Skip to content

Commit

Permalink
Merge pull request #54 from drpsyko101/secret-ref
Browse files Browse the repository at this point in the history 
Add support for existing secret references
  • Loading branch information
@arpagon
arpagon authored Apr 15, 2024
2 parents 1e02484 + 1614614 commit 146660a
Show file tree
Hide file tree
Showing 23 changed files with 438 additions and 6 deletions.
2 changes: 1 addition & 1 deletion charts/supabase/Chart.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@ type: application
# This is the chart version. This version number should be incremented each time you make changes
# to the chart and its templates, including the app version.
# Versions are expected to follow Semantic Versioning (https://semver.org/)
version: 0.1.0
version: 0.1.1

# This is the version number of the application being deployed. This version number should be
# incremented each time you make changes to the application. Versions are not expected to
Expand Down
25 changes: 25 additions & 0 deletions charts/supabase/templates/analytics/deployment.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -42,8 +42,13 @@ spec:
- name: DB_USER
valueFrom:
secretKeyRef:
{{- if .Values.secret.db.secretRef }}
name: {{ .Values.secret.db.secretRef }}
key: {{ .Values.secret.db.secretRefKey.username | default "username" }}
{{- else }}
name: {{ include "supabase.secret.db" . }}
key: username
{{- end }}
- name: DB_PORT
value: {{ .Values.analytics.environment.DB_PORT | quote }}
command: ["/bin/sh", "-c"]
Expand Down Expand Up @@ -72,23 +77,43 @@ spec:
- name: DB_PASSWORD
valueFrom:
secretKeyRef:
{{- if .Values.secret.db.secretRef }}
name: {{ .Values.secret.db.secretRef }}
key: {{ .Values.secret.db.secretRefKey.password | default "password" }}
{{- else }}
name: {{ include "supabase.secret.db" . }}
key: password
{{- end }}
- name: DB_PASSWORD_ENC
valueFrom:
secretKeyRef:
{{- if .Values.secret.db.secretRef }}
name: {{ .Values.secret.db.secretRef }}
key: {{ .Values.secret.db.secretRefKey.password | default "password" }}
{{- else }}
name: {{ include "supabase.secret.db" . }}
key: password_encoded
{{- end }}
- name: DB_DATABASE
valueFrom:
secretKeyRef:
{{- if .Values.secret.db.secretRef }}
name: {{ .Values.secret.db.secretRef }}
key: {{ .Values.secret.db.secretRefKey.database | default "database" }}
{{- else }}
name: {{ include "supabase.secret.db" . }}
key: database
{{- end }}
- name: LOGFLARE_API_KEY
valueFrom:
secretKeyRef:
{{- if .Values.secret.analytics.secretRef }}
name: {{ .Values.secret.analytics.secretRef }}
key: {{ .Values.secret.analytics.secretRefKey.apiKey | default "apiKey" }}
{{- else }}
name: {{ include "supabase.secret.analytics" . }}
key: apiKey
{{- end }}
{{- if .Values.analytics.bigQuery.enabled }}
- name: GOOGLE_PROJECT_ID
value: {{ .Values.analytics.bigQuery.projectId | quote }}
Expand Down
35 changes: 35 additions & 0 deletions charts/supabase/templates/auth/deployment.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -42,8 +42,13 @@ spec:
- name: DB_USER
valueFrom:
secretKeyRef:
{{- if .Values.secret.db.secretRef }}
name: {{ .Values.secret.db.secretRef }}
key: {{ .Values.secret.db.secretRefKey.username | default "username" }}
{{- else }}
name: {{ include "supabase.secret.db" . }}
key: username
{{- end }}
- name: DB_PORT
value: {{ .Values.auth.environment.DB_PORT | quote }}
command: ["/bin/sh", "-c"]
Expand Down Expand Up @@ -72,37 +77,67 @@ spec:
- name: DB_PASSWORD
valueFrom:
secretKeyRef:
{{- if .Values.secret.db.secretRef }}
name: {{ .Values.secret.db.secretRef }}
key: {{ .Values.secret.db.secretRefKey.password | default "password" }}
{{- else }}
name: {{ include "supabase.secret.db" . }}
key: password
{{- end }}
- name: DB_PASSWORD_ENC
valueFrom:
secretKeyRef:
{{- if .Values.secret.db.secretRef }}
name: {{ .Values.secret.db.secretRef }}
key: {{ .Values.secret.db.secretRefKey.password | default "password" }}
{{- else }}
name: {{ include "supabase.secret.db" . }}
key: password_encoded
{{- end }}
- name: DB_NAME
valueFrom:
secretKeyRef:
{{- if .Values.secret.db.secretRef }}
name: {{ .Values.secret.db.secretRef }}
key: {{ .Values.secret.db.secretRefKey.database | default "database" }}
{{- else }}
name: {{ include "supabase.secret.db" . }}
key: database
{{- end }}
- name: GOTRUE_DB_DATABASE_URL
value: $(DB_DRIVER)://$(DB_USER):$(DB_PASSWORD_ENC)@$(DB_HOST):$(DB_PORT)/$(DB_NAME)?search_path=auth&sslmode=$(DB_SSL)
- name: GOTRUE_DB_DRIVER
value: $(DB_DRIVER)
- name: GOTRUE_JWT_SECRET
valueFrom:
secretKeyRef:
{{- if .Values.secret.jwt.secretRef }}
name: {{ .Values.secret.jwt.secretRef }}
key: {{ .Values.secret.jwt.secretRefKey.secret | default "secret" }}
{{- else }}
name: {{ include "supabase.secret.jwt" . }}
key: secret
{{- end }}
- name: GOTRUE_SMTP_USER
valueFrom:
secretKeyRef:
{{- if .Values.secret.smtp.secretRef }}
name: {{ .Values.secret.smtp.secretRef }}
key: {{ .Values.secret.smtp.secretRefKey.username | default "username" }}
{{- else }}
name: {{ include "supabase.secret.smtp" . }}
key: username
{{- end }}
- name: GOTRUE_SMTP_PASS
valueFrom:
secretKeyRef:
{{- if .Values.secret.smtp.secretRef }}
name: {{ .Values.secret.smtp.secretRef }}
key: {{ .Values.secret.smtp.secretRefKey.password | default "password" }}
{{- else }}
name: {{ include "supabase.secret.smtp" . }}
key: password
{{- end }}
{{- with .Values.auth.livenessProbe }}
livenessProbe:
{{- toYaml . | nindent 12 }}
Expand Down
25 changes: 25 additions & 0 deletions charts/supabase/templates/db/deployment.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -66,28 +66,53 @@ spec:
- name: POSTGRES_USER
valueFrom:
secretKeyRef:
{{- if .Values.secret.db.secretRef }}
name: {{ .Values.secret.db.secretRef }}
key: {{ .Values.secret.db.secretRefKey.username | default "username" }}
{{- else }}
name: {{ include "supabase.secret.db" . }}
key: username
{{- end }}
- name: PGPASSWORD
valueFrom:
secretKeyRef:
{{- if .Values.secret.db.secretRef }}
name: {{ .Values.secret.db.secretRef }}
key: {{ .Values.secret.db.secretRefKey.password | default "password" }}
{{- else }}
name: {{ include "supabase.secret.db" . }}
key: password
{{- end }}
- name: POSTGRES_PASSWORD
valueFrom:
secretKeyRef:
{{- if .Values.secret.db.secretRef }}
name: {{ .Values.secret.db.secretRef }}
key: {{ .Values.secret.db.secretRefKey.password | default "password" }}
{{- else }}
name: {{ include "supabase.secret.db" . }}
key: password
{{- end }}
- name: PGDATABASE
valueFrom:
secretKeyRef:
{{- if .Values.secret.db.secretRef }}
name: {{ .Values.secret.db.secretRef }}
key: {{ .Values.secret.db.secretRefKey.database | default "database" }}
{{- else }}
name: {{ include "supabase.secret.db" . }}
key: database
{{- end }}
- name: POSTGRES_DB
valueFrom:
secretKeyRef:
{{- if .Values.secret.db.secretRef }}
name: {{ .Values.secret.db.secretRef }}
key: {{ .Values.secret.db.secretRefKey.database | default "database" }}
{{- else }}
name: {{ include "supabase.secret.db" . }}
key: database
{{- end }}
{{- with .Values.db.livenessProbe }}
livenessProbe:
{{- toYaml . | nindent 12 }}
Expand Down
30 changes: 30 additions & 0 deletions charts/supabase/templates/functions/deployment.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -52,33 +52,63 @@ spec:
- name: DB_PASSWORD
valueFrom:
secretKeyRef:
{{- if .Values.secret.db.secretRef }}
name: {{ .Values.secret.db.secretRef }}
key: {{ .Values.secret.db.secretRefKey.password | default "password" }}
{{- else }}
name: {{ include "supabase.secret.db" . }}
key: password
{{- end }}
- name: DB_PASSWORD_ENC
valueFrom:
secretKeyRef:
{{- if .Values.secret.db.secretRef }}
name: {{ .Values.secret.db.secretRef }}
key: {{ .Values.secret.db.secretRefKey.password | default "password" }}
{{- else }}
name: {{ include "supabase.secret.db" . }}
key: password_encoded
{{- end }}
- name: DB_DATABASE
valueFrom:
secretKeyRef:
{{- if .Values.secret.db.secretRef }}
name: {{ .Values.secret.db.secretRef }}
key: {{ .Values.secret.db.secretRefKey.database | default "database" }}
{{- else }}
name: {{ include "supabase.secret.db" . }}
key: database
{{- end }}
- name: JWT_SECRET
valueFrom:
secretKeyRef:
{{- if .Values.secret.jwt.secretRef }}
name: {{ .Values.secret.jwt.secretRef }}
key: {{ .Values.secret.jwt.secretRefKey.secret | default "secret" }}
{{- else }}
name: {{ include "supabase.secret.jwt" . }}
key: secret
{{- end }}
- name: SUPABASE_ANON_KEY
valueFrom:
secretKeyRef:
{{- if .Values.secret.jwt.secretRef }}
name: {{ .Values.secret.jwt.secretRef }}
key: {{ .Values.secret.jwt.secretRefKey.anonKey | default "anonKey" }}
{{- else }}
name: {{ include "supabase.secret.jwt" . }}
key: anonKey
{{- end }}
- name: SUPABASE_SERVICE_ROLE_KEY
valueFrom:
secretKeyRef:
{{- if .Values.secret.jwt.secretRef }}
name: {{ .Values.secret.jwt.secretRef }}
key: {{ .Values.secret.jwt.secretRefKey.serviceKey | default "serviceKey" }}
{{- else }}
name: {{ include "supabase.secret.jwt" . }}
key: serviceKey
{{- end }}
- name: POSTGRES_BACKEND_URL
value: $(DB_DRIVER)://$(DB_USERNAME):$(DB_PASSWORD_ENC)@$(DB_HOSTNAME):$(DB_PORT)/$(DB_DATABASE)?search_path=auth&sslmode=$(DB_SSL)
{{- with .Values.functions.livenessProbe }}
Expand Down
20 changes: 20 additions & 0 deletions charts/supabase/templates/kong/deployment.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -44,24 +44,44 @@ spec:
- name: SUPABASE_ANON_KEY
valueFrom:
secretKeyRef:
{{- if .Values.secret.jwt.secretRef }}
name: {{ .Values.secret.jwt.secretRef }}
key: {{ .Values.secret.jwt.secretRefKey.anonKey | default "anonKey" }}
{{- else }}
name: {{ include "supabase.secret.jwt" . }}
key: anonKey
{{- end }}
- name: SUPABASE_SERVICE_KEY
valueFrom:
secretKeyRef:
{{- if .Values.secret.jwt.secretRef }}
name: {{ .Values.secret.jwt.secretRef }}
key: {{ .Values.secret.jwt.secretRefKey.serviceKey | default "serviceKey" }}
{{- else }}
name: {{ include "supabase.secret.jwt" . }}
key: serviceKey
{{- end }}
{{- if .Values.secret.dashboard }}
- name: DASHBOARD_USERNAME
