Skip to content

DEVOPS-2754-changed-encryption-key-logic-to-not-fail-when-key-does-not-exist #64

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
May 14, 2025
Merged

DEVOPS-2754-changed-encryption-key-logic-to-not-fail-when-key-does-not-exist #64

merged 1 commit into from
May 14, 2025

Conversation

@yitzhaktal
Copy link
Contributor

@yitzhaktal yitzhaktal commented May 14, 2025

No description provided.

@yitzhaktal
DEVOPS-2754 - Backend pod mounting will not fail in case default encr…
8aeaedb 
…yption key won't be provided as part of external secret use case
yitzhaktal
yitzhaktal commented May 14, 2025
View reviewed changes
chart/templates/backend-deployment.yaml
secret:
secretName: {{ include "secrets.backend.name" . }}
optional: false
optional: {{ not .Values.general.deploy_secrets.enabled }}
Copy link
Contributor Author

@yitzhaktal yitzhaktal May 14, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If deploy_secrets = true ; chart is creating the encryption-key-0 by default, so backend pod will never fail, so optional will be false
if deploy_secrets = false; the customer creates the secret, and since optional will be true, it means weather or not he provides the encryption-key-0, we won't fail the mounting with
│ Warning FailedMount 26s (x7 over 58s) kubelet MountVolume.SetUp failed for volume "encryption-keys" : references non-existent secret key: encryption-key-0 │

@yitzhaktal yitzhaktal requested review from imeliran and moshiko-s May 14, 2025 08:52
@yitzhaktal yitzhaktal merged commit 719cf2a into main May 14, 2025
1 check passed
@yitzhaktal yitzhaktal deleted the DEVOPS-2754-changed-encryption-key-logic-to-not-fail-when-key-does-not-exist branch May 14, 2025 09:00
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@imeliran imeliran imeliran approved these changes

@moshiko-s moshiko-s Awaiting requested review from moshiko-s

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@yitzhaktal @imeliran