diff --git a/mychart/templates/db_statefulset.yaml b/mychart/templates/db_statefulset.yaml index 1f125b0..57fc80e 100644 --- a/mychart/templates/db_statefulset.yaml +++ b/mychart/templates/db_statefulset.yaml @@ -32,13 +32,25 @@ spec: memory: {{ .Values.db.resources.requests.memory }} env: - name: POSTGRES_USER - value: {{ .Values.db.env.POSTGRES_USER | quote }} + valueFrom: + secretKeyRef: + name: db-secret + key: POSTGRES_USER - name: POSTGRES_PASSWORD - value: {{ .Values.db.env.POSTGRES_PASSWORD | quote }} + valueFrom: + secretKeyRef: + name: db-secret + key: POSTGRES_PASSWORD - name: POSTGRES_DB - value: {{ .Values.db.env.POSTGRES_DB | quote }} + valueFrom: + secretKeyRef: + name: db-secret + key: POSTGRES_DB - name: HOST - value: {{ .Values.db.env.HOST | quote }} + valueFrom: + secretKeyRef: + name: db-secret + key: HOST volumeMounts: - name: postgres-storage mountPath: /var/lib/postgresql/data diff --git a/mychart/templates/secret.yaml b/mychart/templates/secret.yaml new file mode 100644 index 0000000..e18c744 --- /dev/null +++ b/mychart/templates/secret.yaml @@ -0,0 +1,27 @@ +apiVersion: v1 +kind: Secret +metadata: + name: db-secret +type: Opaque +data: + POSTGRES_USER: {{ .Values.db.secret.POSTGRES_USER | b64enc | quote }} + POSTGRES_PASSWORD: {{ .Values.db.secret.POSTGRES_PASSWORD | b64enc | quote }} + POSTGRES_DB: {{ .Values.db.secret.POSTGRES_DB | b64enc | quote }} + HOST: {{ .Values.db.secret.HOST | b64enc | quote }} + +--- + +apiVersion: v1 +kind: Secret +metadata: + name: web-app-secret +type: Opaque +data: + connectionString: {{ .Values.webApp.secret.connectionString | b64enc | quote }} + JWT_ISSUER: {{ .Values.webApp.secret.JWT_ISSUER | b64enc | quote }} + JWT_AUDIENCE: {{ .Values.webApp.secret.JWT_AUDIENCE | b64enc | quote }} + JWT_KEY: {{ .Values.webApp.secret.JWT_KEY | b64enc | quote }} + ROOTUSER_ROLE: {{ .Values.webApp.secret.ROOTUSER_ROLE | b64enc | quote }} + ROOTUSER_USERNAME: {{ .Values.webApp.secret.ROOTUSER_USERNAME | b64enc | quote }} + ROOTUSER_EMAIL: {{ .Values.webApp.secret.ROOTUSER_EMAIL | b64enc | quote }} + ROOTUSER_PASSWORD: {{ .Values.webApp.secret.ROOTUSER_PASSWORD | b64enc | quote }} \ No newline at end of file diff --git a/mychart/templates/web_deployment.yaml b/mychart/templates/web_deployment.yaml index 4f856d8..b7a383b 100644 --- a/mychart/templates/web_deployment.yaml +++ b/mychart/templates/web_deployment.yaml @@ -30,8 +30,46 @@ spec: ports: - containerPort: {{ .Values.webApp.container.port }} env: - - name: ConnectionStrings__DefaultConnection - value: {{ .Values.webApp.env.connectionString | quote }} + - name: DB_CONNECTION_STRING + valueFrom: + secretKeyRef: + name: web-app-secret + key: connectionString + - name: JWT_ISSUER + valueFrom: + secretKeyRef: + name: web-app-secret + key: JWT_ISSUER + - name: JWT_AUDIENCE + valueFrom: + secretKeyRef: + name: web-app-secret + key: JWT_AUDIENCE + - name: JWT_KEY + valueFrom: + secretKeyRef: + name: web-app-secret + key: JWT_KEY + - name: ROOTUSER_ROLE + valueFrom: + secretKeyRef: + name: web-app-secret + key: ROOTUSER_ROLE + - name: ROOTUSER_USERNAME + valueFrom: + secretKeyRef: + name: web-app-secret + key: ROOTUSER_USERNAME + - name: ROOTUSER_EMAIL + valueFrom: + secretKeyRef: + name: web-app-secret + key: ROOTUSER_EMAIL + - name: ROOTUSER_PASSWORD + valueFrom: + secretKeyRef: + name: web-app-secret + key: ROOTUSER_PASSWORD initContainers: - name: {{ .Values.webApp.initContainer.name }} image: {{ .Values.webApp.initContainer.image }} @@ -46,5 +84,8 @@ spec: ephemeral-storage: {{ .Values.webApp.resources.requests.ephemeralStorage }} memory: {{ .Values.webApp.resources.requests.memory }} env: - - name: ConnectionStrings__DefaultConnection - value: {{ .Values.webApp.env.connectionString | quote }} + - name: DB_CONNECTION_STRING + valueFrom: + secretKeyRef: + name: web-app-secret + key: connectionString diff --git a/mychart/values.yaml b/mychart/values.yaml index d2c95bf..0a97e7d 100644 --- a/mychart/values.yaml +++ b/mychart/values.yaml @@ -1,3 +1,6 @@ +# values.yaml + +# Database Configuration db: name: database app: database @@ -10,11 +13,11 @@ db: pvc: name: postgres-pvc storage: 1Gi - env: - POSTGRES_USER: "yourusername" - POSTGRES_PASSWORD: "yourpassword" - POSTGRES_DB: "YourDatabaseName" - HOST: "postgresql" + secret: + POSTGRES_USER: "yourusername" # Base64 encoded in the Secret manifest + POSTGRES_PASSWORD: "yourpassword" # Base64 encoded in the Secret manifest + POSTGRES_DB: "YourDatabaseName" # Base64 encoded in the Secret manifest + HOST: "postgresql" # Base64 encoded in the Secret manifest resources: limits: cpu: 1000m @@ -30,6 +33,7 @@ db: port: 5432 targetPort: 5432 +# Angular Frontend Configuration (if needed) angular: name: angular app: angular @@ -55,6 +59,7 @@ angular: targetPort: 4000 nodePort: 30081 +# Web Application Configuration webApp: name: web-app app: web-app @@ -77,8 +82,15 @@ webApp: cpu: 100m ephemeralStorage: 100Mi memory: 100Mi - env: - connectionString: "Host=postgresql;Database=YourDatabaseName;Username=yourusername;Password=yourpassword" + secret: + connectionString: "Host=postgresql;Database=YourDatabaseName;Username=yourusername;Password=yourpassword" + JWT_ISSUER: "http://localhost:5000" # Base64 encoded in the Secret manifest + JWT_AUDIENCE: "http://localhost:5000" # Base64 encoded in the Secret manifest + JWT_KEY: "sjmcabnishcpasichquwh108hd29dh12wcf1hni1nci9vh9p920u1dhx08122hiokasnx89" # Base64 encoded in the Secret manifest + ROOTUSER_ROLE: "Admin" # Base64 encoded in the Secret manifest + ROOTUSER_USERNAME: "root" # Base64 encoded in the Secret manifest + ROOTUSER_EMAIL: "root@example.com" # Base64 encoded in the Secret manifest + ROOTUSER_PASSWORD: "Root@123" # Base64 encoded in the Secret manifest service: name: web-app-service type: NodePort