Skip to content

Commit

Permalink
Merge pull request #2 from Star-Academy/kubernetes
Browse files Browse the repository at this point in the history
feat: add secret to cluster
  • Loading branch information
msm1984 authored Sep 5, 2024
2 parents b48adf8 + 7a980bb commit 2ea75d4
Show file tree
Hide file tree
Showing 4 changed files with 107 additions and 15 deletions.
20 changes: 16 additions & 4 deletions mychart/templates/db_statefulset.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -32,13 +32,25 @@ spec:
memory: {{ .Values.db.resources.requests.memory }}
env:
- name: POSTGRES_USER
value: {{ .Values.db.env.POSTGRES_USER | quote }}
valueFrom:
secretKeyRef:
name: db-secret
key: POSTGRES_USER
- name: POSTGRES_PASSWORD
value: {{ .Values.db.env.POSTGRES_PASSWORD | quote }}
valueFrom:
secretKeyRef:
name: db-secret
key: POSTGRES_PASSWORD
- name: POSTGRES_DB
value: {{ .Values.db.env.POSTGRES_DB | quote }}
valueFrom:
secretKeyRef:
name: db-secret
key: POSTGRES_DB
- name: HOST
value: {{ .Values.db.env.HOST | quote }}
valueFrom:
secretKeyRef:
name: db-secret
key: HOST
volumeMounts:
- name: postgres-storage
mountPath: /var/lib/postgresql/data
Expand Down
27 changes: 27 additions & 0 deletions mychart/templates/secret.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,27 @@
apiVersion: v1
kind: Secret
metadata:
name: db-secret
type: Opaque
data:
POSTGRES_USER: {{ .Values.db.secret.POSTGRES_USER | b64enc | quote }}
POSTGRES_PASSWORD: {{ .Values.db.secret.POSTGRES_PASSWORD | b64enc | quote }}
POSTGRES_DB: {{ .Values.db.secret.POSTGRES_DB | b64enc | quote }}
HOST: {{ .Values.db.secret.HOST | b64enc | quote }}

---

apiVersion: v1
kind: Secret
metadata:
name: web-app-secret
type: Opaque
data:
connectionString: {{ .Values.webApp.secret.connectionString | b64enc | quote }}
JWT_ISSUER: {{ .Values.webApp.secret.JWT_ISSUER | b64enc | quote }}
JWT_AUDIENCE: {{ .Values.webApp.secret.JWT_AUDIENCE | b64enc | quote }}
JWT_KEY: {{ .Values.webApp.secret.JWT_KEY | b64enc | quote }}
ROOTUSER_ROLE: {{ .Values.webApp.secret.ROOTUSER_ROLE | b64enc | quote }}
ROOTUSER_USERNAME: {{ .Values.webApp.secret.ROOTUSER_USERNAME | b64enc | quote }}
ROOTUSER_EMAIL: {{ .Values.webApp.secret.ROOTUSER_EMAIL | b64enc | quote }}
ROOTUSER_PASSWORD: {{ .Values.webApp.secret.ROOTUSER_PASSWORD | b64enc | quote }}
49 changes: 45 additions & 4 deletions mychart/templates/web_deployment.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -30,8 +30,46 @@ spec:
ports:
- containerPort: {{ .Values.webApp.container.port }}
env:
- name: ConnectionStrings__DefaultConnection
value: {{ .Values.webApp.env.connectionString | quote }}
- name: DB_CONNECTION_STRING
valueFrom:
secretKeyRef:
name: web-app-secret
key: connectionString
- name: JWT_ISSUER
valueFrom:
secretKeyRef:
name: web-app-secret
key: JWT_ISSUER
- name: JWT_AUDIENCE
valueFrom:
secretKeyRef:
name: web-app-secret
key: JWT_AUDIENCE
- name: JWT_KEY
valueFrom:
secretKeyRef:
name: web-app-secret
key: JWT_KEY
- name: ROOTUSER_ROLE
valueFrom:
secretKeyRef:
name: web-app-secret
key: ROOTUSER_ROLE
- name: ROOTUSER_USERNAME
valueFrom:
secretKeyRef:
name: web-app-secret
key: ROOTUSER_USERNAME
- name: ROOTUSER_EMAIL
valueFrom:
secretKeyRef:
name: web-app-secret
key: ROOTUSER_EMAIL
- name: ROOTUSER_PASSWORD
valueFrom:
secretKeyRef:
name: web-app-secret
key: ROOTUSER_PASSWORD
initContainers:
- name: {{ .Values.webApp.initContainer.name }}
image: {{ .Values.webApp.initContainer.image }}
Expand All @@ -46,5 +84,8 @@ spec:
ephemeral-storage: {{ .Values.webApp.resources.requests.ephemeralStorage }}
memory: {{ .Values.webApp.resources.requests.memory }}
env:
- name: ConnectionStrings__DefaultConnection
value: {{ .Values.webApp.env.connectionString | quote }}
- name: DB_CONNECTION_STRING
valueFrom:
secretKeyRef:
name: web-app-secret
key: connectionString
26 changes: 19 additions & 7 deletions mychart/values.yaml
Original file line number Diff line number Diff line change
@@ -1,3 +1,6 @@
# values.yaml

# Database Configuration
db:
name: database
app: database
Expand All @@ -10,11 +13,11 @@ db:
pvc:
name: postgres-pvc
storage: 1Gi
env:
POSTGRES_USER: "yourusername"
POSTGRES_PASSWORD: "yourpassword"
POSTGRES_DB: "YourDatabaseName"
HOST: "postgresql"
secret:
POSTGRES_USER: "yourusername" # Base64 encoded in the Secret manifest
POSTGRES_PASSWORD: "yourpassword" # Base64 encoded in the Secret manifest
POSTGRES_DB: "YourDatabaseName" # Base64 encoded in the Secret manifest
HOST: "postgresql" # Base64 encoded in the Secret manifest
resources:
limits:
cpu: 1000m
Expand All @@ -30,6 +33,7 @@ db:
port: 5432
targetPort: 5432

# Angular Frontend Configuration (if needed)
angular:
name: angular
app: angular
Expand All @@ -55,6 +59,7 @@ angular:
targetPort: 4000
nodePort: 30081

# Web Application Configuration
webApp:
name: web-app
app: web-app
Expand All @@ -77,8 +82,15 @@ webApp:
cpu: 100m
ephemeralStorage: 100Mi
memory: 100Mi
env:
connectionString: "Host=postgresql;Database=YourDatabaseName;Username=yourusername;Password=yourpassword"
secret:
connectionString: "Host=postgresql;Database=YourDatabaseName;Username=yourusername;Password=yourpassword"
JWT_ISSUER: "http://localhost:5000" # Base64 encoded in the Secret manifest
JWT_AUDIENCE: "http://localhost:5000" # Base64 encoded in the Secret manifest
JWT_KEY: "sjmcabnishcpasichquwh108hd29dh12wcf1hni1nci9vh9p920u1dhx08122hiokasnx89" # Base64 encoded in the Secret manifest
ROOTUSER_ROLE: "Admin" # Base64 encoded in the Secret manifest
ROOTUSER_USERNAME: "root" # Base64 encoded in the Secret manifest
ROOTUSER_EMAIL: "[email protected]" # Base64 encoded in the Secret manifest
ROOTUSER_PASSWORD: "Root@123" # Base64 encoded in the Secret manifest
service:
name: web-app-service
type: NodePort
Expand Down

0 comments on commit 2ea75d4

Please sign in to comment.