From a5c9c733f62c97eaa66014444f8e73dcefc0909f Mon Sep 17 00:00:00 2001
From: Philippe Caseiro <pcaseiro@cadoles.com>
Date: Thu, 26 Sep 2024 09:50:54 +0200
Subject: [PATCH 1/4] feat(postgres): adding hydra max_conns parameter support

Mandatory for large scale deployements
---
 .../hydra-cnpg-database/kustomization.yaml    | 22 -------------------
 .../patches/hydra-deployment.yaml             | 14 +++++++++---
 .../patches/hydra-janitor-cronjob.yaml        | 14 +++++++++---
 .../patches/hydra-migrate-job.yaml            | 14 +++++++++---
 .../resources/hydra-cnpg-cluster.yaml         |  6 +----
 resources/hydra/kustomization.yaml            |  1 +
 6 files changed, 35 insertions(+), 36 deletions(-)

diff --git a/components/hydra-cnpg-database/kustomization.yaml b/components/hydra-cnpg-database/kustomization.yaml
index 4ebccef..737555f 100644
--- a/components/hydra-cnpg-database/kustomization.yaml
+++ b/components/hydra-cnpg-database/kustomization.yaml
@@ -7,28 +7,6 @@ configurations:
 resources:
 - ./resources/hydra-cnpg-cluster.yaml
 
-secretGenerator:
-- name: hydra-postgres-admin
-  type: Secret
-  literals:
-  - username=postgres
-  - password=NotSoSecret
-- name: hydra-postgres-user
-  type: Secret
-  literals:
-  - username=hydra
-  - password=NotSoSecret
-
-
-vars:
-- name: HYDRA_DATABASE_SERVICE_NAME
-  objref:
-    name: hydra-postgres
-    kind: Cluster
-    apiVersion: postgresql.cnpg.io/v1
-  fieldref:
-    fieldpath: metadata.name
-
 patches:
 - target:
     group: apps
diff --git a/components/hydra-cnpg-database/patches/hydra-deployment.yaml b/components/hydra-cnpg-database/patches/hydra-deployment.yaml
index 6185612..db7d518 100644
--- a/components/hydra-cnpg-database/patches/hydra-deployment.yaml
+++ b/components/hydra-cnpg-database/patches/hydra-deployment.yaml
@@ -4,7 +4,7 @@
     name: HYDRA_DATABASE_USER
     valueFrom:
       secretKeyRef:
-        name: hydra-postgres-user
+        name: hydra-postgres-app
         key: username
 - op: add
   path: "/spec/template/spec/containers/0/env/-"
@@ -12,10 +12,18 @@
     name: HYDRA_DATABASE_PASSWORD
     valueFrom:
       secretKeyRef:
-        name: hydra-postgres-user
+        name: hydra-postgres-app
         key: password
+- op: add
+  path: "/spec/template/spec/containers/0/env/-"
+  value:
+    name: HYDRA_DATABASE_SERVICE_NAME
+    valueFrom:
+      secretKeyRef:
+        name: hydra-postgres-app
+        key: host
 - op: add
   path: "/spec/template/spec/containers/0/env/-"
   value:
     name: DSN
-    value: "postgres://$(HYDRA_DATABASE_USER):$(HYDRA_DATABASE_PASSWORD)@$(HYDRA_DATABASE_SERVICE_NAME)-rw:5432/hydra?sslmode=disable"
\ No newline at end of file
+    value: "postgres://$(HYDRA_DATABASE_USER):$(HYDRA_DATABASE_PASSWORD)@$(HYDRA_DATABASE_SERVICE_NAME):5432/hydra?sslmode=disable&max_conns=$(HYDRA_DATABASE_MAX_CONN)"
diff --git a/components/hydra-cnpg-database/patches/hydra-janitor-cronjob.yaml b/components/hydra-cnpg-database/patches/hydra-janitor-cronjob.yaml
index a8f576e..467742b 100644
--- a/components/hydra-cnpg-database/patches/hydra-janitor-cronjob.yaml
+++ b/components/hydra-cnpg-database/patches/hydra-janitor-cronjob.yaml
@@ -4,7 +4,7 @@
     name: HYDRA_DATABASE_USER
     valueFrom:
       secretKeyRef:
-        name: hydra-postgres-user
+        name: hydra-postgres-app
         key: username
 - op: add
   path: "/spec/jobTemplate/spec/template/spec/containers/0/env/-"
@@ -12,10 +12,18 @@
     name: HYDRA_DATABASE_PASSWORD
     valueFrom:
       secretKeyRef:
-        name: hydra-postgres-user
+        name: hydra-postgres-app
         key: password
+- op: add
+  path: "/spec/jobTemplate/spec/template/spec/containers/0/env/-"
+  value:
+    name: HYDRA_DATABASE_SERVICE_NAME
+    valueFrom:
+      secretKeyRef:
+        name: hydra-postgres-app
+        key: host
 - op: add
   path: "/spec/jobTemplate/spec/template/spec/containers/0/env/-"
   value:
     name: DSN
-    value: "postgres://$(HYDRA_DATABASE_USER):$(HYDRA_DATABASE_PASSWORD)@$(HYDRA_DATABASE_SERVICE_NAME)-rw:5432/hydra?sslmode=disable"
\ No newline at end of file
+    value: "postgres://$(HYDRA_DATABASE_USER):$(HYDRA_DATABASE_PASSWORD)@$(HYDRA_DATABASE_SERVICE_NAME):5432/hydra?sslmode=disable"
diff --git a/components/hydra-cnpg-database/patches/hydra-migrate-job.yaml b/components/hydra-cnpg-database/patches/hydra-migrate-job.yaml
index 6185612..c5e4447 100644
--- a/components/hydra-cnpg-database/patches/hydra-migrate-job.yaml
+++ b/components/hydra-cnpg-database/patches/hydra-migrate-job.yaml
@@ -4,7 +4,7 @@
     name: HYDRA_DATABASE_USER
     valueFrom:
       secretKeyRef:
-        name: hydra-postgres-user
+        name: hydra-postgres-app
         key: username
 - op: add
   path: "/spec/template/spec/containers/0/env/-"
@@ -12,10 +12,18 @@
     name: HYDRA_DATABASE_PASSWORD
     valueFrom:
       secretKeyRef:
-        name: hydra-postgres-user
+        name: hydra-postgres-app
         key: password
+- op: add
+  path: "/spec/template/spec/containers/0/env/-"
+  value:
+    name: HYDRA_DATABASE_SERVICE_NAME
+    valueFrom:
+      secretKeyRef:
+        name: hydra-postgres-app
+        key: host
 - op: add
   path: "/spec/template/spec/containers/0/env/-"
   value:
     name: DSN
-    value: "postgres://$(HYDRA_DATABASE_USER):$(HYDRA_DATABASE_PASSWORD)@$(HYDRA_DATABASE_SERVICE_NAME)-rw:5432/hydra?sslmode=disable"
\ No newline at end of file
+    value: "postgres://$(HYDRA_DATABASE_USER):$(HYDRA_DATABASE_PASSWORD)@$(HYDRA_DATABASE_SERVICE_NAME):5432/hydra?sslmode=disable"
diff --git a/components/hydra-cnpg-database/resources/hydra-cnpg-cluster.yaml b/components/hydra-cnpg-database/resources/hydra-cnpg-cluster.yaml
index 7f48955..8d910f1 100644
--- a/components/hydra-cnpg-database/resources/hydra-cnpg-cluster.yaml
+++ b/components/hydra-cnpg-database/resources/hydra-cnpg-cluster.yaml
@@ -5,13 +5,9 @@ metadata:
 spec:
   instances: 3
   primaryUpdateStrategy: unsupervised
-  superuserSecret:
-    name: hydra-postgres-admin
   bootstrap:
     initdb:
       database: hydra
       owner: hydra
-      secret:
-        name: hydra-postgres-user
   storage:
-    size: 2Gi
\ No newline at end of file
+    size: 2Gi
diff --git a/resources/hydra/kustomization.yaml b/resources/hydra/kustomization.yaml
index f99e668..c4e4615 100644
--- a/resources/hydra/kustomization.yaml
+++ b/resources/hydra/kustomization.yaml
@@ -30,6 +30,7 @@ configMapGenerator:
   - URLS_CONSENT=http://hydra-consent-app/consent
   - URLS_LOGOUT=http://hydra-logout-app/logout
   - HYDRA_SERVE_ALL_ARGS=--dev
+  - HYDRA_DATABASE_MAX_CONN="10"
   - LOG_LEVEL=info
 
 vars:

From 1cf7569678956abeeb47d5835f00bee3e9cc08fb Mon Sep 17 00:00:00 2001
From: Philippe Caseiro <pcaseiro@cadoles.com>
Date: Wed, 9 Oct 2024 11:37:52 +0200
Subject: [PATCH 2/4] fix(component): adding behavior to secret generator

---
 components/hydra-sql/kustomization.yaml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/components/hydra-sql/kustomization.yaml b/components/hydra-sql/kustomization.yaml
index ae964ce..0504eb2 100644
--- a/components/hydra-sql/kustomization.yaml
+++ b/components/hydra-sql/kustomization.yaml
@@ -11,6 +11,7 @@ generatorOptions:
 
 configMapGenerator:
 - name: hydra-sql-env
+  behavior: create
   literals:
   - ISSUER_URL="http://localhost:8000"
   - BASE_URL='http://localhost:8080'

From 4ec580fb7d9ea440cd76efa4242cd4992de843af Mon Sep 17 00:00:00 2001
From: Philippe Caseiro <pcaseiro@cadoles.com>
Date: Wed, 9 Oct 2024 11:49:39 +0200
Subject: [PATCH 3/4] fix(component): oidc adding behavior to secret generator

---
 components/hydra-oidc/kustomization.yaml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/components/hydra-oidc/kustomization.yaml b/components/hydra-oidc/kustomization.yaml
index deec38c..624818f 100644
--- a/components/hydra-oidc/kustomization.yaml
+++ b/components/hydra-oidc/kustomization.yaml
@@ -11,6 +11,7 @@ generatorOptions:
 
 configMapGenerator:
 - name: hydra-oidc-env
+  behavior: create
   literals:
   - APP_ENV=prod
   - APP_DEBUG=false

From 40ec4440a7ffa9f0d6109e99ba6871a8e47297a5 Mon Sep 17 00:00:00 2001
From: Matthieu Lamalle <mlamalle@cadoles.com>
Date: Thu, 10 Oct 2024 10:31:16 +0200
Subject: [PATCH 4/4] chore(hydra-sql): correction requete password et
 fetchdata et ajout paquet xdebug

---
 components/hydra-sql/resources/hydra-sql-deployment.yaml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/components/hydra-sql/resources/hydra-sql-deployment.yaml b/components/hydra-sql/resources/hydra-sql-deployment.yaml
index de26e1a..610ac62 100644
--- a/components/hydra-sql/resources/hydra-sql-deployment.yaml
+++ b/components/hydra-sql/resources/hydra-sql-deployment.yaml
@@ -21,7 +21,7 @@ spec:
     spec:
       containers:
       - name: hydra-sql-fpm
-        image: reg.cadoles.com/cadoles/hydra-sql-base:2024.9.24-develop.1300.fe4d683
+        image: reg.cadoles.com/cadoles/hydra-sql-base:2024.10.10-develop.1026.8e56433
         imagePullPolicy: Always
         args: ["/usr/sbin/php-fpm81", "-F", "-e"]
         readinessProbe:
@@ -68,7 +68,7 @@ spec:
           subPath: 03_base.ini
 
       - name: hydra-sql-caddy
-        image: reg.cadoles.com/cadoles/hydra-sql-base:2024.9.24-develop.1300.fe4d683
+        image: reg.cadoles.com/cadoles/hydra-sql-base:2024.10.10-develop.1026.8e56433
         imagePullPolicy: Always
         args: ["/usr/sbin/caddy", "run", "--adapter", "caddyfile", "--config", "/etc/caddy/Caddyfile"]
         readinessProbe: