Skip to content

Commit

Permalink
Add support for custom secretRef keys
Browse files Browse the repository at this point in the history
  • Loading branch information
@drpsyko101
drpsyko101 committed Apr 7, 2024
1 parent 54b0c2d commit a5d5e02
Show file tree
Hide file tree
Showing 19 changed files with 132 additions and 51 deletions.
14 changes: 9 additions & 5 deletions charts/supabase/templates/analytics/deployment.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -44,10 +44,11 @@ spec:
secretKeyRef:
{{- if .Values.secret.db.secretRef }}
name: {{ .Values.secret.db.secretRef }}
key: {{ .Values.secret.db.secretRefKey.username | default "username" }}
{{- else }}
name: {{ include "supabase.secret.db" . }}
{{- end }}
key: username
{{- end }}
- name: DB_PORT
value: {{ .Values.analytics.environment.DB_PORT | quote }}
command: ["/bin/sh", "-c"]
Expand Down Expand Up @@ -78,16 +79,17 @@ spec:
secretKeyRef:
{{- if .Values.secret.db.secretRef }}
name: {{ .Values.secret.db.secretRef }}
key: {{ .Values.secret.db.secretRefKey.password | default "password" }}
{{- else }}
name: {{ include "supabase.secret.db" . }}
{{- end }}
key: password
{{- end }}
- name: DB_PASSWORD_ENC
valueFrom:
secretKeyRef:
{{- if .Values.secret.db.secretRef }}
name: {{ .Values.secret.db.secretRef }}
key: password
key: {{ .Values.secret.db.secretRefKey.password | default "password" }}
{{- else }}
name: {{ include "supabase.secret.db" . }}
key: password_encoded
Expand All @@ -97,19 +99,21 @@ spec:
secretKeyRef:
{{- if .Values.secret.db.secretRef }}
name: {{ .Values.secret.db.secretRef }}
key: {{ .Values.secret.db.secretRefKey.database | default "database" }}
{{- else }}
name: {{ include "supabase.secret.db" . }}
{{- end }}
key: database
{{- end }}
- name: LOGFLARE_API_KEY
valueFrom:
secretKeyRef:
{{- if .Values.secret.analytics.secretRef }}
name: {{ .Values.secret.analytics.secretRef }}
key: {{ .Values.secret.analytics.secretRefKey.apiKey | default "apiKey" }}
{{- else }}
name: {{ include "supabase.secret.analytics" . }}
{{- end }}
key: apiKey
{{- end }}
{{- if .Values.analytics.bigQuery.enabled }}
- name: GOOGLE_PROJECT_ID
value: {{ .Values.analytics.bigQuery.projectId | quote }}
Expand Down
20 changes: 13 additions & 7 deletions charts/supabase/templates/auth/deployment.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -44,10 +44,11 @@ spec:
secretKeyRef:
{{- if .Values.secret.db.secretRef }}
name: {{ .Values.secret.db.secretRef }}
key: {{ .Values.secret.db.secretRefKey.username | default "username" }}
{{- else }}
name: {{ include "supabase.secret.db" . }}
{{- end }}
key: username
{{- end }}
- name: DB_PORT
value: {{ .Values.auth.environment.DB_PORT | quote }}
command: ["/bin/sh", "-c"]
Expand Down Expand Up @@ -78,16 +79,17 @@ spec:
secretKeyRef:
{{- if .Values.secret.db.secretRef }}
name: {{ .Values.secret.db.secretRef }}
key: {{ .Values.secret.db.secretRefKey.password | default "password" }}
{{- else }}
name: {{ include "supabase.secret.db" . }}
{{- end }}
key: password
{{- end }}
- name: DB_PASSWORD_ENC
valueFrom:
secretKeyRef:
{{- if .Values.secret.db.secretRef }}
name: {{ .Values.secret.db.secretRef }}
key: password
key: {{ .Values.secret.db.secretRefKey.password | default "password" }}
{{- else }}
name: {{ include "supabase.secret.db" . }}
key: password_encoded
Expand All @@ -97,10 +99,11 @@ spec:
secretKeyRef:
{{- if .Values.secret.db.secretRef }}
name: {{ .Values.secret.db.secretRef }}
key: {{ .Values.secret.db.secretRefKey.database | default "database" }}
{{- else }}
name: {{ include "supabase.secret.db" . }}
{{- end }}
key: database
{{- end }}
- name: GOTRUE_DB_DATABASE_URL
value: $(DB_DRIVER)://$(DB_USER):$(DB_PASSWORD_ENC)@$(DB_HOST):$(DB_PORT)/$(DB_NAME)?search_path=auth&sslmode=$(DB_SSL)
- name: GOTRUE_DB_DRIVER
Expand All @@ -110,28 +113,31 @@ spec:
secretKeyRef:
{{- if .Values.secret.jwt.secretRef }}
name: {{ .Values.secret.jwt.secretRef }}
key: {{ .Values.secret.jwt.secretRefKey.secret | default "secret" }}
{{- else }}
name: {{ include "supabase.secret.jwt" . }}
{{- end }}
key: secret
{{- end }}
- name: GOTRUE_SMTP_USER
valueFrom:
secretKeyRef:
{{- if .Values.secret.smtp.secretRef }}
name: {{ .Values.secret.smtp.secretRef }}
key: {{ .Values.secret.smtp.secretRefKey.username | default "username" }}
{{- else }}
name: {{ include "supabase.secret.smtp" . }}
{{- end }}
key: username
{{- end }}
- name: GOTRUE_SMTP_PASS
valueFrom:
secretKeyRef:
{{- if .Values.secret.smtp.secretRef }}
name: {{ .Values.secret.smtp.secretRef }}
key: {{ .Values.secret.smtp.secretRefKey.password | default "password" }}
{{- else }}
name: {{ include "supabase.secret.smtp" . }}
{{- end }}
key: password
{{- end }}
{{- with .Values.auth.livenessProbe }}
livenessProbe:
{{- toYaml . | nindent 12 }}
Expand Down
15 changes: 10 additions & 5 deletions charts/supabase/templates/db/deployment.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -68,46 +68,51 @@ spec:
secretKeyRef:
{{- if .Values.secret.db.secretRef }}
name: {{ .Values.secret.db.secretRef }}
key: {{ .Values.secret.db.secretRefKey.username | default "username" }}
{{- else }}
name: {{ include "supabase.secret.db" . }}
{{- end }}
key: username
{{- end }}
- name: PGPASSWORD
valueFrom:
secretKeyRef:
{{- if .Values.secret.db.secretRef }}
name: {{ .Values.secret.db.secretRef }}
key: {{ .Values.secret.db.secretRefKey.password | default "password" }}
{{- else }}
name: {{ include "supabase.secret.db" . }}
{{- end }}
key: password
{{- end }}
- name: POSTGRES_PASSWORD
valueFrom:
secretKeyRef:
{{- if .Values.secret.db.secretRef }}
name: {{ .Values.secret.db.secretRef }}
key: {{ .Values.secret.db.secretRefKey.password | default "password" }}
{{- else }}
name: {{ include "supabase.secret.db" . }}
{{- end }}
key: password
{{- end }}
- name: PGDATABASE
valueFrom:
secretKeyRef:
{{- if .Values.secret.db.secretRef }}
name: {{ .Values.secret.db.secretRef }}
key: {{ .Values.secret.db.secretRefKey.database | default "database" }}
{{- else }}
name: {{ include "supabase.secret.db" . }}
{{- end }}
key: database
{{- end }}
- name: POSTGRES_DB
valueFrom:
secretKeyRef:
{{- if .Values.secret.db.secretRef }}
name: {{ .Values.secret.db.secretRef }}
key: {{ .Values.secret.db.secretRefKey.database | default "database" }}
{{- else }}
name: {{ include "supabase.secret.db" . }}
{{- end }}
key: database
{{- end }}
{{- with .Values.db.livenessProbe }}
livenessProbe:
{{- toYaml . | nindent 12 }}
Expand Down
17 changes: 11 additions & 6 deletions charts/supabase/templates/functions/deployment.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -54,16 +54,17 @@ spec:
secretKeyRef:
{{- if .Values.secret.db.secretRef }}
name: {{ .Values.secret.db.secretRef }}
key: {{ .Values.secret.db.secretRefKey.password | default "password" }}
{{- else }}
name: {{ include "supabase.secret.db" . }}
{{- end }}
key: password
{{- end }}
- name: DB_PASSWORD_ENC
valueFrom:
secretKeyRef:
{{- if .Values.secret.db.secretRef }}
name: {{ .Values.secret.db.secretRef }}
key: password
key: {{ .Values.secret.db.secretRefKey.password | default "password" }}
{{- else }}
name: {{ include "supabase.secret.db" . }}
key: password_encoded
Expand All @@ -73,37 +74,41 @@ spec:
secretKeyRef:
{{- if .Values.secret.db.secretRef }}
name: {{ .Values.secret.db.secretRef }}
key: {{ .Values.secret.db.secretRefKey.database | default "database" }}
{{- else }}
name: {{ include "supabase.secret.db" . }}
{{- end }}
key: database
{{- end }}
- name: JWT_SECRET
valueFrom:
secretKeyRef:
{{- if .Values.secret.jwt.secretRef }}
name: {{ .Values.secret.jwt.secretRef }}
key: {{ .Values.secret.jwt.secretRefKey.secret | default "secret" }}
{{- else }}
name: {{ include "supabase.secret.jwt" . }}
{{- end }}
key: secret
{{- end }}
- name: SUPABASE_ANON_KEY
valueFrom:
secretKeyRef:
{{- if .Values.secret.jwt.secretRef }}
name: {{ .Values.secret.jwt.secretRef }}
key: {{ .Values.secret.jwt.secretRefKey.anonKey | default "anonKey" }}
{{- else }}
name: {{ include "supabase.secret.jwt" . }}
{{- end }}
key: anonKey
{{- end }}
- name: SUPABASE_SERVICE_ROLE_KEY
valueFrom:
secretKeyRef:
{{- if .Values.secret.jwt.secretRef }}
name: {{ .Values.secret.jwt.secretRef }}
key: {{ .Values.secret.jwt.secretRefKey.serviceKey | default "serviceKey" }}
{{- else }}
name: {{ include "supabase.secret.jwt" . }}
{{- end }}
key: serviceKey
{{- end }}
- name: POSTGRES_BACKEND_URL
value: $(DB_DRIVER)://$(DB_USERNAME):$(DB_PASSWORD_ENC)@$(DB_HOSTNAME):$(DB_PORT)/$(DB_DATABASE)?search_path=auth&sslmode=$(DB_SSL)
{{- with .Values.functions.livenessProbe }}
Expand Down
12 changes: 8 additions & 4 deletions charts/supabase/templates/kong/deployment.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -46,38 +46,42 @@ spec:
secretKeyRef:
{{- if .Values.secret.jwt.secretRef }}
name: {{ .Values.secret.jwt.secretRef }}
key: {{ .Values.secret.jwt.secretRefKey.anonKey | default "anonKey" }}
{{- else }}
name: {{ include "supabase.secret.jwt" . }}
{{- end }}
key: anonKey
{{- end }}
- name: SUPABASE_SERVICE_KEY
valueFrom:
secretKeyRef:
{{- if .Values.secret.jwt.secretRef }}
name: {{ .Values.secret.jwt.secretRef }}
key: {{ .Values.secret.jwt.secretRefKey.serviceKey | default "serviceKey" }}
{{- else }}
name: {{ include "supabase.secret.jwt" . }}
{{- end }}
key: serviceKey
{{- end }}
{{- if .Values.secret.dashboard }}
- name: DASHBOARD_USERNAME
valueFrom:
secretKeyRef:
{{- if .Values.secret.dashboard.secretRef }}
name: {{ .Values.secret.dashboard.secretRef }}
key: {{ .Values.secret.dashboard.secretRefKey.username | default "username" }}
{{- else }}
name: {{ include "supabase.secret.dashboard" . }}
{{- end }}
key: username
{{- end }}
- name: DASHBOARD_PASSWORD
valueFrom:
secretKeyRef:
{{- if .Values.secret.dashboard.secretRef }}
name: {{ .Values.secret.dashboard.secretRef }}
key: {{ .Values.secret.dashboard.secretRefKey.password | default "password" }}
{{- else }}
name: {{ include "supabase.secret.dashboard" . }}
{{- end }}
key: password
{{- end }}
{{- end }}
{{- with .Values.kong.livenessProbe }}
livenessProbe:
Expand Down
6 changes: 4 additions & 2 deletions charts/supabase/templates/meta/deployment.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -48,19 +48,21 @@ spec:
secretKeyRef:
{{- if .Values.secret.db.secretRef }}
name: {{ .Values.secret.db.secretRef }}
key: {{ .Values.secret.db.secretRefKey.password | default "password" }}
{{- else }}
name: {{ include "supabase.secret.db" . }}
{{- end }}
key: password
{{- end }}
- name: DB_NAME
valueFrom:
secretKeyRef:
{{- if .Values.secret.db.secretRef }}
name: {{ .Values.secret.db.secretRef }}
key: {{ .Values.secret.db.secretRefKey.database | default "database" }}
{{- else }}
name: {{ include "supabase.secret.db" . }}
{{- end }}
key: database
{{- end }}
- name: PG_META_DB_HOST
value: $(DB_HOST)
- name: PG_META_DB_PORT
Expand Down
15 changes: 10 additions & 5 deletions charts/supabase/templates/realtime/deployment.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -44,10 +44,11 @@ spec:
secretKeyRef:
{{- if .Values.secret.db.secretRef }}
name: {{ .Values.secret.db.secretRef }}
key: {{ .Values.secret.db.secretRefKey.username | default "username" }}
{{- else }}
name: {{ include "supabase.secret.db" . }}
{{- end }}
key: username
{{- end }}
- name: DB_PORT
value: {{ .Values.analytics.environment.DB_PORT | quote }}
command: ["/bin/sh", "-c"]
Expand Down Expand Up @@ -80,37 +81,41 @@ spec:
secretKeyRef:
{{- if .Values.secret.db.secretRef }}
name: {{ .Values.secret.db.secretRef }}
key: {{ .Values.secret.db.secretRefKey.password | default "password" }}
{{- else }}
name: {{ include "supabase.secret.db" . }}
{{- end }}
key: password
{{- end }}
- name: DB_NAME
valueFrom:
secretKeyRef:
{{- if .Values.secret.db.secretRef }}
name: {{ .Values.secret.db.secretRef }}
key: {{ .Values.secret.db.secretRefKey.database | default "database" }}
{{- else }}
name: {{ include "supabase.secret.db" . }}
{{- end }}
key: database
{{- end }}
- name: JWT_SECRET
valueFrom:
secretKeyRef:
{{- if .Values.secret.jwt.secretRef }}
name: {{ .Values.secret.jwt.secretRef }}
key: {{ .Values.secret.jwt.secretRefKey.secret | default "secret" }}
{{- else }}
name: {{ include "supabase.secret.jwt" . }}
{{- end }}
key: secret
{{- end }}
- name: API_JWT_SECRET
valueFrom:
secretKeyRef:
{{- if .Values.secret.jwt.secretRef }}
name: {{ .Values.secret.jwt.secretRef }}
key: {{ .Values.secret.jwt.secretRefKey.secret | default "secret" }}
{{- else }}
name: {{ include "supabase.secret.jwt" . }}
{{- end }}
key: secret
{{- end }}
{{- with .Values.realtime.livenessProbe }}
livenessProbe:
{{- toYaml . | nindent 12 }}
Expand Down
Loading

0 comments on commit a5d5e02

Please sign in to comment.