From b3d7e69046a7bc0cdaef26485ca8f21afdb554f1 Mon Sep 17 00:00:00 2001 From: Hector Valcarcel Date: Tue, 4 Jun 2024 10:24:52 +0200 Subject: [PATCH 1/3] feat: add values definition for extra env var using secrets ref --- charts/budibase/values.yaml | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) diff --git a/charts/budibase/values.yaml b/charts/budibase/values.yaml index 27037cdaa8..0b86218d2e 100644 --- a/charts/budibase/values.yaml +++ b/charts/budibase/values.yaml @@ -240,6 +240,13 @@ services: # -- Extra environment variables to set for apps pods. Takes a list of # name=value pairs. extraEnv: [] + # -- Name of the K8s Secret in the same namespace which contains the extra environment variables. + # This can be used to avoid storing sensitive information in the values.yaml file. + extraEnvFromSecret: [] + # - name: MY_SECRET_KEY + # secretName : my-secret + # secretKey: my-secret-key + # -- Startup probe configuration for apps pods. You shouldn't need to # change this, but if you want to you can find more information here: # @@ -323,6 +330,13 @@ services: # -- Extra environment variables to set for automation worker pods. Takes a list of # name=value pairs. extraEnv: [] + # -- Name of the K8s Secret in the same namespace which contains the extra environment variables. + # This can be used to avoid storing sensitive information in the values.yaml file. + extraEnvFromSecret: [] + # - name: MY_SECRET_KEY + # secretName : my-secret + # secretKey: my-secret-key + # -- Startup probe configuration for automation worker pods. You shouldn't # need to change this, but if you want to you can find more information # here: @@ -408,6 +422,13 @@ services: # -- Extra environment variables to set for worker pods. Takes a list of # name=value pairs. extraEnv: [] + # -- Name of the K8s Secret in the same namespace which contains the extra environment variables. + # This can be used to avoid storing sensitive information in the values.yaml file. + extraEnvFromSecret: [] + # - name: MY_SECRET_KEY + # secretName : my-secret + # secretKey: my-secret-key + # -- Startup probe configuration for worker pods. You shouldn't need to # change this, but if you want to you can find more information here: # From d554a8287b74c030ee0254872b869e514ce2da79 Mon Sep 17 00:00:00 2001 From: Hector Valcarcel Date: Tue, 4 Jun 2024 10:26:44 +0200 Subject: [PATCH 2/3] feat: attach env vars from 'extraEnvFromSecret' --- charts/budibase/templates/app-service-deployment.yaml | 7 +++++++ .../templates/automation-worker-service-deployment.yaml | 9 ++++++++- charts/budibase/templates/worker-service-deployment.yaml | 7 +++++++ 3 files changed, 22 insertions(+), 1 deletion(-) diff --git a/charts/budibase/templates/app-service-deployment.yaml b/charts/budibase/templates/app-service-deployment.yaml index ed7166ec5d..b764065bfc 100644 --- a/charts/budibase/templates/app-service-deployment.yaml +++ b/charts/budibase/templates/app-service-deployment.yaml @@ -202,6 +202,13 @@ spec: - name: {{ .name }} value: {{ .value | quote }} {{- end }} + {{- range .Values.services.apps.extraEnvFromSecret}} + - name: {{ .name }} + valueFrom: + secretKeyRef: + name: {{ .secretName }} + key: {{ .secretKey | quote }} + {{- end}} image: budibase/apps:{{ .Values.globals.appVersion | default .Chart.AppVersion }} imagePullPolicy: Always {{- if .Values.services.apps.startupProbe }} diff --git a/charts/budibase/templates/automation-worker-service-deployment.yaml b/charts/budibase/templates/automation-worker-service-deployment.yaml index 3c6f94ae9e..38a384626e 100644 --- a/charts/budibase/templates/automation-worker-service-deployment.yaml +++ b/charts/budibase/templates/automation-worker-service-deployment.yaml @@ -201,6 +201,13 @@ spec: - name: {{ .name }} value: {{ .value | quote }} {{- end }} + {{- range .Values.services.automationWorkers.extraEnvFromSecret}} + - name: {{ .name }} + valueFrom: + secretKeyRef: + name: {{ .secretName }} + key: {{ .secretKey | quote }} + {{- end}} image: budibase/apps:{{ .Values.globals.appVersion | default .Chart.AppVersion }} imagePullPolicy: Always @@ -272,4 +279,4 @@ spec: {{- toYaml .Values.services.automationWorkers.extraVolumes | nindent 8 }} {{ end }} status: {} -{{- end }} \ No newline at end of file +{{- end }} diff --git a/charts/budibase/templates/worker-service-deployment.yaml b/charts/budibase/templates/worker-service-deployment.yaml index 66a9bb6c14..1f9d1a8ed7 100644 --- a/charts/budibase/templates/worker-service-deployment.yaml +++ b/charts/budibase/templates/worker-service-deployment.yaml @@ -188,6 +188,13 @@ spec: - name: {{ .name }} value: {{ .value | quote }} {{- end }} + {{- range .Values.services.worker.extraEnvFromSecret}} + - name: {{ .name }} + valueFrom: + secretKeyRef: + name: {{ .secretName }} + key: {{ .secretKey | quote }} + {{- end}} image: budibase/worker:{{ .Values.globals.appVersion | default .Chart.AppVersion }} imagePullPolicy: Always {{- if .Values.services.worker.startupProbe }} From 4221a13fd1cdda5ef9097ae0b06483fbf4e82a61 Mon Sep 17 00:00:00 2001 From: mike12345567 Date: Tue, 4 Jun 2024 14:03:52 +0100 Subject: [PATCH 3/3] Updating pro back to correct reference. --- packages/pro | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/pro b/packages/pro index d3c3077011..5189b83bea 160000 --- a/packages/pro +++ b/packages/pro @@ -1 +1 @@ -Subproject commit d3c3077011a8e20ed3c48dcd6301caca4120b6ac +Subproject commit 5189b83bea1868574ff7f4c51fe5db38a11badb8