Skip to content

Commit

Permalink
fix(helm): make different secrets for backend, postgres DB and flyway…
Browse files Browse the repository at this point in the history
… and remove unnecessary secret entries (#2011)

Signed-off-by: OMPRAKASH MISHRA <[email protected]>
  • Loading branch information
mishraomp authored Jun 14, 2024
1 parent e515e24 commit 048ba60
Show file tree
Hide file tree
Showing 3 changed files with 32 additions and 15 deletions.
4 changes: 2 additions & 2 deletions charts/app/templates/backend/templates/deployment.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,7 @@ spec:
imagePullPolicy: {{ default "Always" .Values.backend.imagePullPolicy }}
envFrom:
- secretRef:
name: {{.Release.Name}}
name: {{.Release.Name}}-flyway
env:
- name: FLYWAY_BASELINE_ON_MIGRATE
value: "true"
Expand All @@ -59,7 +59,7 @@ spec:
imagePullPolicy: {{ default "Always" .Values.backend.imagePullPolicy }}
envFrom:
- secretRef:
name: {{.Release.Name}}
name: {{.Release.Name}}-backend
env:
- name: LOG_LEVEL
value: info
Expand Down
41 changes: 29 additions & 12 deletions charts/app/templates/secret.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -15,27 +15,44 @@
apiVersion: v1
kind: Secret
metadata:
name: {{ .Release.Name }}
name: {{ .Release.Name }}-backend
labels: {{- include "labels" . | nindent 4 }}
{{- if .Values.global.secrets.persist }}
annotations:
helm.sh/resource-policy: keep
{{- end }}
data:
databasePassword: {{ $databasePassword | quote }}
postgres-password: {{ $databasePassword | quote }}
password: {{ $databasePassword | quote }}
databaseUser: {{ $databaseUser | b64enc | quote }}
databaseName: {{ $databaseName | b64enc | quote }}
databaseURL: {{ $databaseURL | b64enc | quote }}
databaseJDBCURL: {{ $databaseJDBCURL | b64enc | quote }}
databaseJDBCURLNoCreds: {{ $databaseJDBCURLNoCreds | b64enc | quote }}
FLYWAY_URL: {{ $databaseJDBCURLNoCreds | b64enc | quote }}
FLYWAY_USER: {{ $databaseUser | b64enc | quote }}
FLYWAY_PASSWORD: {{ $databasePassword | quote }}
POSTGRES_PASSWORD: {{ $databasePassword | quote }}
POSTGRES_USER: {{ $databaseUser | b64enc | quote }}
POSTGRES_DATABASE: {{ $databaseName | b64enc | quote }}
POSTGRES_HOST: {{ $hostWithoutPort | b64enc | quote }}

---
apiVersion: v1
kind: Secret
metadata:
name: {{ .Release.Name }}-flyway
labels: {{- include "labels" . | nindent 4 }}
{{- if .Values.global.secrets.persist }}
annotations:
helm.sh/resource-policy: keep
{{- end }}
data:
FLYWAY_URL: {{ $databaseJDBCURLNoCreds | b64enc | quote }}
FLYWAY_USER: {{ $databaseUser | b64enc | quote }}
FLYWAY_PASSWORD: {{ $databasePassword | quote }}

---
apiVersion: v1
kind: Secret
metadata:
name: {{ .Release.Name }}-database
labels: {{- include "labels" . | nindent 4 }}
{{- if .Values.global.secrets.persist }}
annotations:
helm.sh/resource-policy: keep
{{- end }}
data:
postgres-password: {{ $databasePassword | quote }}
password: {{ $databasePassword | quote }}
{{- end }}
2 changes: 1 addition & 1 deletion charts/app/values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -213,7 +213,7 @@ bitnami-pg:
repository: bcgov/nr-containers/bitnami/postgresql
tag: 15.7.0
auth:
existingSecret: '{{ .Release.Name }}'
existingSecret: '{{ .Release.Name }}-database'
username: 'quickstart'
database: quickstart
shmVolume:
Expand Down

0 comments on commit 048ba60

Please sign in to comment.