Skip to content

Commit 8e9ef41

Browse files
bobbyilievbobbyiliev
committed
Add password auth support
1 parent 577cfcb commit 8e9ef41

File tree

3 files changed

+36
-5
lines changed

3 files changed

+36
-5
lines changed

kubernetes/modules/materialize-instance/README.md

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -28,6 +28,7 @@ No modules.
2828

2929
| Name | Description | Type | Default | Required |
3030
|------|-------------|------|---------|:--------:|
31+
| <a name="input_authenticator_kind"></a> [authenticator\_kind](#input\_authenticator\_kind) | Kind of authenticator to use for Materialize instance | `string` | `"None"` | no |
3132
| <a name="input_balancer_cpu_request"></a> [balancer\_cpu\_request](#input\_balancer\_cpu\_request) | CPU request for balancer | `string` | `"100m"` | no |
3233
| <a name="input_balancer_memory_limit"></a> [balancer\_memory\_limit](#input\_balancer\_memory\_limit) | Memory limit for balancer | `string` | `"256Mi"` | no |
3334
| <a name="input_balancer_memory_request"></a> [balancer\_memory\_request](#input\_balancer\_memory\_request) | Memory request for balancer | `string` | `"256Mi"` | no |
@@ -36,6 +37,7 @@ No modules.
3637
| <a name="input_environmentd_extra_args"></a> [environmentd\_extra\_args](#input\_environmentd\_extra\_args) | Extra command line arguments for environmentd | `list(string)` | `[]` | no |
3738
| <a name="input_environmentd_extra_env"></a> [environmentd\_extra\_env](#input\_environmentd\_extra\_env) | Extra environment variables for environmentd | <pre>list(object({<br/> name = string<br/> value = string<br/> }))</pre> | `[]` | no |
3839
| <a name="input_environmentd_version"></a> [environmentd\_version](#input\_environmentd\_version) | Version of environmentd to use | `string` | `"v0.130.13"` | no |
40+
| <a name="input_external_login_password_mz_system"></a> [external\_login\_password\_mz\_system](#input\_external\_login\_password\_mz\_system) | Password for external login to mz\_system | `string` | `null` | no |
3941
| <a name="input_force_rollout"></a> [force\_rollout](#input\_force\_rollout) | UUID to force a rollout | `string` | `"00000000-0000-0000-0000-000000000001"` | no |
4042
| <a name="input_in_place_rollout"></a> [in\_place\_rollout](#input\_in\_place\_rollout) | Whether to perform in-place rollouts | `bool` | `true` | no |
4143
| <a name="input_instance_name"></a> [instance\_name](#input\_instance\_name) | Name of the Materialize instance | `string` | n/a | yes |

kubernetes/modules/materialize-instance/main.tf

Lines changed: 11 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -25,6 +25,7 @@ resource "kubernetes_manifest" "materialize_instance" {
2525
spec = {
2626
environmentdImageRef = "materialize/environmentd:${var.environmentd_version}"
2727
backendSecretName = "${var.instance_name}-materialize-backend"
28+
authenticatorKind = var.authenticator_kind
2829
inPlaceRollout = var.in_place_rollout
2930
requestRollout = var.request_rollout
3031
forceRollout = var.force_rollout
@@ -73,11 +74,16 @@ resource "kubernetes_secret" "materialize_backend" {
7374
namespace = var.instance_namespace
7475
}
7576

76-
data = {
77-
metadata_backend_url = var.metadata_backend_url
78-
persist_backend_url = var.persist_backend_url
79-
license_key = var.license_key == null ? "" : var.license_key
80-
}
77+
data = merge(
78+
{
79+
metadata_backend_url = var.metadata_backend_url
80+
persist_backend_url = var.persist_backend_url
81+
license_key = var.license_key == null ? "" : var.license_key
82+
},
83+
var.authenticator_kind == "Password" && var.external_login_password_mz_system != null ? {
84+
external_login_password_mz_system = var.external_login_password_mz_system
85+
} : {}
86+
)
8187

8288
depends_on = [
8389
kubernetes_namespace.instance

kubernetes/modules/materialize-instance/variables.tf

Lines changed: 23 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -120,3 +120,26 @@ variable "balancer_cpu_request" {
120120
type = string
121121
default = "100m"
122122
}
123+
124+
variable "authenticator_kind" {
125+
description = "Kind of authenticator to use for Materialize instance"
126+
type = string
127+
default = "None"
128+
129+
validation {
130+
condition = contains(["None", "Password"], var.authenticator_kind)
131+
error_message = "Authenticator kind must be either 'None' or 'Password'"
132+
}
133+
}
134+
135+
variable "external_login_password_mz_system" {
136+
description = "Password for external login to mz_system"
137+
type = string
138+
default = null
139+
sensitive = true
140+
141+
validation {
142+
condition = var.authenticator_kind == "Password" || var.external_login_password_mz_system == null
143+
error_message = "external_login_password_mz_system must be set if authenticator_kind is 'Password'"
144+
}
145+
}

0 commit comments

Comments
 (0)