From e3eba8dbcd4ef6ad225fb5acd5900dc5eb22cdda Mon Sep 17 00:00:00 2001 From: Kevin Franklin Kim Date: Wed, 30 Oct 2024 09:35:14 +0100 Subject: [PATCH] feat(squadron): auto mount secrets --- charts/squadron-keel-cronjob/Chart.yaml | 4 +- charts/squadron-keel-cronjob/README.md | 2 +- .../templates/cronjob.yaml | 10 ++ .../squadron-keel-cronjob/values.schema.json | 6 +- charts/squadron-keel-cronjob/values.yaml | 91 ++++++++++--------- charts/squadron-keel-server/Chart.yaml | 4 +- charts/squadron-keel-server/README.md | 2 +- .../templates/deployment.yaml | 10 ++ .../squadron-keel-server/values.schema.json | 6 +- charts/squadron-keel-server/values.yaml | 21 +++-- charts/squadron-nextjs-server/Chart.yaml | 4 +- charts/squadron-nextjs-server/README.md | 3 +- .../templates/deployment.yaml | 10 ++ .../squadron-nextjs-server/values.schema.json | 21 ++++- charts/squadron-nextjs-server/values.yaml | 18 ++++ 15 files changed, 143 insertions(+), 69 deletions(-) diff --git a/charts/squadron-keel-cronjob/Chart.yaml b/charts/squadron-keel-cronjob/Chart.yaml index 09e98ca..a378e39 100644 --- a/charts/squadron-keel-cronjob/Chart.yaml +++ b/charts/squadron-keel-cronjob/Chart.yaml @@ -15,5 +15,5 @@ annotations: - name: Chart Source url: https://github.com/foomo/helm-charts -version: 0.1.5 -appVersion: 0.1.5 +version: 0.1.6 +appVersion: 0.1.6 diff --git a/charts/squadron-keel-cronjob/README.md b/charts/squadron-keel-cronjob/README.md index 495709d..cd81389 100644 --- a/charts/squadron-keel-cronjob/README.md +++ b/charts/squadron-keel-cronjob/README.md @@ -1,6 +1,6 @@ # squadron-keel-cronjob -![Version: 0.1.5](https://img.shields.io/badge/Version-0.1.5-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.1.5](https://img.shields.io/badge/AppVersion-0.1.5-informational?style=flat-square) +![Version: 0.1.6](https://img.shields.io/badge/Version-0.1.6-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.1.6](https://img.shields.io/badge/AppVersion-0.1.6-informational?style=flat-square) Squadron Keel CronJob Chart diff --git a/charts/squadron-keel-cronjob/templates/cronjob.yaml b/charts/squadron-keel-cronjob/templates/cronjob.yaml index d64f9d5..b3999c1 100644 --- a/charts/squadron-keel-cronjob/templates/cronjob.yaml +++ b/charts/squadron-keel-cronjob/templates/cronjob.yaml @@ -85,6 +85,11 @@ spec: {{- with .Values.cronjob.additionalVolumeMounts }} {{- toYaml . | nindent 16 }} {{- end }} + {{- range $key, $value := .Values.secrets }} + - name: {{ include "keel.cronjob.fullname" $ }}-{{ $key }} + readOnly: true + mountPath: /run/secrets/{{ $key }} + {{- end }} {{- range .Values.secretMounts }} - name: {{ . }} readOnly: true @@ -131,6 +136,11 @@ spec: persistentVolumeClaim: claimName: {{ include "keel.cronjob.fullname" . }}-data {{- end }} + {{- range $key, $value := .Values.secrets }} + - name: {{ $key }} + secret: + secretName: {{ include "keel.cronjob.fullname" $ }}-{{ $key }} + {{- end }} {{- range .Values.secretMounts }} - name: {{ . }} secret: diff --git a/charts/squadron-keel-cronjob/values.schema.json b/charts/squadron-keel-cronjob/values.schema.json index 3dae009..506aa0b 100644 --- a/charts/squadron-keel-cronjob/values.schema.json +++ b/charts/squadron-keel-cronjob/values.schema.json @@ -803,13 +803,13 @@ }, "secretEnv": { "additionalProperties": true, - "description": "Map of environment variables to add as a secret", + "description": "env:\n FOO: bar\nMap of environment variables to add as a secret", "required": [], "title": "secretEnv", "type": "object" }, "secretMounts": { - "description": "secretEnv:\n FOO: bar\nList of existing secrets to be mounted", + "description": "secrets:\n my-secret:\n data: ...