From 65ea1b6c9b74885ff9a89e7b23d2639455de8ee8 Mon Sep 17 00:00:00 2001 From: Rory Powell Date: Tue, 14 Mar 2023 09:41:40 +0000 Subject: [PATCH] Update fallback env vars in k8s chart (#10014) --- .../templates/app-service-deployment.yaml | 15 +++------------ charts/budibase/templates/secrets.yaml | 6 ------ .../templates/worker-service-deployment.yaml | 15 +++------------ 3 files changed, 6 insertions(+), 30 deletions(-) diff --git a/charts/budibase/templates/app-service-deployment.yaml b/charts/budibase/templates/app-service-deployment.yaml index 4371d27283b..41b0dc48c99 100644 --- a/charts/budibase/templates/app-service-deployment.yaml +++ b/charts/budibase/templates/app-service-deployment.yaml @@ -63,30 +63,21 @@ spec: - name: ENABLE_ANALYTICS value: {{ .Values.globals.enableAnalytics | quote }} - name: API_ENCRYPTION_KEY - valueFrom: - secretKeyRef: - name: budibase-budibase {{ template "budibase.fullname" . }} - key: apiEncryptionKey + value: {{ .Values.globals.apiEncryptionKey | quote }} - name: INTERNAL_API_KEY valueFrom: secretKeyRef: name: {{ template "budibase.fullname" . }} key: internalApiKey - name: INTERNAL_API_KEY_FALLBACK - valueFrom: - secretKeyRef: - name: {{ template "budibase.fullname" . }} - key: internalApiKeyFallback + value: {{ .Values.globals.internalApiKeyFallback | quote }} - name: JWT_SECRET valueFrom: secretKeyRef: name: {{ template "budibase.fullname" . }} key: jwtSecret - name: JWT_SECRET_FALLBACK - valueFrom: - secretKeyRef: - name: {{ template "budibase.fullname" . }} - key: jwtSecretFallback + value: {{ .Values.globals.jwtSecretFallback | quote }} {{ if .Values.services.objectStore.region }} - name: AWS_REGION value: {{ .Values.services.objectStore.region }} diff --git a/charts/budibase/templates/secrets.yaml b/charts/budibase/templates/secrets.yaml index 3c3ca9bfa86..1c0a914ed36 100644 --- a/charts/budibase/templates/secrets.yaml +++ b/charts/budibase/templates/secrets.yaml @@ -10,14 +10,8 @@ metadata: heritage: "{{ .Release.Service }}" type: Opaque data: - {{/* For new installations this can be any value. For existing installations this must match the first used jwtSecret */}} - apiEncryptionKey: {{ .Values.globals.apiEncryptionKey }} internalApiKey: {{ template "budibase.defaultsecret" .Values.globals.internalApiKey }} - {{/* Fallback value auto generated */}} - internalApiKeyFallback: {{ .Values.globals.internalApiKeyFallback }} jwtSecret: {{ template "budibase.defaultsecret" .Values.globals.jwtSecret }} - {{/* Falback value never auto generated */}} - jwtSecretFallback: {{ .Values.globals.jwtSecretFallback }} objectStoreAccess: {{ template "budibase.defaultsecret" .Values.services.objectStore.accessKey }} objectStoreSecret: {{ template "budibase.defaultsecret" .Values.services.objectStore.secretKey }} {{- end -}} diff --git a/charts/budibase/templates/worker-service-deployment.yaml b/charts/budibase/templates/worker-service-deployment.yaml index f41c7d548ba..7886d55b286 100644 --- a/charts/budibase/templates/worker-service-deployment.yaml +++ b/charts/budibase/templates/worker-service-deployment.yaml @@ -63,30 +63,21 @@ spec: value: http://{{ .Release.Name }}-svc-couchdb:{{ .Values.services.couchdb.port }} {{ end }} - name: API_ENCRYPTION_KEY - valueFrom: - secretKeyRef: - name: budibase-budibase {{ template "budibase.fullname" . }} - key: apiEncryptionKey + value: {{ .Values.globals.apiEncryptionKey | quote }} - name: INTERNAL_API_KEY valueFrom: secretKeyRef: name: {{ template "budibase.fullname" . }} key: internalApiKey - name: INTERNAL_API_KEY_FALLBACK - valueFrom: - secretKeyRef: - name: {{ template "budibase.fullname" . }} - key: internalApiKeyFallback + value: {{ .Values.globals.internalApiKeyFallback | quote }} - name: JWT_SECRET valueFrom: secretKeyRef: name: {{ template "budibase.fullname" . }} key: jwtSecret - name: JWT_SECRET_FALLBACK - valueFrom: - secretKeyRef: - name: {{ template "budibase.fullname" . }} - key: jwtSecretFallback + value: {{ .Values.globals.jwtSecretFallback | quote }} {{ if .Values.services.objectStore.region }} - name: AWS_REGION value: {{ .Values.services.objectStore.region }}