diff --git a/charts/atlantis/README.md b/charts/atlantis/README.md index f51b319f..19d25104 100644 --- a/charts/atlantis/README.md +++ b/charts/atlantis/README.md @@ -79,7 +79,7 @@ extraManifests: | atlantisDataDirectory | string | `"/atlantis-data"` | Path to the data directory for the volumeMount. | | atlantisUrl | string | `""` | An option to override the atlantis url, if not using an ingress, set it to the external IP. Check values.yaml for examples. | | aws | object | `{}` | To specify AWS credentials to be mapped to ~/.aws or to aws.directory. Check values.yaml for examples. | -| awsSecretName | string | `""` | To reference an already existing Secret object with AWS credentials | +| awsSecretName | string | `""` | To reference an already existing Secret object with AWS credentials. This has priority over the aws.config and aws.credential fields. | | azuredevops | object | `{}` | If using Azure DevOps, please enter your values as follows. The chart will perform the base64 encoding for you for values that are stored in secrets. Check values.yaml for examples. | | basicAuth | object | `{"password":"","username":""}` | Optionally specify an username and a password for basic authentication. | | basicAuthSecretName | string | `""` | If managing secrets outside the chart for the Basic Auth secret, use this variable to reference the secret name. | diff --git a/charts/atlantis/templates/statefulset.yaml b/charts/atlantis/templates/statefulset.yaml index 03b336f5..eba974e4 100644 --- a/charts/atlantis/templates/statefulset.yaml +++ b/charts/atlantis/templates/statefulset.yaml @@ -561,6 +561,11 @@ spec: mountPath: /home/atlantis/.netrc subPath: netrc {{- end }} + {{- if .Values.awsSecretName }} + - name: aws-volume + readOnly: true + mountPath: {{ .Values.aws.directory | default "/home/atlantis/.aws" }} + {{- else }} {{- range $filename, $_ := .Values.aws }} {{- if has $filename (list "credentials" "config") }} - name: aws-volume diff --git a/charts/atlantis/values.yaml b/charts/atlantis/values.yaml index ef8d159e..3c9c0691 100644 --- a/charts/atlantis/values.yaml +++ b/charts/atlantis/values.yaml @@ -145,7 +145,7 @@ aws: {} # source_profile = default # directory: "/home/atlantis/.aws" -# -- To reference an already existing Secret object with AWS credentials +# -- To reference an already existing Secret object with AWS credentials. This has priority over the aws.config and aws.credential fields. awsSecretName: "" # -- To keep backwards compatibility only.