Update the password name logic

charts/nautobot/templates/_helpers.tpl

@@ -186,35 +186,82 @@ We truncate at 63 chars because some Kubernetes name fields are limited to this
   {{- end -}}
 {{- end -}}
 
+{{/*
+Generate the secret that is used for `NAUTOBOT_DB_PASSWORD` environmental variable
+in nautobot-deployment.yaml.
+
+The following is the logic:
+* If you have an existing K8s Secret containing the password it will take the secret from there.
+  Note: If you deploy PostgreSQL as part of this chart (postgreslq.enabled==true) you have to
+        also define `postgresql.auth.existingSecret`
+  Test:
+    nautobot:
+      db:
+        existingSecret: "my-db-secret"
+        existingSecretPasswordKey: "password"
+
+* If the existing secret is not defined and you deploy PostgreSQL as part of this chart
+  it either takes the values from the existing secret defined in the postgresql
+  subchart (if defined) or it takes the secret that is generated by the subchart, which
+  is done automatically when the subchart is enabled. The name of the secret that
+  the subchart generates consists of <release name>-<nameOverride>. If you don't
+  define the postgresql.nameOverride it takes "postgresql".
+
+  Test1:
+    `kubectl create secret generic my-db-secret --from-literal=password=mydbpassword --from-literal=postgresql-password=myadminpassword`
+
+    postgresql:
+      enabled: true
+      auth:
+        existingSecret: "my-db-secret"
+
+  Test2:
+    postgresql:
+      enabled: true
+
+* The same logic is used for PostgreSQL in HA mode.
+* TODO: Describe mariadb
+* TODO: describe else
+
+*/}}
 {{- define "nautobot.database.passwordName" -}}
   {{- if .Values.nautobot.db.existingSecret -}}
     {{- .Values.nautobot.db.existingSecret -}}
   {{- else if eq .Values.postgresql.enabled true -}}
-      {{- default (printf "%s-postgresql" (include "common.names.fullname" .)) .Values.postgresql.auth.existingSecret -}}
-  {{- else if eq .Values.postgresqlha.enabled true -}}
     {{- if .Values.postgresql.auth.existingSecret -}}
-      {{- default (printf "%s-postgresql" (include "common.names.fullname" .)) .Values.postgresqlha.auth.existingSecret -}}
+      {{- .Values.postgresql.auth.existingSecret -}}
+    {{- else -}}
+      {{- printf "%s-%s" .Release.Name (default "postgresql" .Values.postgresql.nameOverride) -}}
+    {{- end -}}
+  {{- else if eq .Values.postgresqlha.enabled true -}}
+    {{- if .Values.postgresqlha.auth.existingSecret -}}
+      {{- .Values.postgresqlha.auth.existingSecret -}}
     {{- else -}}
-      {{- printf "%s-db-password" (include "common.names.fullname" .) -}}
+      {{- printf "%s-%s" .Release.Name (default "postgresql" .Values.postgresqlha.nameOverride) -}}
     {{- end -}}
   {{- else if eq .Values.mariadb.enabled true -}}
-      {{- default (printf "%s-mariadb" (include "common.names.fullname" .)) .Values.mariadb.auth.existingSecret -}}
+      {{- default (printf "%s-mariadb" .Release.Name ) .Values.mariadb.auth.existingSecret -}}
   {{- else -}}
     {{- printf "%s-db-password" (include "common.names.fullname" .) -}}
   {{- end -}}
 {{- end -}}
 
+
 {{- define "nautobot.database.passwordKey" -}}
   {{- if .Values.nautobot.db.existingSecret -}}
     {{- .Values.nautobot.db.existingSecretPasswordKey -}}
   {{- else if eq .Values.postgresql.enabled true -}}
-    {{- if .Values.postgresql.auth.existingSecret -}}
+    {{- if and .Values.postgresql.auth.existingSecret .Values.postgresql.auth.secretKeys -}}
       {{- default "password" .Values.postgresql.auth.secretKeys.userPasswordKey -}}
     {{- else -}}
       {{- printf "password" -}}
     {{- end -}}
   {{- else if eq .Values.postgresqlha.enabled true -}}
-      {{- printf "postgresql-password" -}}
+    {{- if and .Values.postgresqlha.auth.existingSecret .Values.postgresqlha.auth.secretKeys -}}
+      {{- default "password" .Values.postgresqlha.auth.secretKeys.userPasswordKey -}}
+    {{- else -}}
+      {{- printf "password" -}}
+    {{- end -}}
   {{- else if eq .Values.mariadb.enabled true -}}
       {{- printf "mariadb-password" -}}
   {{- else -}}