helm: add the posibility to add external secrets as env variables #465
Conversation
mikkeschiren
changed the title
|
I will do some more work on this, to add the possibility to add more than one secret. I will will push a change later today. |
mikkeschiren
changed the title
| # type: Opaque | ||
| # data: | ||
| # SECRETS_email_password: MTIzNDU2Nzg5 | ||
| # SECRET: Zm9vaXNiYXI= |
There was a problem hiding this comment.
What does the SECRET one do -- is the point that it's not passed into zulip-secrets, or is it? I feel like the documentation needs to be clearer about how to interpret this example.
There was a problem hiding this comment.
Agree, I will add better example.
| # SECRETS_email_password: MTIzNDU2Nzg5 | ||
| # SECRET: Zm9vaXNiYXI= | ||
| envSecrets: | ||
| [] |
There was a problem hiding this comment.
Is it useful/necessary to have the [] here?
There was a problem hiding this comment.
You mean the newline?
There is a mix of practice of this.
This:
envSecrets:
[]And this:
envSecrets: []Have the same meaning, but I like the first one better - because it also indicates that the values that it is entered should be on a new line:
envSecrets:
- secret_ONE: ERTY
- secret_TWO: YTRESo I think it helps the user.
But as there are mix of standards in the helm chart, like:
podSecurityContext:
{}And
podAnnotations: {}There should be maybe a consensus around what should be used. I like the newline myself, as I think it helps to guide the user.
|
Should the commits be squashed? They seem to have a bunch of fixups. |
|
Will look into this in the coming week. |
This small change adds the posibility to add environments variables from an external secret. Good when you want to keep secrets out of your overrides, or are using an external resource to create the environment variables.