From 99d8217247f2138984a234dd3f786167b75fd2a9 Mon Sep 17 00:00:00 2001 From: Filip Rafaj Date: Tue, 7 May 2024 17:48:06 +0200 Subject: [PATCH] add existingSecret functionality --- docker/kubernetes/helm/templates/api/deployment.yaml | 10 +++++----- .../kubernetes/helm/templates/worker/deployment.yaml | 12 ++++++------ docker/kubernetes/helm/templates/ws/deployment.yaml | 4 ++-- docker/kubernetes/helm/values.yaml | 2 ++ 4 files changed, 15 insertions(+), 13 deletions(-) diff --git a/docker/kubernetes/helm/templates/api/deployment.yaml b/docker/kubernetes/helm/templates/api/deployment.yaml index 93a0f923fb4..c2fc63e43b1 100644 --- a/docker/kubernetes/helm/templates/api/deployment.yaml +++ b/docker/kubernetes/helm/templates/api/deployment.yaml @@ -147,18 +147,18 @@ spec: key: accessKey - name: AWS_SECRET_ACCESS_KEY valueFrom : - secretKeyRef: + secretKeyRef: name: {{ include "novu.s3.secretName" . }} key: secretKey - name: JWT_SECRET valueFrom : - secretKeyRef: - name: {{ include "common.names.fullname" . }} + secretKeyRef: + name: {{ if .Values.existingSecret -}} {{ .Values.existingSecret }} {{- else -}} {{ include "common.names.fullname" . }} {{- end }} key: jwt-secret - name: STORE_ENCRYPTION_KEY valueFrom : - secretKeyRef: - name: {{ include "common.names.fullname" . }} + secretKeyRef: + name: {{ if .Values.existingSecret -}} {{ .Values.existingSecret }} {{- else -}} {{ include "common.names.fullname" . }} {{- end }} key: store-encryption-key {{- if .Values.api.extraEnvVars }} {{- include "common.tplvalues.render" (dict "value" .Values.api.extraEnvVars "context" $) | nindent 12 }} diff --git a/docker/kubernetes/helm/templates/worker/deployment.yaml b/docker/kubernetes/helm/templates/worker/deployment.yaml index df2d0ebd458..02236493430 100644 --- a/docker/kubernetes/helm/templates/worker/deployment.yaml +++ b/docker/kubernetes/helm/templates/worker/deployment.yaml @@ -126,28 +126,28 @@ spec: key: mongoUrl - name: S3_BUCKET_NAME valueFrom : - secretKeyRef: + secretKeyRef: name: {{ include "novu.s3.secretName" . }} key: bucketName - name: S3_REGION valueFrom : - secretKeyRef: + secretKeyRef: name: {{ include "novu.s3.secretName" . }} key: region - name: AWS_ACCESS_KEY_ID valueFrom : - secretKeyRef: + secretKeyRef: name: {{ include "novu.s3.secretName" . }} key: accessKey - name: AWS_SECRET_ACCESS_KEY valueFrom : - secretKeyRef: + secretKeyRef: name: {{ include "novu.s3.secretName" . }} key: secretKey - name: STORE_ENCRYPTION_KEY valueFrom : - secretKeyRef: - name: {{ include "common.names.fullname" . }} + secretKeyRef: + name: {{ if .Values.existingSecret -}} {{ .Values.existingSecret }} {{- else -}} {{ include "common.names.fullname" . }} {{- end }} key: store-encryption-key {{- if .Values.api.extraEnvVars }} {{- include "common.tplvalues.render" (dict "value" .Values.api.extraEnvVars "context" $) | nindent 12 }} diff --git a/docker/kubernetes/helm/templates/ws/deployment.yaml b/docker/kubernetes/helm/templates/ws/deployment.yaml index 54df75c13c1..572d158be58 100644 --- a/docker/kubernetes/helm/templates/ws/deployment.yaml +++ b/docker/kubernetes/helm/templates/ws/deployment.yaml @@ -115,8 +115,8 @@ spec: key: mongoUrl - name: JWT_SECRET valueFrom : - secretKeyRef: - name: {{ include "common.names.fullname" . }} + secretKeyRef: + name: {{ if .Values.existingSecret -}} {{ .Values.existingSecret }} {{- else -}} {{ include "common.names.fullname" . }} {{- end }} key: jwt-secret {{- if .Values.ws.extraEnvVars }} {{- include "common.tplvalues.render" (dict "value" .Values.api.extraEnvVars "context" $) | nindent 12 }} diff --git a/docker/kubernetes/helm/values.yaml b/docker/kubernetes/helm/values.yaml index 783c4ec511a..fff5d5537fb 100644 --- a/docker/kubernetes/helm/values.yaml +++ b/docker/kubernetes/helm/values.yaml @@ -1695,6 +1695,8 @@ metrics: ##@section Secrets definition ## +existingSecret: '' + jwt: ## @param jwt.secret The secret keybase which is used to encrypt / verify the tokens issued for authentication ## Please change this for production use !