diff --git a/charts/unleash/templates/deployment.yaml b/charts/unleash/templates/deployment.yaml index 172b6d6..7dde806 100644 --- a/charts/unleash/templates/deployment.yaml +++ b/charts/unleash/templates/deployment.yaml @@ -47,6 +47,15 @@ spec: {{- end }} - name: DATABASE_NAME value: "{{ .Values.dbConfig.database }}" + {{ if .Values.databaseSecrets}} + {{- range .Values.databaseSecrets }} + - name: {{ .name }} + valueFrom: + secretKeyRef: + name: {{ .valueFrom.secretKeyRef.name }} + key: {{ .valueFrom.secretKeyRef.key }} + {{- end }} + {{- else }} - name: DATABASE_HOST value: "{{ if .Values.postgresql.enabled }}{{ .Values.postgresql.fullnameOverride }}{{ else }}{{ .Values.dbConfig.host }}{{ end }}" - name: DATABASE_PASSWORD @@ -55,6 +64,7 @@ spec: value: "{{ .Values.dbConfig.port }}" - name: DATABASE_USERNAME value: "{{ .Values.dbConfig.user }}" + {{- end }} {{- if .Values.dbConfig.ssl }} - name: DATABASE_SSL value: {{ .Values.dbConfig.ssl | toJson | quote }} diff --git a/charts/unleash/values.yaml b/charts/unleash/values.yaml index 29f95ac..5ac93cd 100644 --- a/charts/unleash/values.yaml +++ b/charts/unleash/values.yaml @@ -61,6 +61,30 @@ dbConfig: # sslRejectUnauthorized can be set to true|false. Don't set this to false in production, it will void any security you get from using SSL to connect # sslRejectUnauthorized +# adds DATABASE_ host, port, username and password enviroment vars from a secrets file for use with Crossplane RDSInstance +databaseSecrets: + [] + # - name: DATABASE_HOST + # valueFrom: + # secretKeyRef: + # name: db-conn + # key: endpoint + # - name: DATABASE_PORT + # valueFrom: + # secretKeyRef: + # name: db-conn + # key: port + # - name: DATABASE_USERNAME + # valueFrom: + # secretKeyRef: + # name: db-conn + # key: username + # - name: DATABASE_PASSWORD + # valueFrom: + # secretKeyRef: + # name: db-conn + # key: password + env: [] # - name: GOOGLE_CLIENT_ID # value: 999999999999-999z99zz9zzzzzz99z9zz9z9zzzzzz9z.apps.googleusercontent.com