From 27581e645a1925b1911b51edb2878efb51496488 Mon Sep 17 00:00:00 2001 From: Alessandro Ogier Date: Sat, 28 Dec 2024 15:26:46 +0100 Subject: [PATCH 1/3] support env vars from an existing secret --- kubernetes/chart/zulip/templates/statefulset.yaml | 5 +++++ kubernetes/chart/zulip/values.yaml | 2 ++ 2 files changed, 7 insertions(+) diff --git a/kubernetes/chart/zulip/templates/statefulset.yaml b/kubernetes/chart/zulip/templates/statefulset.yaml index dea51642fa..c9981d0c1b 100644 --- a/kubernetes/chart/zulip/templates/statefulset.yaml +++ b/kubernetes/chart/zulip/templates/statefulset.yaml @@ -57,6 +57,11 @@ spec: mountPath: /data/post-setup.d env: {{ include "zulip.env" . | nindent 12 }} + {{- if .Values.zulip.secretEnvironment }} + envFrom: + - secretRef: + name: {{ .Values.zulip.secretEnvironment }} + {{- end }} resources: {{- toYaml .Values.resources | nindent 12 }} {{- if .Values.livenessProbe.enabled }} diff --git a/kubernetes/chart/zulip/values.yaml b/kubernetes/chart/zulip/values.yaml index cfa8f0b9a8..d7af17895b 100644 --- a/kubernetes/chart/zulip/values.yaml +++ b/kubernetes/chart/zulip/values.yaml @@ -145,6 +145,8 @@ zulip: SETTING_EMAIL_USE_SSL: "False" SETTING_EMAIL_USE_TLS: "True" ZULIP_AUTH_BACKENDS: "EmailAuthBackend" + ## An existing secret from which populate environment variablgwes. + secretEnvironment: "" ## If `persistence.existingClaim` is not set, a PVC (Persistent ## Volume Claim) is generated with these specifications. persistence: From 19ad1a8b7caa11caef943ee64f8926d6f78fcc66 Mon Sep 17 00:00:00 2001 From: Alessandro Ogier Date: Sat, 28 Dec 2024 22:55:05 +0100 Subject: [PATCH 2/3] fix helpers --- kubernetes/chart/zulip/templates/_helpers.tpl | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/kubernetes/chart/zulip/templates/_helpers.tpl b/kubernetes/chart/zulip/templates/_helpers.tpl index 39cd659d0b..ee8fcd043b 100644 --- a/kubernetes/chart/zulip/templates/_helpers.tpl +++ b/kubernetes/chart/zulip/templates/_helpers.tpl @@ -78,16 +78,26 @@ include all env variables for Zulip pods value: "{{ template "common.names.fullname" .Subcharts.rabbitmq }}" - name: SETTING_REDIS_HOST value: "{{ template "common.names.fullname" .Subcharts.redis }}-headless" +{{- if .Values.rabbitmq.auth.password }} - name: SECRETS_rabbitmq_password value: "{{ .Values.rabbitmq.auth.password }}" +{{- end }} +{{- if .Values.postgresql.auth.password }} - name: SECRETS_postgres_password value: "{{ .Values.postgresql.auth.password }}" +{{- end }} +{{- if .Values.memcached.memcachedPassword }} - name: SECRETS_memcached_password value: "{{ .Values.memcached.memcachedPassword }}" +{{- end }} +{{- if .Values.redis.auth.password }} - name: SECRETS_redis_password value: "{{ .Values.redis.auth.password }}" +{{- end }} +{{- if .Values.zulip.password }} - name: SECRETS_secret_key value: "{{ .Values.zulip.password }}" +{{- end }} {{- range $key, $value := .Values.zulip.environment }} - name: {{ $key }} value: {{ $value | quote }} From 71a517be20fcb211179cfa9cf8f0e3e3287de7db Mon Sep 17 00:00:00 2001 From: Alessandro Ogier Date: Sat, 28 Dec 2024 23:06:23 +0100 Subject: [PATCH 3/3] notes fix --- kubernetes/chart/zulip/templates/NOTES.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/kubernetes/chart/zulip/templates/NOTES.txt b/kubernetes/chart/zulip/templates/NOTES.txt index 39aad86919..90067fd0d8 100644 --- a/kubernetes/chart/zulip/templates/NOTES.txt +++ b/kubernetes/chart/zulip/templates/NOTES.txt @@ -1,7 +1,7 @@ 1. To create a realm so you can sign in: export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ template "zulip.name" . }}" -o jsonpath="{.items[0].metadata.name}") - kubectl -n {{ .Release.Namespace }} exec -it "$POD_NAME" -c zulip -- sudo -u zulip /home/zulip/deployments/current/manage.py generate_realm_creation_link + kubectl -n {{ .Release.Namespace }} exec -it "$POD_NAME" -c zulip -- sudo -Eu zulip /home/zulip/deployments/current/manage.py generate_realm_creation_link 2. Zulip will be available on: