Skip to content

Commit 146660a

Browse files
arpagonarpagon
authored
Merge pull request #54 from drpsyko101/secret-ref
Add support for existing secret references
2 parents 1e02484 + 1614614 commit 146660a

23 files changed

+438
-6
lines changed

charts/supabase/Chart.yaml

+1-1
Original file line numberDiff line numberDiff line change
@@ -15,7 +15,7 @@ type: application
1515
# This is the chart version. This version number should be incremented each time you make changes
1616
# to the chart and its templates, including the app version.
1717
# Versions are expected to follow Semantic Versioning (https://semver.org/)
18-
version: 0.1.0
18+
version: 0.1.1
1919

2020
# This is the version number of the application being deployed. This version number should be
2121
# incremented each time you make changes to the application. Versions are not expected to

charts/supabase/templates/analytics/deployment.yaml

+25
Original file line numberDiff line numberDiff line change
@@ -42,8 +42,13 @@ spec:
4242
- name: DB_USER
4343
valueFrom:
4444
secretKeyRef:
45+
{{- if .Values.secret.db.secretRef }}
46+
name: {{ .Values.secret.db.secretRef }}
47+
key: {{ .Values.secret.db.secretRefKey.username | default "username" }}
48+
{{- else }}
4549
name: {{ include "supabase.secret.db" . }}
4650
key: username
51+
{{- end }}
4752
- name: DB_PORT
4853
value: {{ .Values.analytics.environment.DB_PORT | quote }}
4954
command: ["/bin/sh", "-c"]
@@ -72,23 +77,43 @@ spec:
7277
- name: DB_PASSWORD
7378
valueFrom:
7479
secretKeyRef:
80+
{{- if .Values.secret.db.secretRef }}
81+
name: {{ .Values.secret.db.secretRef }}
82+
key: {{ .Values.secret.db.secretRefKey.password | default "password" }}
83+
{{- else }}
7584
name: {{ include "supabase.secret.db" . }}
7685
key: password
86+
{{- end }}
7787
- name: DB_PASSWORD_ENC
7888
valueFrom:
7989
secretKeyRef:
90+
{{- if .Values.secret.db.secretRef }}
91+
name: {{ .Values.secret.db.secretRef }}
92+
key: {{ .Values.secret.db.secretRefKey.password | default "password" }}
93+
{{- else }}
8094
name: {{ include "supabase.secret.db" . }}
8195
key: password_encoded
96+
{{- end }}
8297
- name: DB_DATABASE
8398
valueFrom:
8499
secretKeyRef:
100+
{{- if .Values.secret.db.secretRef }}
101+
name: {{ .Values.secret.db.secretRef }}
102+
key: {{ .Values.secret.db.secretRefKey.database | default "database" }}
103+
{{- else }}
85104
name: {{ include "supabase.secret.db" . }}
86105
key: database
106+
{{- end }}
87107
- name: LOGFLARE_API_KEY
88108
valueFrom:
89109
secretKeyRef:
110+
{{- if .Values.secret.analytics.secretRef }}
111+
name: {{ .Values.secret.analytics.secretRef }}
112+
key: {{ .Values.secret.analytics.secretRefKey.apiKey | default "apiKey" }}
113+
{{- else }}
90114
name: {{ include "supabase.secret.analytics" . }}
91115
key: apiKey
116+
{{- end }}
92117
{{- if .Values.analytics.bigQuery.enabled }}
93118
- name: GOOGLE_PROJECT_ID
94119
value: {{ .Values.analytics.bigQuery.projectId | quote }}

