles/coral_credits/defaults/main.yaml

@@ -3,7 +3,7 @@
 # The chart to use
 coral_credits_chart_repo: https://stackhpc.github.io/coral-credits
 coral_credits_chart_name: coral-credits
-coral_credits_chart_version: 0.3.1-dev.0.add-servicemonitor.5
+coral_credits_chart_version: 0.3.2-dev.0.requirements-psycopg2.2
 
 # Release information for the coral credits release
 coral_credits_release_namespace: "{{ azimuth_release_namespace | default('azimuth') }}"
@@ -12,6 +12,35 @@ coral_credits_release_name: coral-credits
 # The timeout to wait for coral credits API to become ready
 coral_credits_wait_timeout: 10m
 
+# Feature flags
+#   Indicates if coral credits should be enabled
+coral_credits_enabled: yes
+
+# Database settings
+#   The name of the database resource
+coral_credits_database_name: "coral-credits-db"
+#   The username for the database
+coral_credits_database_user:
+#   The password for the database
+coral_credits_database_password:
+#   The URL for the database
+coral_credits_database_url:
+#   The port for the database
+coral_credits_database_port:
+#   The Django engine for the database
+coral_credits_database_engine: "django.db.backends.postgresql"
+#   The storage class to use for the database volume
+#   If left blank, the default storage class will be used
+coral_credits_database_data_volume_storage_class:
+#   The storage class to use for the backup volume
+#   By default, this is the same as the data volume
+coral_credits_database_backup_volume_storage_class: "{{ coral_credits_database_data_volume_storage_class }}"
+#   The size of the data volume for the database
+coral_credits_database_data_volume_size: 8Gi
+#   The size of the backup volume for the database
+#   By default, this is the same as the data volume
+coral_credits_database_backup_volume_size: "{{ coral_credits_database_data_volume_size }}"
+
 # Ingress settings
 #   The hostname for Coral credits ingress resources
 coral_credits_ingress_host: >-
@@ -27,7 +56,7 @@ coral_credits_ingress_annotations: "{{ ingress_annotations | default({}) }}"
 #   Indicates whether TLS should be enabled
 coral_credits_ingress_tls_enabled: "{{ ingress_tls_enabled | default(True) }}"
 #   The TLS secret name (can be null)
-coral_credits_ingress_tls_secret_name: "{{ ingress_tls_secret_name | default('coral-cedits-tls') }}"
+coral_credits_ingress_tls_secret_name: "{{ ingress_tls_secret_name | default('coral-cedits-tls', true) }}"
 #   Any TLS-specific annotations
 coral_credits_ingress_tls_annotations: "{{ ingress_tls_annotations | default({}) }}"
 #   Wildcard TLS certificate, if available
@@ -42,8 +71,7 @@ coral_credits_ingress_tls_key: >-
 # The admin username to use for coral credits
 coral_credits_admin_username: admin
 # The admin password to use for coral credits
-coral_credits_admin_password: >-
-  {{ undef(hint = 'coral_credits_admin_password is required') }}
+coral_credits_admin_password: admin
 
 # The values for the release
 coral_credits_release_defaults:
@@ -57,6 +85,13 @@ coral_credits_release_defaults:
   settings:
     superuserUsername: "{{ coral_credits_admin_username }}"
     superuserPassword: "{{ coral_credits_admin_password }}"
+    database:
+      engine: "{{ coral_credits_database_engine }}"
+      name: "{{ coral_credits_database_name }}"
+      user: "{{ coral_credits_database_user }}"
+      password: "{{ coral_credits_database_password | quote }}"
+      host: "{{ coral_credits_database_url }}"
+      port: "{{ coral_credits_database_port }}"
 
 coral_credits_release_overrides: {}
 coral_credits_release_values: >-

roles/coral_credits/tasks/main.yaml

@@ -1,5 +1,39 @@
 ---
 
+- name: Deploy internal database
+  include_role:
+    name: azimuth_cloud.azimuth_ops.postgres_operator
+    tasks_from: database.yml
+    defaults_from: database.yml
+  vars:
+    pgo_database_name: "{{ coral_credits_database_name }}"
+    pgo_database_namespace: "{{ coral_credits_release_namespace }}"
+    pgo_database_data_volume_storage_class: "{{ coral_credits_database_data_volume_storage_class }}"
+    pgo_database_backup_volume_storage_class: "{{ coral_credits_database_backup_volume_storage_class }}"
+    pgo_database_data_volume_size: "{{ coral_credits_database_data_volume_size }}"
+    pgo_database_backup_volume_size: "{{ coral_credits_database_backup_volume_size }}"
+
+- name: Get database secret
+  command: >-
+    kubectl get secret coral-credits-db-pguser-coral-credits-db
+    --namespace {{ coral_credits_release_namespace }}
+    --output json
+  register: coral_credits_raw_secret
+  no_log: true
+
+- name: Read database secret
+  set_fact:
+    coral_credits_secret: "{{ coral_credits_raw_secret.stdout | from_json }}"
+  no_log: true
+
+- name: Set database authentication variables
+  set_fact:
+    coral_credits_database_user: "{{ coral_credits_secret.data.user | b64decode }}"
+    coral_credits_database_password: "{{ coral_credits_secret.data.password | b64decode }}"
+    coral_credits_database_url: "{{ coral_credits_secret.data.host | b64decode }}"
+    coral_credits_database_port: "{{ coral_credits_secret.data.port | b64decode }}"
+  no_log: true
+
 - name: Install wildcard TLS certificate
   command: kubectl apply -f -
   args: