Skip to content

Commit

Permalink
feat: Support secret keys configurable (#257)
Browse files Browse the repository at this point in the history 
Co-authored-by: velotioaastha <aastha.gupta@velotio.com>
  • Loading branch information
@amanpruthi @velotioaastha
amanpruthi and velotioaastha authored Nov 14, 2024
1 parent 18d745a commit 3b114e9
Show file tree
Hide file tree
Showing 12 changed files with 30 additions and 26 deletions.
2 changes: 1 addition & 1 deletion charts/operator-wandb/Chart.lock
View file
Original file line number Diff line number Diff line change
Expand Up @@ -42,4 +42,4 @@ dependencies:
repository: file://charts/yace
version: 0.1.0
digest: sha256:bca2b6781737da6806e4485605cf9ce87b1428944b14cb88f082024cc3500bbd
generated: "2024-11-08T13:07:42.344971+05:30"
generated: "2024-11-08T13:42:24.351184+05:30"
2 changes: 1 addition & 1 deletion charts/operator-wandb/Chart.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ apiVersion: v2
name: operator-wandb
description: A Helm chart for deploying W&B to Kubernetes
type: application
version: 0.18.15
version: 0.18.16
appVersion: 1.0.0
icon: https://wandb.ai/logo.svg

Expand Down
8 changes: 4 additions & 4 deletions charts/operator-wandb/charts/app/templates/_deployment.tpl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -62,7 +62,7 @@ spec:
valueFrom:
secretKeyRef:
name: {{ include "wandb.mysql.passwordSecret" . }}
key: MYSQL_PASSWORD
key: {{ .Values.global.mysql.passwordSecret.passwordKey }}
command: ['bash', '-c', "until mysql -h$MYSQL_HOST -u$MYSQL_USER -p$MYSQL_PASSWORD -D$MYSQL_DATABASE -P$MYSQL_PORT --execute=\"SELECT 1\"; do echo waiting for db; sleep 2; done"]
containers:
- name: {{ .Chart.Name }}
Expand Down Expand Up @@ -119,7 +119,7 @@ spec:
valueFrom:
secretKeyRef:
name: {{ include "wandb.mysql.passwordSecret" . }}
key: MYSQL_PASSWORD
key: {{ .Values.global.mysql.passwordSecret.passwordKey }}
- name: MYSQL
value: "mysql://$(MYSQL_USER):$(MYSQL_PASSWORD)@$(MYSQL_HOST):$(MYSQL_PORT)/$(MYSQL_DATABASE)"
- name: WEAVE_SERVICE
Expand All @@ -137,7 +137,7 @@ spec:
secretKeyRef:
name: {{ include "wandb.redis.passwordSecret" . }}
optional: true
key: REDIS_PASSWORD
key: {{ .Values.global.redis.secretKey }}
- name: REDIS_PORT
value: "{{ include "wandb.redis.port" . }}"
- name: REDIS_HOST
Expand Down Expand Up @@ -217,7 +217,7 @@ spec:
valueFrom:
secretKeyRef:
name: "{{ include "wandb.bucket.secret" . }}"
key: ACCESS_KEY
key: {{ .Values.global.bucket.accessKeyName }}
optional: true
- name: GORILLA_CUSTOMER_SECRET_STORE_K8S_CONFIG_NAMESPACE
valueFrom:
Expand Down
4 changes: 2 additions & 2 deletions charts/operator-wandb/charts/flat-run-fields-updater/templates/deployment.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -76,7 +76,7 @@ spec:
valueFrom:
secretKeyRef:
name: "{{ include "wandb.bucket.secret" . }}"
key: ACCESS_KEY
key: {{ .Values.global.bucket.accessKeyName }}
optional: true
- name: GORILLA_CUSTOMER_SECRET_STORE_K8S_CONFIG_NAMESPACE
valueFrom:
Expand Down Expand Up @@ -104,7 +104,7 @@ spec:
valueFrom:
secretKeyRef:
name: {{ include "wandb.mysql.passwordSecret" . }}
key: MYSQL_PASSWORD
key: {{ .Values.global.mysql.passwordSecret.passwordKey }}
- name: MYSQL
value: "mysql://$(MYSQL_USER):$(MYSQL_PASSWORD)@$(MYSQL_HOST):$(MYSQL_PORT)/$(MYSQL_DATABASE)"
- name: KAFKA_BROKER_HOST
Expand Down
4 changes: 2 additions & 2 deletions charts/operator-wandb/charts/mysql/templates/statefulset.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -49,12 +49,12 @@ spec:
valueFrom:
secretKeyRef:
name: {{ include "wandb.mysql.passwordSecret" . }}
key: MYSQL_ROOT_PASSWORD
key: {{ .Values.global.mysql.passwordSecret.rootPasswordKey }}
- name: MYSQL_PASSWORD
valueFrom:
secretKeyRef:
name: {{ include "wandb.mysql.passwordSecret" . }}
key: MYSQL_PASSWORD
key: {{ .Values.global.mysql.passwordSecret.passwordKey }}
{{- include "mysql.extraEnv" (dict "global" .Values.global "local" .Values) | nindent 12 }}
{{- include "wandb.extraEnvFrom" (dict "root" $ "local" .) | nindent 12 }}
livenessProbe:
Expand Down
4 changes: 2 additions & 2 deletions charts/operator-wandb/charts/otel/charts/agent/templates/deamonset.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -79,7 +79,7 @@ spec:
valueFrom:
secretKeyRef:
name: {{ include "wandb.mysql.passwordSecret" . }}
key: MYSQL_PASSWORD
key: {{ .Values.global.mysql.passwordSecret.passwordKey }}
- name: K8S_NODE_NAME
valueFrom:
fieldRef:
Expand Down Expand Up @@ -131,4 +131,4 @@ spec:
hostPath:
path: /var/lib/docker/containers
hostNetwork: false
{{- end }}
{{- end }}
4 changes: 2 additions & 2 deletions charts/operator-wandb/charts/otel/charts/agent/templates/deployment.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@

{{- if eq .Values.mode "deployment" -}}
apiVersion: apps/v1
kind: Deployment
Expand Down Expand Up @@ -74,8 +75,7 @@ spec:
valueFrom:
secretKeyRef:
name: {{ include "wandb.mysql.passwordSecret" . }}
key: MYSQL_PASSWORD

key: {{ .Values.global.mysql.passwordSecret.passwordKey }}
- name: K8S_NODE_NAME
valueFrom:
fieldRef:
Expand Down
6 changes: 3 additions & 3 deletions charts/operator-wandb/charts/parquet/templates/cron.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -75,7 +75,7 @@ spec:
valueFrom:
secretKeyRef:
name: {{ include "wandb.mysql.passwordSecret" . }}
key: MYSQL_PASSWORD
key: {{ .Values.global.mysql.passwordSecret.passwordKey }}
- name: MYSQL
value: "mysql://$(MYSQL_USER):$(MYSQL_PASSWORD)@$(MYSQL_HOST):$(MYSQL_PORT)/$(MYSQL_DATABASE)"

Expand Down Expand Up @@ -129,7 +129,7 @@ spec:
valueFrom:
secretKeyRef:
name: "{{ include "wandb.bucket.secret" . }}"
key: ACCESS_KEY
key: {{ .Values.global.bucket.accessKeyName }}
optional: true

- name: G_HOST_IP
Expand All @@ -149,4 +149,4 @@ spec:
path: redis_ca.pem
{{- end }}
restartPolicy: Never
{{- end }}
{{- end }}
5 changes: 3 additions & 2 deletions charts/operator-wandb/charts/parquet/templates/deployment.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@

{{- if .Values.enabled }}
{{- $imageCfg := dict "global" $.Values.global.image "local" $.Values.image -}}
apiVersion: apps/v1
Expand Down Expand Up @@ -88,7 +89,7 @@ spec:
valueFrom:
secretKeyRef:
name: {{ include "wandb.mysql.passwordSecret" . }}
key: MYSQL_PASSWORD
key: {{ .Values.global.mysql.passwordSecret.passwordKey }}
- name: MYSQL
value: "mysql://$(MYSQL_USER):$(MYSQL_PASSWORD)@$(MYSQL_HOST):$(MYSQL_PORT)/$(MYSQL_DATABASE)"
- name: REDIS_PASSWORD
Expand Down Expand Up @@ -117,7 +118,7 @@ spec:
valueFrom:
secretKeyRef:
name: "{{ include "wandb.bucket.secret" . }}"
key: ACCESS_KEY
key: {{ .Values.global.bucket.accessKeyName }}
optional: true

- name: G_HOST_IP
Expand Down
7 changes: 4 additions & 3 deletions charts/operator-wandb/charts/prometheus/charts/mysql-exporter/templates/deployment.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@

{{- if .Values.enabled }}
{{- $imageCfg := dict "global" $.Values.global.image "local" $.Values.image -}}
apiVersion: apps/v1
Expand Down Expand Up @@ -64,15 +65,15 @@ spec:
valueFrom:
secretKeyRef:
name: {{ include "wandb.mysql.passwordSecret" . }}
key: MYSQL_PASSWORD
key: {{ .Values.global.mysql.passwordSecret.passwordKey }}
- name: MYSQL
value: "mysql://$(MYSQL_USER):$(MYSQL_PASSWORD)@$(MYSQL_HOST):$(MYSQL_PORT)/$(MYSQL_DATABASE)"

- name: MYSQLD_EXPORTER_PASSWORD
valueFrom:
secretKeyRef:
name: {{ include "wandb.mysql.passwordSecret" . }}
key: MYSQL_PASSWORD
key: {{ .Values.global.mysql.passwordSecret.passwordKey }}

{{- include "mysql-exporter.extraEnv" (dict "global" $.Values.global "local" .Values) | nindent 12 }}
{{- include "wandb.extraEnvFrom" (dict "root" $ "local" .) | nindent 12 }}
Expand All @@ -96,4 +97,4 @@ spec:
- key: REDIS_CA_CERT
path: redis_ca.pem
{{- end }}
{{- end }}
{{- end }}
5 changes: 1 addition & 4 deletions charts/operator-wandb/templates/_mysql.tpl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,6 @@ Return the name of the secret where information is stored, considering if the cu
{{- end -}}
{{- end -}}


{{/*
Return the db port
*/}}
Expand Down Expand Up @@ -47,6 +46,4 @@ Return the db password
*/}}
{{- define "wandb.mysql.password" -}}
{{- print $.Values.global.mysql.password -}}
{{- end -}}


{{- end -}}
5 changes: 5 additions & 0 deletions charts/operator-wandb/values.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -64,6 +64,8 @@ global:
password: ""
passwordSecret:
name: ""
rootPasswordKey: "MYSQL_ROOT_PASSWORD"
passwordKey: "MYSQL_PASSWORD"

slack:
secret: ""
Expand Down Expand Up @@ -107,6 +109,8 @@ global:
# If specified the application will use this bucket for all storage operations, and will not be overridable by the user.
bucket:
secretName: ""
accessKeyName: "ACCESS_KEY"
secretAccessKeyName: "SECRET_KEY"

redis:
host: ""
Expand All @@ -116,6 +120,7 @@ global:
caCert: ""
# The name of the user supplied secret containing the password for the redis instance.
secretName: ""
secretKey: "REDIS_PASSWORD"

kafka:
# The following values are anchored here, and referenced by alias later for
Expand Down

0 comments on commit 3b114e9

Please sign in to comment.