From 5a7c8abb781309c0d8c4e0aee9b0cc462f5de405 Mon Sep 17 00:00:00 2001
From: Om Mishra <32200996+mishraomp@users.noreply.github.com>
Date: Wed, 6 Mar 2024 13:28:54 -0800
Subject: [PATCH] fix: autoscaling and secrets (#1862)

Signed-off-by: OMPRAKASH MISHRA <omprakashmishra3978@gmail.com>
---
 .github/workflows/merge.yml       | 2 +-
 .github/workflows/pr-open.yml     | 3 ++-
 charts/app/templates/_helpers.tpl | 7 +++++++
 charts/app/templates/secret.yaml  | 4 ++--
 charts/app/values.yaml            | 5 ++---
 5 files changed, 14 insertions(+), 7 deletions(-)

diff --git a/.github/workflows/merge.yml b/.github/workflows/merge.yml
index 6f653909f..46c82f034 100644
--- a/.github/workflows/merge.yml
+++ b/.github/workflows/merge.yml
@@ -55,7 +55,7 @@ jobs:
       params:
         --set backend.deploymentStrategy=RollingUpdate
         --set frontend.deploymentStrategy=RollingUpdate
-
+        --set global.autoscaling=true
   promote:
     name: Promote Images
     needs: [deploy-prod, vars]
diff --git a/.github/workflows/pr-open.yml b/.github/workflows/pr-open.yml
index b399286c1..291ea02b8 100644
--- a/.github/workflows/pr-open.yml
+++ b/.github/workflows/pr-open.yml
@@ -41,7 +41,8 @@ jobs:
       oc_token: ${{ secrets.OC_TOKEN }}
     with:
       triggers: ('backend/', 'frontend/', 'migrations/')
-
+      params:
+        --set global.secrets.persist=false
   tests:
     name: Tests
     needs: [deploys]
diff --git a/charts/app/templates/_helpers.tpl b/charts/app/templates/_helpers.tpl
index 9f6bfa397..de0959996 100644
--- a/charts/app/templates/_helpers.tpl
+++ b/charts/app/templates/_helpers.tpl
@@ -46,3 +46,10 @@ app.kubernetes.io/instance: {{ .Release.Name }}
 {{- end }}
 
 
+{{- define "secretLabels" -}}
+{{ include "labels" . }}
+{{- if .Values.global.secrets.persist }}
+annotations:
+    "helm.sh/resource-policy": "keep"
+{{- end }}
+{{- end }}
diff --git a/charts/app/templates/secret.yaml b/charts/app/templates/secret.yaml
index 375880871..96e53600e 100644
--- a/charts/app/templates/secret.yaml
+++ b/charts/app/templates/secret.yaml
@@ -16,8 +16,8 @@ apiVersion: v1
 kind: Secret
 metadata:
   name: {{ .Release.Name }}
-  labels: {{- include "selectorLabels" . | nindent 4 }}
-    "helm.sh/resource-policy": keep
+  labels: {{- include "secretLabels" . | nindent 4 }}
+
 data:
   databasePassword: {{ $databasePassword | quote }}
   postgres-password: {{ $databasePassword  | quote }}
diff --git a/charts/app/values.yaml b/charts/app/values.yaml
index db8c07d96..8ffa85648 100644
--- a/charts/app/values.yaml
+++ b/charts/app/values.yaml
@@ -9,15 +9,14 @@ global:
   #-- the tag of the image, it can be latest, 1.0.0 etc..., or the sha256 hash
   tag: ~
   #-- turn off autoscaling for the entire suite by setting this to false. default is true.
-  autoscaling: true
+  autoscaling: false
   #-- global secrets, can be accessed by sub-charts.
   secrets:
     enabled: true
     databasePassword: ~
     databaseUser: ~
     databaseName: ~
-    annotation:
-      helm.sh/policy: "keep"
+    persist: true
   #-- domain of the application, it is required, apps.silver.devops.gov.bc.ca for silver cluster and apps.devops.gov.bc.ca for gold cluster
   domain: "apps.silver.devops.gov.bc.ca" # it is apps.gold.devops.gov.bc.ca for gold cluster
   #-- the database Alias gives a nice way to switch to different databases, crunchy, patroni ... etc.