From 93bda606a32f24a341a922636eb18eee1feaa103 Mon Sep 17 00:00:00 2001 From: Ro Santalla Date: Mon, 22 Apr 2024 09:27:20 +0200 Subject: [PATCH 1/2] fix inheritance of sidekiq securityContext (#76) --- templates/deployment-sidekiq.yaml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/templates/deployment-sidekiq.yaml b/templates/deployment-sidekiq.yaml index f6e9c7e..f90b53a 100644 --- a/templates/deployment-sidekiq.yaml +++ b/templates/deployment-sidekiq.yaml @@ -83,8 +83,10 @@ spec: {{- end }} containers: - name: {{ $context.Chart.Name }} + {{- with $context.Values.mastodon.sidekiq.securityContext | default $context.Values.securityContext }} securityContext: - {{- toYaml $context.Values.mastodon.sidekiq.securityContext | nindent 12 }} + {{- toYaml . | nindent 12 }} + {{- end }} image: "{{ coalesce (dig "image" "repository" false .) $context.Values.image.repository }}:{{ coalesce (dig "image" "tag" false .) $context.Values.image.tag $context.Chart.AppVersion }}" imagePullPolicy: {{ $context.Values.image.pullPolicy }} command: From 2a6b7cf30b44d772cbf77abece3f44f0abec706b Mon Sep 17 00:00:00 2001 From: Jeremiah Lee <106775223+jeremiahlee@users.noreply.github.com> Date: Mon, 22 Apr 2024 09:36:02 +0200 Subject: [PATCH 2/2] Add existing Redis instance password to new Secret (#81) --- templates/_helpers.tpl | 4 +++- templates/secret-redis.yaml | 15 +++++++++++++++ values.yaml | 1 + 3 files changed, 19 insertions(+), 1 deletion(-) create mode 100644 templates/secret-redis.yaml diff --git a/templates/_helpers.tpl b/templates/_helpers.tpl index 81872f9..5f56775 100644 --- a/templates/_helpers.tpl +++ b/templates/_helpers.tpl @@ -142,8 +142,10 @@ Get the redis secret. {{- printf "%s" (tpl .Values.redis.auth.existingSecret $) -}} {{- else if .Values.redis.existingSecret }} {{- printf "%s" (tpl .Values.redis.existingSecret $) -}} -{{- else -}} +{{- else if .Values.redis.enabled -}} {{- printf "%s-redis" (tpl .Release.Name $) -}} +{{- else -}} + {{- printf "%s-redis" (include "mastodon.fullname" .) -}} {{- end -}} {{- end -}} diff --git a/templates/secret-redis.yaml b/templates/secret-redis.yaml new file mode 100644 index 0000000..b1d8ac1 --- /dev/null +++ b/templates/secret-redis.yaml @@ -0,0 +1,15 @@ +{{- if not .Values.redis.enabled }} +{{- if and (not .Values.redis.auth.existingSecret) (not .Values.redis.existingSecret) }} +{{- if .Values.redis.auth.password }} +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "mastodon.redis.secretName" . }} + labels: + {{- include "mastodon.labels" . | nindent 4 }} +type: Opaque +data: + redis-password: "{{ .Values.redis.auth.password | b64enc }}" +{{- end }} +{{- end }} +{{- end }} diff --git a/values.yaml b/values.yaml index e485f76..9d8d2ba 100644 --- a/values.yaml +++ b/values.yaml @@ -443,6 +443,7 @@ redis: # -- you must set a password; the password generated by the redis chart will be # rotated on each upgrade: password: "" + # setting password for an existing redis instance will store it in a new Secret # you can also specify the name of an existing Secret # with a key of redis-password set to the password you want # existingSecret: ""