From 90185a014edbb1325ea4966290e0c9e01e89f976 Mon Sep 17 00:00:00 2001 From: eliranb Date: Sun, 18 May 2025 14:53:24 +0300 Subject: [PATCH 1/3] add conditional to backend deployment and system config templates to include system configuration settings. This allows for optional integration of a signed JSON config file via ConfigMap. --- chart/templates/backend-deployment.yaml | 6 ++++++ chart/templates/backend-system-config-cm.yaml | 2 ++ 2 files changed, 8 insertions(+) diff --git a/chart/templates/backend-deployment.yaml b/chart/templates/backend-deployment.yaml index db5fad8..01d3d1e 100644 --- a/chart/templates/backend-deployment.yaml +++ b/chart/templates/backend-deployment.yaml @@ -60,9 +60,11 @@ spec: {{- end }} serviceAccountName: {{ template "lightrun-be.serviceAccountName" . }} volumes: + {{- if and .Values.general.system_config.content .Values.general.system_config.signature }} - name: system-config configMap: name: {{ include "lightrun.fullname" . }}-system-config + {{- end }} - name: encryption-keys secret: secretName: {{ include "secrets.backend.name" . }} @@ -133,10 +135,12 @@ spec: "/usr/src/lightrun/{{ .Values.deployments.backend.jar_name }}" ] volumeMounts: + {{- if and .Values.general.system_config.content .Values.general.system_config.signature }} - name: system-config mountPath: {{ .Values.general.system_config.file_path }} subPath: {{ base .Values.general.system_config.file_path }} readOnly: true + {{- end }} - name: encryption-keys mountPath: /encryption-keys readOnly: true @@ -200,10 +204,12 @@ spec: - secretRef: name: {{ include "secrets.backend.name" . }} env: + {{- if and .Values.general.system_config.content .Values.general.system_config.signature }} - name: LIGHTRUN_SYSTEM_CONFIG_JSON_FILE_PATH value: {{ .Values.general.system_config.file_path }} - name: LIGHTRUN_SYSTEM_CONFIG_JSON_SIGNATURE value: {{ .Values.general.system_config.signature }} + {{- end }} - name: SERVER_SECURITY_ENCRYPTION-KEYS-PATH value: file:/encryption-keys - name: LIGHTRUN_HOSTNAME diff --git a/chart/templates/backend-system-config-cm.yaml b/chart/templates/backend-system-config-cm.yaml index b02aa7a..b5c7839 100644 --- a/chart/templates/backend-system-config-cm.yaml +++ b/chart/templates/backend-system-config-cm.yaml @@ -1,6 +1,8 @@ +{{- if and .Values.general.system_config.content .Values.general.system_config.signature }} kind: ConfigMap apiVersion: v1 metadata: name: {{ include "lightrun.fullname" . }}-system-config data: system_config.json: {{ .Values.general.system_config.content }} +{{- end }} \ No newline at end of file From 32ca6749b26d7b6c8b9db32bbbea5447ab8d89e3 Mon Sep 17 00:00:00 2001 From: eliranb Date: Sun, 18 May 2025 15:19:45 +0300 Subject: [PATCH 2/3] Fix system configuration template to decode base64 content for JSON config file in ConfigMap. --- chart/templates/backend-system-config-cm.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/chart/templates/backend-system-config-cm.yaml b/chart/templates/backend-system-config-cm.yaml index b5c7839..401da90 100644 --- a/chart/templates/backend-system-config-cm.yaml +++ b/chart/templates/backend-system-config-cm.yaml @@ -4,5 +4,5 @@ apiVersion: v1 metadata: name: {{ include "lightrun.fullname" . }}-system-config data: - system_config.json: {{ .Values.general.system_config.content }} + system_config.json: {{ .Values.general.system_config.content | b64dec}} {{- end }} \ No newline at end of file From 4580b22a3535259fa918f4f66b73d9c2a98df270 Mon Sep 17 00:00:00 2001 From: eliranb Date: Sun, 18 May 2025 15:42:37 +0300 Subject: [PATCH 3/3] Update system configuration template to quote base64 decoded JSON content in ConfigMap. --- chart/templates/backend-system-config-cm.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/chart/templates/backend-system-config-cm.yaml b/chart/templates/backend-system-config-cm.yaml index 401da90..11e2ca3 100644 --- a/chart/templates/backend-system-config-cm.yaml +++ b/chart/templates/backend-system-config-cm.yaml @@ -4,5 +4,5 @@ apiVersion: v1 metadata: name: {{ include "lightrun.fullname" . }}-system-config data: - system_config.json: {{ .Values.general.system_config.content | b64dec}} -{{- end }} \ No newline at end of file + system_config.json: {{ .Values.general.system_config.content | b64dec | quote }} +{{- end }}