valueFrom:
secretKeyRef:
{{- if .Values.secret.dashboard.secretRef }}
name: {{ .Values.secret.dashboard.secretRef }}
key: {{ .Values.secret.dashboard.secretRefKey.username | default "username" }}
{{- else }}
name: {{ include "supabase.secret.dashboard" . }}
key: username
{{- end }}
- name: DASHBOARD_PASSWORD
valueFrom:
secretKeyRef:
{{- if .Values.secret.dashboard.secretRef }}
name: {{ .Values.secret.dashboard.secretRef }}
key: {{ .Values.secret.dashboard.secretRefKey.password | default "password" }}
{{- else }}
name: {{ include "supabase.secret.dashboard" . }}
key: password
{{- end }}
{{- end }}
{{- with .Values.kong.livenessProbe }}
livenessProbe:
Expand Down
10 changes: 10 additions & 0 deletions charts/supabase/templates/meta/deployment.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -46,13 +46,23 @@ spec:
- name: DB_PASSWORD
valueFrom:
secretKeyRef:
{{- if .Values.secret.db.secretRef }}
name: {{ .Values.secret.db.secretRef }}
key: {{ .Values.secret.db.secretRefKey.password | default "password" }}
{{- else }}
name: {{ include "supabase.secret.db" . }}
key: password
{{- end }}
- name: DB_NAME
valueFrom:
secretKeyRef:
{{- if .Values.secret.db.secretRef }}
name: {{ .Values.secret.db.secretRef }}
key: {{ .Values.secret.db.secretRefKey.database | default "database" }}
{{- else }}
name: {{ include "supabase.secret.db" . }}
key: database
{{- end }}
- name: PG_META_DB_HOST
value: $(DB_HOST)
- name: PG_META_DB_PORT
Expand Down
25 changes: 25 additions & 0 deletions charts/supabase/templates/realtime/deployment.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -42,8 +42,13 @@ spec:
- name: DB_USER
valueFrom:
secretKeyRef:
{{- if .Values.secret.db.secretRef }}
name: {{ .Values.secret.db.secretRef }}
key: {{ .Values.secret.db.secretRefKey.username | default "username" }}
{{- else }}
name: {{ include "supabase.secret.db" . }}
key: username
{{- end }}
- name: DB_PORT
value: {{ .Values.analytics.environment.DB_PORT | quote }}
command: ["/bin/sh", "-c"]
Expand Down Expand Up @@ -74,23 +79,43 @@ spec:
- name: DB_PASSWORD
valueFrom:
secretKeyRef:
{{- if .Values.secret.db.secretRef }}
name: {{ .Values.secret.db.secretRef }}
key: {{ .Values.secret.db.secretRefKey.password | default "password" }}
{{- else }}
name: {{ include "supabase.secret.db" . }}
key: password
{{- end }}
- name: DB_NAME
valueFrom:
secretKeyRef:
{{- if .Values.secret.db.secretRef }}
name: {{ .Values.secret.db.secretRef }}
key: {{ .Values.secret.db.secretRefKey.database | default "database" }}
{{- else }}
name: {{ include "supabase.secret.db" . }}
key: database
{{- end }}
- name: JWT_SECRET
valueFrom:
secretKeyRef:
{{- if .Values.secret.jwt.secretRef }}
name: {{ .Values.secret.jwt.secretRef }}
key: {{ .Values.secret.jwt.secretRefKey.secret | default "secret" }}
{{- else }}
name: {{ include "supabase.secret.jwt" . }}
key: secret
{{- end }}
- name: API_JWT_SECRET
valueFrom:
secretKeyRef:
{{- if .Values.secret.jwt.secretRef }}
name: {{ .Values.secret.jwt.secretRef }}
key: {{ .Values.secret.jwt.secretRefKey.secret | default "secret" }}
{{- else }}
name: {{ include "supabase.secret.jwt" . }}
key: secret
{{- end }}
{{- with .Values.realtime.livenessProbe }}
livenessProbe:
{{- toYaml . | nindent 12 }}
Expand Down
Loading

0 comments on commit 146660a

Please sign in to comment.