charts/supabase/templates/auth/deployment.yaml

+35
Original file line numberDiff line numberDiff line change
@@ -42,8 +42,13 @@ spec:
4242
- name: DB_USER
4343
valueFrom:
4444
secretKeyRef:
45+
{{- if .Values.secret.db.secretRef }}
46+
name: {{ .Values.secret.db.secretRef }}
47+
key: {{ .Values.secret.db.secretRefKey.username | default "username" }}
48+
{{- else }}
4549
name: {{ include "supabase.secret.db" . }}
4650
key: username
51+
{{- end }}
4752
- name: DB_PORT
4853
value: {{ .Values.auth.environment.DB_PORT | quote }}
4954
command: ["/bin/sh", "-c"]
@@ -72,37 +77,67 @@ spec:
7277
- name: DB_PASSWORD
7378
valueFrom:
7479
secretKeyRef:
80+
{{- if .Values.secret.db.secretRef }}
81+
name: {{ .Values.secret.db.secretRef }}
82+
key: {{ .Values.secret.db.secretRefKey.password | default "password" }}
83+
{{- else }}
7584
name: {{ include "supabase.secret.db" . }}
7685
key: password
86+
{{- end }}
7787
- name: DB_PASSWORD_ENC
7888
valueFrom:
7989
secretKeyRef:
90+
{{- if .Values.secret.db.secretRef }}
91+
name: {{ .Values.secret.db.secretRef }}
92+
key: {{ .Values.secret.db.secretRefKey.password | default "password" }}
93+
{{- else }}
8094
name: {{ include "supabase.secret.db" . }}
8195
key: password_encoded
96+
{{- end }}
8297
- name: DB_NAME
8398
valueFrom:
8499
secretKeyRef:
100+
{{- if .Values.secret.db.secretRef }}
101+
name: {{ .Values.secret.db.secretRef }}
102+
key: {{ .Values.secret.db.secretRefKey.database | default "database" }}
103+
{{- else }}
85104
name: {{ include "supabase.secret.db" . }}
86105
key: database
106+
{{- end }}
87107
- name: GOTRUE_DB_DATABASE_URL
88108
value: $(DB_DRIVER)://$(DB_USER):$(DB_PASSWORD_ENC)@$(DB_HOST):$(DB_PORT)/$(DB_NAME)?search_path=auth&sslmode=$(DB_SSL)
89109
- name: GOTRUE_DB_DRIVER
90110
value: $(DB_DRIVER)
91111
- name: GOTRUE_JWT_SECRET
92112
valueFrom:
93113
secretKeyRef:
114+
{{- if .Values.secret.jwt.secretRef }}
115+
name: {{ .Values.secret.jwt.secretRef }}
116+
key: {{ .Values.secret.jwt.secretRefKey.secret | default "secret" }}
117+
{{- else }}
94118
name: {{ include "supabase.secret.jwt" . }}
95119
key: secret
120+
{{- end }}
96121
- name: GOTRUE_SMTP_USER
97122
valueFrom:
98123
secretKeyRef:
124+
{{- if .Values.secret.smtp.secretRef }}
125+
name: {{ .Values.secret.smtp.secretRef }}
126+
key: {{ .Values.secret.smtp.secretRefKey.username | default "username" }}
127+
{{- else }}
99128
name: {{ include "supabase.secret.smtp" . }}
100129
key: username
130+
{{- end }}
101131
- name: GOTRUE_SMTP_PASS
102132
valueFrom:
103133
secretKeyRef:
134+
{{- if .Values.secret.smtp.secretRef }}
135+
name: {{ .Values.secret.smtp.secretRef }}
136+
key: {{ .Values.secret.smtp.secretRefKey.password | default "password" }}
137+
{{- else }}
104138
name: {{ include "supabase.secret.smtp" . }}
105139
key: password
140+
{{- end }}
106141
{{- with .Values.auth.livenessProbe }}
107142
livenessProbe:
108143
{{- toYaml . | nindent 12 }}

charts/supabase/templates/db/deployment.yaml

+25
Original file line numberDiff line numberDiff line change
@@ -66,28 +66,53 @@ spec:
6666
- name: POSTGRES_USER
6767
valueFrom:
6868
secretKeyRef:
69+
{{- if .Values.secret.db.secretRef }}
70+
name: {{ .Values.secret.db.secretRef }}
71+
key: {{ .Values.secret.db.secretRefKey.username | default "username" }}
72+
{{- else }}
6973
name: {{ include "supabase.secret.db" . }}
7074
key: username
75+
{{- end }}
7176
- name: PGPASSWORD
7277
valueFrom:
7378
secretKeyRef:
79+
{{- if .Values.secret.db.secretRef }}
80+
name: {{ .Values.secret.db.secretRef }}
81+
key: {{ .Values.secret.db.secretRefKey.password | default "password" }}
82+
{{- else }}
7483
name: {{ include "supabase.secret.db" . }}
7584
key: password
85+
{{- end }}
7686
- name: POSTGRES_PASSWORD
7787
valueFrom:
7888
secretKeyRef:
89+
{{- if .Values.secret.db.secretRef }}
90+
name: {{ .Values.secret.db.secretRef }}
91+
key: {{ .Values.secret.db.secretRefKey.password | default "password" }}
92+
{{- else }}
7993
name: {{ include "supabase.secret.db" . }}
8094
key: password
95+
{{- end }}
8196
- name: PGDATABASE
8297
valueFrom:
8398
secretKeyRef:
99+
{{- if .Values.secret.db.secretRef }}
100+
name: {{ .Values.secret.db.secretRef }}
101+
key: {{ .Values.secret.db.secretRefKey.database | default "database" }}
102+
{{- else }}
84103
name: {{ include "supabase.secret.db" . }}
85104
key: database
105+
{{- end }}
86106
- name: POSTGRES_DB
87107
valueFrom:
88108
secretKeyRef:
109+
{{- if .Values.secret.db.secretRef }}
110+
name: {{ .Values.secret.db.secretRef }}
111+
key: {{ .Values.secret.db.secretRefKey.database | default "database" }}
112+
{{- else }}
89113
name: {{ include "supabase.secret.db" . }}
90114
key: database
115+
{{- end }}
91116
{{- with .Values.db.livenessProbe }}
92117
livenessProbe:
93118
{{- toYaml . | nindent 12 }}

