forked from vikunja/helm-chart
feat: update mountPath and update readme for using secrets as config file (#17)
This is in the spirit of #16 (thanks for all the help @hugosxm), but I wanted to make sure that it was complete, so that users would be able to deploy the Vikunja Helm Chart easily. This PR resolves the following: - Increased documentation around utilizing environment variables from Kubernetes secrets. - Increased documentation for utilizing a Kubernetes secret as the `config.yml` file instead of a ConfigMap - Fix the incorrect `mountPath` for the `api` pod. Co-authored-by: perf3ct <jonfuller2012@gmail.com> Reviewed-on: vikunja/helm-chart#17 Reviewed-by: konrad <k@knt.li> Co-authored-by: perfectra1n <perf3ctsec@gmail.com> Co-committed-by: perfectra1n <perf3ctsec@gmail.com>
This commit is contained in:
parent
62112e8df0
commit
cbeaa395db
|
@ -10,7 +10,7 @@ description: |-
|
||||||
the high alpine areas of the Andes and a relative of the llama.
|
the high alpine areas of the Andes and a relative of the llama.
|
||||||
annotations:
|
annotations:
|
||||||
category: TaskTracker
|
category: TaskTracker
|
||||||
version: 0.3.0
|
version: 0.3.1
|
||||||
appVersion: 0.21.0
|
appVersion: 0.21.0
|
||||||
kubeVersion: ">= 1.19"
|
kubeVersion: ">= 1.19"
|
||||||
dependencies:
|
dependencies:
|
||||||
|
|
62
README.md
62
README.md
|
@ -39,9 +39,71 @@ api:
|
||||||
enabled: true
|
enabled: true
|
||||||
accessMode: ReadWriteOnce
|
accessMode: ReadWriteOnce
|
||||||
size: 10Gi
|
size: 10Gi
|
||||||
|
mountPath: /app/vikunja/files
|
||||||
storageClass: storage-class
|
storageClass: storage-class
|
||||||
```
|
```
|
||||||
|
|
||||||
|
### Utilizing environment variables from Kubernetes secrets
|
||||||
|
|
||||||
|
Each environment variable that is "injected" into a pod can be sourced from a Kubernetes secret. This is useful when you wish to add values that you would rather keep as secrets in your GitOps repo, as environment variables in the pods.
|
||||||
|
|
||||||
|
Assuming that you had a Kubernetes secret named `vikunja-env`, this is how you would add the value stored at key `VIKUNJA_DATABASE_PASSWORD` as the environment variable named `VIKUNJA_DATABASE_PASSWORD`:
|
||||||
|
|
||||||
|
```yaml
|
||||||
|
api:
|
||||||
|
env:
|
||||||
|
VIKUNJA_DATABASE_PASSWORD:
|
||||||
|
valueFrom:
|
||||||
|
secretKeyRef:
|
||||||
|
name: vikunja-env
|
||||||
|
key: VIKUNJA_DATABASE_PASSWORD
|
||||||
|
VIKUNJA_DATABASE_USERNAME: "db-user"
|
||||||
|
```
|
||||||
|
|
||||||
|
Alternatively, instead of defining each and every key, if the keys within the secret are the names of environment variables, you could also do the following:
|
||||||
|
|
||||||
|
```yaml
|
||||||
|
api:
|
||||||
|
envFrom:
|
||||||
|
- secretRef:
|
||||||
|
name: vikunja-secret-env
|
||||||
|
env:
|
||||||
|
VIKUNJA_DATABASE_USERNAME: "db-user"
|
||||||
|
```
|
||||||
|
|
||||||
|
This will add all keys within the Kubernetes secret named `vikunja-secret-env` as environment variables to the `api` pod. Additionally, if you did not have the key `VIKUNJA_DATABASE_USERNAME` in the `vikunja-secret-env` secret, you could still define it as an environment variable seen above.
|
||||||
|
|
||||||
|
How the `envFrom` key works can be seen [here](https://github.com/bjw-s/helm-charts/blob/a081de53024d8328d1ae9ff7e4f6bc500b0f3a29/charts/library/common/values.yaml#L155).
|
||||||
|
|
||||||
|
### Utilizing a Kubernetes secret as the `config.yml` file instead of a ConfigMap
|
||||||
|
|
||||||
|
If you did not wish to use the ConfigMap provided by the chart, and instead wished to mount your own Kubernetes secret as the `config.yml` file in the `api` pod, you could provide values such as the following (assuming `asdf-my-custom-secret1` was the name of the secret that had the `config.yml` file):
|
||||||
|
|
||||||
|
```yaml
|
||||||
|
api:
|
||||||
|
persistence:
|
||||||
|
config:
|
||||||
|
type: secret
|
||||||
|
name: asdf-my-custom-secret1
|
||||||
|
```
|
||||||
|
|
||||||
|
Then your secret should look something like the following so that it will mount properly:
|
||||||
|
|
||||||
|
```yaml
|
||||||
|
apiVersion: v1
|
||||||
|
kind: Secret
|
||||||
|
metadata:
|
||||||
|
name: asdf-my-custom-secret1
|
||||||
|
namespace: vikunja
|
||||||
|
type: Opaque
|
||||||
|
stringData:
|
||||||
|
config.yml: |
|
||||||
|
key1: value1
|
||||||
|
key2: value2
|
||||||
|
key3: value3
|
||||||
|
|
||||||
|
```
|
||||||
|
|
||||||
### Modifying Deployed Resources
|
### Modifying Deployed Resources
|
||||||
|
|
||||||
Often times, modifications need to be made to a Helm chart to allow it to operate in your Kubernetes cluster. By utilizing bjw-s's `common` library, there are quite a few options that can be easily modified.
|
Often times, modifications need to be made to a Helm chart to allow it to operate in your Kubernetes cluster. By utilizing bjw-s's `common` library, there are quite a few options that can be easily modified.
|
||||||
|
|
|
@ -25,6 +25,7 @@ api:
|
||||||
# existingClaim: # your-claim
|
# existingClaim: # your-claim
|
||||||
accessMode: ReadWriteOnce
|
accessMode: ReadWriteOnce
|
||||||
size: 10Gi
|
size: 10Gi
|
||||||
|
mountPath: /app/vikunja/files
|
||||||
# storageClass: storage-class
|
# storageClass: storage-class
|
||||||
ingress:
|
ingress:
|
||||||
main:
|
main:
|
||||||
|
|
Loading…
Reference in New Issue
Block a user