-
-
Notifications
You must be signed in to change notification settings - Fork 254
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
helm: add the posibility to add external secrets as env variables #465
base: main
Are you sure you want to change the base?
Conversation
I will do some more work on this, to add the possibility to add more than one secret. I will will push a change later today. |
# type: Opaque | ||
# data: | ||
# SECRETS_email_password: MTIzNDU2Nzg5 | ||
# SECRET: Zm9vaXNiYXI= |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
What does the SECRET
one do -- is the point that it's not passed into zulip-secrets
, or is it? I feel like the documentation needs to be clearer about how to interpret this example.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Agree, I will add better example.
# SECRETS_email_password: MTIzNDU2Nzg5 | ||
# SECRET: Zm9vaXNiYXI= | ||
envSecrets: | ||
[] |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is it useful/necessary to have the []
here?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
You mean the newline?
There is a mix of practice of this.
This:
envSecrets:
[]
And this:
envSecrets: []
Have the same meaning, but I like the first one better - because it also indicates that the values that it is entered should be on a new line:
envSecrets:
- secret_ONE: ERTY
- secret_TWO: YTRE
So I think it helps the user.
But as there are mix of standards in the helm chart, like:
podSecurityContext:
{}
And
podAnnotations: {}
There should be maybe a consensus around what should be used. I like the newline myself, as I think it helps to guide the user.
Should the commits be squashed? They seem to have a bunch of fixups. |
Will look into this in the coming week. |
This small change adds the posibility to add environments variables from an external secret. Good when you want to keep secrets out of your overrides, or are using an external resource to create the environment variables.