[stable/atlantis] Add envFrom secrets option (#23122)

* Add envFrom to atlantis Signed-off-by: Armaan Tobaccowalla <armaan@tobaccowalla.com> * Fix version Signed-off-by: Armaan Tobaccowalla <armaan@tobaccowalla.com> * Add warning Signed-off-by: Armaan Tobaccowalla <armaan@tobaccowalla.com>
helm · Jul 9, 2020 · 0a23538 · 0a23538
1 parent 056f930
commit 0a23538
Show file tree

Hide file tree

Showing 4 changed files with 18 additions and 1 deletion.
diff --git a/stable/atlantis/Chart.yaml b/stable/atlantis/Chart.yaml
@@ -2,7 +2,7 @@ apiVersion: v1
 appVersion: "v0.11.1"
 description: A Helm chart for Atlantis https://www.runatlantis.io
 name: atlantis
-version: 3.11.2
+version: 3.12.0
 keywords:
 - terraform
 home: https://www.runatlantis.io

diff --git a/stable/atlantis/README.md b/stable/atlantis/README.md
@@ -50,6 +50,7 @@ The following options are supported.  See [values.yaml](values.yaml) for more de
 | `bitbucket.baseURL`                         | Base URL of Bitbucket Server installation.                                                                                                                                                                                                                                                                | n/a     |
 | `environment`                               | Map of environment variables for the container.                                                                                                                                                                                                                                                           | `{}`    |
 | `environmentSecrets`                         | Array of Kubernetes secrets that can be used to set environment variables. See `values.yaml` for example.                                                                                                                                                                                                                                                          | `{}`    |
+| `loadEnvFromSecrets`                        | Array of Kubernetes secrets to set all key-value pairs as environment variables. See `values.yaml` for example.                                                                                                                                                                                           | `[]`    |
 | `extraVolumes`                              | List of additional volumes available to the pod.                                                                                                                                                                                                                                                          | `[]`    |
 | `extraVolumeMounts`                         | List of additional volumes mounted to the container.                                                                                                                                                                                                                                                      | `[]`    |
 | `imagePullSecrets`                          | List of secrets for pulling images from private registries.                                                                                                                                                                                                                                               | `[]`    |

diff --git a/stable/atlantis/templates/statefulset.yaml b/stable/atlantis/templates/statefulset.yaml
@@ -111,6 +111,13 @@ spec:
           ports:
           - name: atlantis
             containerPort: 4141
+          {{- if .Values.loadEnvFromSecrets }}
+          envFrom:
+          {{- range .Values.loadEnvFromSecrets }}
+            - secretRef:
+                name: {{ . }}
+          {{- end }}
+          {{- end }}
           env:
           {{- range $key, $value := .Values.environment }}
           - name: {{ $key }}

diff --git a/stable/atlantis/values.yaml b/stable/atlantis/values.yaml
@@ -214,6 +214,15 @@ environmentSecrets: []
 #       name: the_k8s_secret_name
 #       key: the_key_of_the_value_in_the_secret
 
+# Optionally specify additional Kubernetes secrets to load environment variables from.
+# All key-value pairs within these secrets will be set as environment variables.
+# Note that any variables set here will be ignored if also defined in the env block of the atlantis statefulset.
+# For example, providing ATLANTIS_GH_USER here and defining a value for github.user will result in the github.user value being used.
+loadEnvFromSecrets: []
+# loadEnvFromSecrets:
+#   - secret_one
+#   - secret_two
+
 # Optionally specify google service account credentials as Kubernetes secrets. If you are using the terraform google provider you can specify the credentials as "${file("/var/secrets/some-secret-name/key.json")}".
 googleServiceAccountSecrets: []
 # googleServiceAccountSecrets: