Don't recreate rethinkdb password when running on existing environment

[viv-4]

No description provided.

[viv-4]

If the pod (and stateful set) are removed, eg. uninstalled via ansible, then a subsequent ansible install will regenerate and overwrite the password secret.
The uninstall does not remove the rethinkdb volume however so it is still configured with the old password unless manually removed before install.

[viv-4]

This actually is not an issue with secret generation but rather with the ansible/helm uninstall not removing persistent volumes (known issue, https://github.com/place-labs/k8s-helm/blob/master/ansible/README.md#limitations).
Secrets are designed to be preserved over upgrades: https://github.com/place-labs/k8s-helm/tree/master/charts#design-notes

[viv-4]

Reopening as the issue is present when running current ansible playbook: a041740

• Rethinkdb password secret is changed even though it already exists and is checked for by ansible

Requires further investigation

[viv-4]

Due to the rethinkdbPassword release var not being found:

TASK [placeos.helm.releasevars : get the existing release var] *******************************************
task path: ~/k8s-helm/ansible/roles/placeos.helm.releasevars/tasks/lookup.yaml:15     
skipping: [k8s] => (item=rethinkdbPassword)  => {                                                         
    "ansible_loop_var": "item",                                                                           
    "changed": false,                                                                                     
    "item": "rethinkdbPassword",                                                                          
    "skip_reason": "Conditional result was False"                                                         
}

Previous step TASK [placeos.helm.releasevars : check release current state] does not include a rethinkdbPassword in it's returned status.values
The release name is rethinkdb and not placeos as defined the above task.
The release names were changed when the release namespace was set to placeos for all charts.
Changing this line to name: "rethinkdb" resolves this specific issue, as this is the only release var value actually being used:

k8s-helm/ansible/roles/placeos.helm.releasevars/tasks/lookup.yaml

Line 5 in ddab78e

name: "{{ chart_release_name }}"

However the same issue is present for postgresql, and all services should ideally also be using existing values (configMap/secret) when running helm upgrade unless intentionally being changed.
Will look into potentially running the check release current state and get the existing release var task before running each chart with that charts release name.