charts/supabase/templates/functions/deployment.yaml

+30
Original file line numberDiff line numberDiff line change
@@ -52,33 +52,63 @@ spec:
5252
- name: DB_PASSWORD
5353
valueFrom:
5454
secretKeyRef:
55+
{{- if .Values.secret.db.secretRef }}
56+
name: {{ .Values.secret.db.secretRef }}
57+
key: {{ .Values.secret.db.secretRefKey.password | default "password" }}
58+
{{- else }}
5559
name: {{ include "supabase.secret.db" . }}
5660
key: password
61+
{{- end }}
5762
- name: DB_PASSWORD_ENC
5863
valueFrom:
5964
secretKeyRef:
65+
{{- if .Values.secret.db.secretRef }}
66+
name: {{ .Values.secret.db.secretRef }}
67+
key: {{ .Values.secret.db.secretRefKey.password | default "password" }}
68+
{{- else }}
6069
name: {{ include "supabase.secret.db" . }}
6170
key: password_encoded
71+
{{- end }}
6272
- name: DB_DATABASE
6373
valueFrom:
6474
secretKeyRef:
75+
{{- if .Values.secret.db.secretRef }}
76+
name: {{ .Values.secret.db.secretRef }}
77+
key: {{ .Values.secret.db.secretRefKey.database | default "database" }}
78+
{{- else }}
6579
name: {{ include "supabase.secret.db" . }}
6680
key: database
81+
{{- end }}
6782
- name: JWT_SECRET
6883
valueFrom:
6984
secretKeyRef:
85+
{{- if .Values.secret.jwt.secretRef }}
86+
name: {{ .Values.secret.jwt.secretRef }}
87+
key: {{ .Values.secret.jwt.secretRefKey.secret | default "secret" }}
88+
{{- else }}
7089
name: {{ include "supabase.secret.jwt" . }}
7190
key: secret
91+
{{- end }}
7292
- name: SUPABASE_ANON_KEY
7393
valueFrom:
7494
secretKeyRef:
95+
{{- if .Values.secret.jwt.secretRef }}
96+
name: {{ .Values.secret.jwt.secretRef }}
97+
key: {{ .Values.secret.jwt.secretRefKey.anonKey | default "anonKey" }}
98+
{{- else }}
7599
name: {{ include "supabase.secret.jwt" . }}
76100
key: anonKey
101+
{{- end }}
77102
- name: SUPABASE_SERVICE_ROLE_KEY
78103
valueFrom:
79104
secretKeyRef:
105+
{{- if .Values.secret.jwt.secretRef }}
106+
name: {{ .Values.secret.jwt.secretRef }}
107+
key: {{ .Values.secret.jwt.secretRefKey.serviceKey | default "serviceKey" }}
108+
{{- else }}
80109
name: {{ include "supabase.secret.jwt" . }}
81110
key: serviceKey
111+
{{- end }}
82112
- name: POSTGRES_BACKEND_URL
83113
value: $(DB_DRIVER)://$(DB_USERNAME):$(DB_PASSWORD_ENC)@$(DB_HOSTNAME):$(DB_PORT)/$(DB_DATABASE)?search_path=auth&sslmode=$(DB_SSL)
84114
{{- with .Values.functions.livenessProbe }}

charts/supabase/templates/kong/deployment.yaml

+20
Original file line numberDiff line numberDiff line change
@@ -44,24 +44,44 @@ spec:
4444
- name: SUPABASE_ANON_KEY
4545
valueFrom:
4646
secretKeyRef:
47+
{{- if .Values.secret.jwt.secretRef }}
48+
name: {{ .Values.secret.jwt.secretRef }}
49+
key: {{ .Values.secret.jwt.secretRefKey.anonKey | default "anonKey" }}
50+
{{- else }}
4751
name: {{ include "supabase.secret.jwt" . }}
4852
key: anonKey
53+
{{- end }}
4954
- name: SUPABASE_SERVICE_KEY
5055
valueFrom:
5156
secretKeyRef:
57+
{{- if .Values.secret.jwt.secretRef }}
58+
name: {{ .Values.secret.jwt.secretRef }}
59+
key: {{ .Values.secret.jwt.secretRefKey.serviceKey | default "serviceKey" }}
60+
{{- else }}
5261
name: {{ include "supabase.secret.jwt" . }}
5362
key: serviceKey
63+
{{- end }}
5464
{{- if .Values.secret.dashboard }}
5565
- name: DASHBOARD_USERNAME
5666
valueFrom:
5767
secretKeyRef:
68+
{{- if .Values.secret.dashboard.secretRef }}
69+
name: {{ .Values.secret.dashboard.secretRef }}
70+
key: {{ .Values.secret.dashboard.secretRefKey.username | default "username" }}
71+
{{- else }}
5872
name: {{ include "supabase.secret.dashboard" . }}
5973
key: username
74+
{{- end }}
6075
- name: DASHBOARD_PASSWORD
6176
valueFrom:
6277
secretKeyRef:
78+
{{- if .Values.secret.dashboard.secretRef }}
79+
name: {{ .Values.secret.dashboard.secretRef }}
80+
key: {{ .Values.secret.dashboard.secretRefKey.password | default "password" }}
81+
{{- else }}
6382
name: {{ include "supabase.secret.dashboard" . }}
6483
key: password
84+
{{- end }}
6585
{{- end }}
6686
{{- with .Values.kong.livenessProbe }}
6787
livenessProbe:

charts/supabase/templates/meta/deployment.yaml

+10
Original file line numberDiff line numberDiff line change
@@ -46,13 +46,23 @@ spec:
4646
- name: DB_PASSWORD
4747
valueFrom:
4848
secretKeyRef:
49+
{{- if .Values.secret.db.secretRef }}
50+
name: {{ .Values.secret.db.secretRef }}
51+
key: {{ .Values.secret.db.secretRefKey.password | default "password" }}
52+
{{- else }}
4953
name: {{ include "supabase.secret.db" . }}
5054
key: password
55+
{{- end }}
5156
- name: DB_NAME
5257
valueFrom:
5358
secretKeyRef:
59+
{{- if .Values.secret.db.secretRef }}
60+
name: {{ .Values.secret.db.secretRef }}
61+
key: {{ .Values.secret.db.secretRefKey.database | default "database" }}
62+
{{- else }}
5463
name: {{ include "supabase.secret.db" . }}
5564
key: database
65+
{{- end }}
5666
- name: PG_META_DB_HOST
5767
value: $(DB_HOST)
5868
- name: PG_META_DB_PORT

charts/supabase/templates/realtime/deployment.yaml

+25
Original file line numberDiff line numberDiff line change
@@ -42,8 +42,13 @@ spec:
4242
- name: DB_USER
4343
valueFrom:
4444
secretKeyRef:
45+
{{- if .Values.secret.db.secretRef }}
46+
name: {{ .Values.secret.db.secretRef }}
47+
key: {{ .Values.secret.db.secretRefKey.username | default "username" }}
48+
{{- else }}
4549
name: {{ include "supabase.secret.db" . }}
4650
key: username
51+
{{- end }}
4752
- name: DB_PORT
4853
value: {{ .Values.analytics.environment.DB_PORT | quote }}
4954
command: ["/bin/sh", "-c"]
@@ -74,23 +79,43 @@ spec:
7479
- name: DB_PASSWORD
7580
valueFrom:
7681
secretKeyRef:
82+
{{- if .Values.secret.db.secretRef }}
83+
name: {{ .Values.secret.db.secretRef }}
84+
key: {{ .Values.secret.db.secretRefKey.password | default "password" }}
85+
{{- else }}
7786
name: {{ include "supabase.secret.db" . }}
7887
key: password
88+
{{- end }}
7989
- name: DB_NAME
8090
valueFrom:
8191
secretKeyRef:
92+
{{- if .Values.secret.db.secretRef }}
93+
name: {{ .Values.secret.db.secretRef }}
94+
key: {{ .Values.secret.db.secretRefKey.database | default "database" }}
95+
{{- else }}
8296
name: {{ include "supabase.secret.db" . }}
8397
key: database
98+
{{- end }}
8499
- name: JWT_SECRET
85100
valueFrom:
86101
secretKeyRef:
102+
{{- if .Values.secret.jwt.secretRef }}
103+
name: {{ .Values.secret.jwt.secretRef }}
104+
key: {{ .Values.secret.jwt.secretRefKey.secret | default "secret" }}
105+
{{- else }}
87106
name: {{ include "supabase.secret.jwt" . }}
88107
key: secret
108+
{{- end }}
89109
- name: API_JWT_SECRET
90110
valueFrom:
91111
secretKeyRef:
112+
{{- if .Values.secret.jwt.secretRef }}
113+
name: {{ .Values.secret.jwt.secretRef }}
114+
key: {{ .Values.secret.jwt.secretRefKey.secret | default "secret" }}
115+
{{- else }}
92116
name: {{ include "supabase.secret.jwt" . }}
93117
key: secret
118+
{{- end }}
94119
{{- with .Values.realtime.livenessProbe }}
95120
livenessProbe:
96121
{{- toYaml . | nindent 12 }}

0 commit comments

Comments
 (0)