\nList of existing secrets to be mounted", "items": { "required": [], "type": "string" @@ -832,7 +832,7 @@ }, "type": "object" }, - "description": "env:\n FOO: bar\nMap of secrets to be mounted", + "description": "secretEnv:\n FOO: bar\nMap of secrets to be mounted", "required": [], "title": "secrets", "type": "object" diff --git a/charts/squadron-keel-cronjob/values.yaml b/charts/squadron-keel-cronjob/values.yaml index 45e987d..5e1d849 100644 --- a/charts/squadron-keel-cronjob/values.yaml +++ b/charts/squadron-keel-cronjob/values.yaml @@ -41,6 +41,7 @@ global: # -- Will be automatically injected (optional) # @section -- Global fleet: '' + # @schema # type: string # @schema @@ -78,6 +79,52 @@ schedule: '' # -- Cron job time zone # @section -- General timeZone: 'Europe/Berlin' +# @schema +# type: object +# additionalProperties: true +# @schema +# -- Map of environment variables to add +# @section -- General +env: { } +# env: +# FOO: bar +# @schema +# type: object +# additionalProperties: true +# @schema +# -- Map of environment variables to add as a secret +# @section -- General +secretEnv: { } +# secretEnv: +# FOO: bar +# @schema +# type: object +# additionalProperties: +# type: object +# properties: +# data: +# type: object +# additionalProperties: true +# stringData: +# type: object +# additionalProperties: true +# @schema +# -- Map of secrets to be mounted +# @section -- General +secrets: { } +# secrets: +# my-secret: +# data: ... +# @schema +# type: array +# items: +# type: string +# @schema +# -- List of existing secrets to be mounted +# @section -- General +secretMounts: [] +# secretMounts: +# - my-secret # @schema # type: object @@ -220,50 +267,6 @@ image: # @section -- Image settings tag: '' -# @schema -# type: object -# additionalProperties: true -# @schema -# -- Map of environment variables to add -# @section -- General -env: { } -# env: -# FOO: bar -# @schema -# type: object -# additionalProperties: -# type: object -# properties: -# data: -# type: object -# additionalProperties: true -# stringData: -# type: object -# additionalProperties: true -# @schema -# -- Map of secrets to be mounted -# @section -- General -secrets: { } -# @schema -# type: object -# additionalProperties: true -# @schema -# -- Map of environment variables to add as a secret -# @section -- General -secretEnv: { } -# secretEnv: -# FOO: bar -# @schema -# type: array -# items: -# type: string -# @schema -# -- List of existing secrets to be mounted -# @section -- General -secretMounts: [] -# secretMounts: -# - my-secret - # @schema # type: object # @schema diff --git a/charts/squadron-keel-server/Chart.yaml b/charts/squadron-keel-server/Chart.yaml index c6cb50f..1aaecc5 100644 --- a/charts/squadron-keel-server/Chart.yaml +++ b/charts/squadron-keel-server/Chart.yaml @@ -15,5 +15,5 @@ annotations: - name: Chart Source url: https://github.com/foomo/helm-charts -version: 0.1.11 -appVersion: 0.1.11 +version: 0.1.12 +appVersion: 0.1.12 diff --git a/charts/squadron-keel-server/README.md b/charts/squadron-keel-server/README.md index 0894886..e9d29bc 100644 --- a/charts/squadron-keel-server/README.md +++ b/charts/squadron-keel-server/README.md @@ -1,6 +1,6 @@ # squadron-keel-server -![Version: 0.1.11](https://img.shields.io/badge/Version-0.1.11-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.1.11](https://img.shields.io/badge/AppVersion-0.1.11-informational?style=flat-square) +![Version: 0.1.12](https://img.shields.io/badge/Version-0.1.12-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.1.12](https://img.shields.io/badge/AppVersion-0.1.12-informational?style=flat-square) Squadron Keel Server Chart diff --git a/charts/squadron-keel-server/templates/deployment.yaml b/charts/squadron-keel-server/templates/deployment.yaml index e0ae078..ff400b7 100644 --- a/charts/squadron-keel-server/templates/deployment.yaml +++ b/charts/squadron-keel-server/templates/deployment.yaml @@ -97,6 +97,11 @@ spec: {{- with .Values.server.additionalVolumeMounts }} {{- toYaml . | nindent 12 }} {{- end }} + {{- range $key, $value := .Values.secrets }} + - name: {{ include "keel.server.fullname" $ }}-{{ $key }} + readOnly: true + mountPath: /run/secrets/{{ $key }} + {{- end }} {{- range .Values.secretMounts }} - name: {{ . }} readOnly: true @@ -143,6 +148,11 @@ spec: persistentVolumeClaim: claimName: {{ include "keel.server.fullname" . }}-data {{- end }} + {{- range $key, $value := .Values.secrets }} + - name: {{ $key }} + secret: + secretName: {{ include "keel.server.fullname" $ }}-{{ $key }} + {{- end }} {{- range .Values.secretMounts }} - name: {{ . }} secret: diff --git a/charts/squadron-keel-server/values.schema.json b/charts/squadron-keel-server/values.schema.json index 6d2d4cb..bf109ec 100644 --- a/charts/squadron-keel-server/values.schema.json +++ b/charts/squadron-keel-server/values.schema.json @@ -713,13 +713,13 @@ }, "secretEnv": { "additionalProperties": true, - "description": "Map of environment variables to add as a secret", + "description": "env:\n FOO: bar\nMap of environment variables to add as a secret", "required": [], "title": "secretEnv", "type": "object" }, "secretMounts": { - "description": "secretEnv:\n FOO: bar\nList of existing secrets to be mounted", + "description": "secrets:\n my-secret:\n data: ...\nList of existing secrets to be mounted", "items": { "required": [], "type": "string" @@ -742,7 +742,7 @@ }, "type": "object" }, - "description": "env:\n FOO: bar\nMap of secrets to be mounted", + "description": "secretEnv:\n FOO: bar\nMap of secrets to be mounted", "required": [], "title": "secrets", "type": "object" diff --git a/charts/squadron-keel-server/values.yaml b/charts/squadron-keel-server/values.yaml index e5b5aed..129ae9b 100644 --- a/charts/squadron-keel-server/values.yaml +++ b/charts/squadron-keel-server/values.yaml @@ -99,6 +99,15 @@ env: { } # FOO: bar # @schema # type: object +# additionalProperties: true +# @schema +# -- Map of environment variables to add as a secret +# @section -- General +secretEnv: { } +# secretEnv: +# FOO: bar +# @schema +# type: object # additionalProperties: # type: object # properties: @@ -112,15 +121,9 @@ env: { } # -- Map of secrets to be mounted # @section -- General secrets: { } -# @schema -# type: object -# additionalProperties: true -# @schema -# -- Map of environment variables to add as a secret -# @section -- General -secretEnv: { } -# secretEnv: -# FOO: bar +# secrets: +# my-secret: +# data: ... # @schema # type: array # items: diff --git a/charts/squadron-nextjs-server/Chart.yaml b/charts/squadron-nextjs-server/Chart.yaml index 4147660..2d7c677 100644 --- a/charts/squadron-nextjs-server/Chart.yaml +++ b/charts/squadron-nextjs-server/Chart.yaml @@ -14,5 +14,5 @@ annotations: - name: Chart Source url: https://github.com/foomo/helm-charts -version: 0.1.5 -appVersion: 0.1.5 +version: 0.1.6 +appVersion: 0.1.6 diff --git a/charts/squadron-nextjs-server/README.md b/charts/squadron-nextjs-server/README.md index 42b9ebc..c45a3d7 100644 --- a/charts/squadron-nextjs-server/README.md +++ b/charts/squadron-nextjs-server/README.md @@ -1,6 +1,6 @@ # squadron-nextjs-server -![Version: 0.1.5](https://img.shields.io/badge/Version-0.1.5-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.1.5](https://img.shields.io/badge/AppVersion-0.1.5-informational?style=flat-square) +![Version: 0.1.6](https://img.shields.io/badge/Version-0.1.6-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.1.6](https://img.shields.io/badge/AppVersion-0.1.6-informational?style=flat-square) Squadron NextJS Server Chart @@ -35,6 +35,7 @@ Squadron NextJS Server Chart | revisionHistoryLimit | int | `10` | Number of revisions to keep | | secretEnv | object | `{}` | Map of environment variables to add as a secret | | secretMounts | list | `[]` | List of existing secrets to be mounted | +| secrets | object | `{}` | Map of secrets to be mounted | | updateStrategy | string | `"RollingUpdate"` | Deployment update strategy | ### Overrides diff --git a/charts/squadron-nextjs-server/templates/deployment.yaml b/charts/squadron-nextjs-server/templates/deployment.yaml index 567bfc7..1028458 100644 --- a/charts/squadron-nextjs-server/templates/deployment.yaml +++ b/charts/squadron-nextjs-server/templates/deployment.yaml @@ -81,6 +81,11 @@ spec: - name: {{ include "nextjs.server.fullname" . }}-data mountPath: {{ .Values.persistence.mountPath }} {{- end }} + {{- range $key, $value := .Values.secrets }} + - name: {{ include "nextjs.server.fullname" $ }}-{{ $key }} + readOnly: true + mountPath: /run/secrets/{{ $key }} + {{- end }} {{- with .Values.server.additionalVolumeMounts }} {{- toYaml . | nindent 12 }} {{- end }} @@ -130,6 +135,11 @@ spec: persistentVolumeClaim: claimName: {{ include "nextjs.server.fullname" . }}-data {{- end }} + {{- range $key, $value := .Values.secrets }} + - name: {{ $key }} + secret: + secretName: {{ include "nextjs.server.fullname" $ }}-{{ $key }} + {{- end }} {{- range .Values.secretMounts }} - name: {{ . }} secret: diff --git a/charts/squadron-nextjs-server/values.schema.json b/charts/squadron-nextjs-server/values.schema.json index d979ccf..cf5d53b 100644 --- a/charts/squadron-nextjs-server/values.schema.json +++ b/charts/squadron-nextjs-server/values.schema.json @@ -769,7 +769,7 @@ "type": "object" }, "secretMounts": { - "description": "secretEnv:\n FOO: bar\nList of existing secrets to be mounted", + "description": "secrets:\n my-secret:\n data: ...\nList of existing secrets to be mounted", "items": { "required": [], "type": "string" @@ -778,6 +778,25 @@ "title": "secretMounts", "type": "array" }, + "secrets": { + "additionalProperties": { + "properties": { + "data": { + "additionalProperties": true, + "type": "object" + }, + "stringData": { + "additionalProperties": true, + "type": "object" + } + }, + "type": "object" + }, + "description": "secretEnv:\n FOO: bar\nMap of secrets to be mounted", + "required": [], + "title": "secrets", + "type": "object" + }, "securityContext": { "additionalProperties": false, "description": "Security context", diff --git a/charts/squadron-nextjs-server/values.yaml b/charts/squadron-nextjs-server/values.yaml index 609e4a0..b6effd1 100644 --- a/charts/squadron-nextjs-server/values.yaml +++ b/charts/squadron-nextjs-server/values.yaml @@ -86,6 +86,24 @@ secretEnv: { } # secretEnv: # FOO: bar # @schema +# type: object +# additionalProperties: +# type: object +# properties: +# data: +# type: object +# additionalProperties: true +# stringData: +# type: object +# additionalProperties: true +# @schema +# -- Map of secrets to be mounted +# @section -- General +secrets: { } +# secrets: +# my-secret: +# data: ... +# @schema # type: array # items: # type: string