From f92b010f4df7ee45bac8b9fcebbc37824ee41392 Mon Sep 17 00:00:00 2001
From: Asaf Levy <asaf400@gmail.com>
Date: Wed, 1 May 2024 16:29:14 +0300
Subject: [PATCH 1/2] Update values.yaml

---
 helm/superset/values.yaml | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/helm/superset/values.yaml b/helm/superset/values.yaml
index 2e5517ebe97e3..5ccb1d8e63f72 100644
--- a/helm/superset/values.yaml
+++ b/helm/superset/values.yaml
@@ -31,6 +31,11 @@ fullnameOverride: ~
 # Running containers as root is not recommended in production. Change this to another UID - e.g. 1000 to be more secure
 runAsUser: 0
 
+# -- Specify rather or not helm should create the secret described in `secret-env.yaml` template
+secretEnv:
+  # -- Change to false in order to support externally created secret (Binami "Sealed Secrets" for Kubernetes or External Secrets Operator)
+  create: true
+
 # -- Specify service account name to be used
 serviceAccountName: ~
 serviceAccount:

From f68c674daaf532f216a2b178988ad91ab4134387 Mon Sep 17 00:00:00 2001
From: Asaf Levy <asaf400@gmail.com>
Date: Wed, 1 May 2024 16:35:49 +0300
Subject: [PATCH 2/2] allow chart operator to deploy without creating the
 secret-env

---
 helm/superset/templates/secret-env.yaml | 3 ++-
 helm/superset/values.yaml               | 1 +
 2 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/helm/superset/templates/secret-env.yaml b/helm/superset/templates/secret-env.yaml
index f2a9d7af03f91..c8cab23806730 100644
--- a/helm/superset/templates/secret-env.yaml
+++ b/helm/superset/templates/secret-env.yaml
@@ -16,7 +16,7 @@
  limitations under the License.
 
 */}}
-
+{{- if .Values.secretEnv.create -}}
 apiVersion: v1
 kind: Secret
 metadata:
@@ -51,3 +51,4 @@ stringData:
     {{ $key }}: {{ $value | quote }}
     {{- end }}
     {{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/helm/superset/values.yaml b/helm/superset/values.yaml
index 5ccb1d8e63f72..527c7f0f84d35 100644
--- a/helm/superset/values.yaml
+++ b/helm/superset/values.yaml
@@ -34,6 +34,7 @@ runAsUser: 0
 # -- Specify rather or not helm should create the secret described in `secret-env.yaml` template
 secretEnv:
   # -- Change to false in order to support externally created secret (Binami "Sealed Secrets" for Kubernetes or External Secrets Operator)
+  # note: when externally creating the secret, the chart still expects to pull values from the name of the release - full logic located in _helpers.tpl file: `define "superset.fullname"`
   create: true
 
 # -- Specify service account name to be used