Skip to content

Commit

Permalink
feat: make external database secret more useful
Browse files Browse the repository at this point in the history
  • Loading branch information
@toabi
toabi committed Oct 12, 2022
1 parent e213d2f commit 9f741ae
Show file tree
Hide file tree
Showing 2 changed files with 34 additions and 6 deletions.
20 changes: 19 additions & 1 deletion limesurvey/templates/deployment.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -68,14 +68,18 @@ spec:
- name: http
containerPort: 8080
protocol: TCP
{{- if .Values.limesurvey.livenessProbe.enabled }}
livenessProbe:
httpGet:
path: /
port: http
{{- end }}
{{- if .Values.limesurvey.readinessProbe.enabled }}
readinessProbe:
httpGet:
path: /
port: http
{{- end }}
resources:
{{- toYaml .Values.resources | nindent 12 }}
volumeMounts:
Expand Down Expand Up @@ -120,19 +124,33 @@ spec:
{{- if .Values.mariadb.enabled }}
key: mariadb-password
{{- else }}
key: db-password
key: {{ .Values.externalDatabase.existingSecretConfig.passwordField }}
{{- end }}
- name: DB_USERNAME
{{- if eq .Values.mariadb.enabled true }}
value: {{ .Values.mariadb.auth.username }}
{{- else }}
{{- if .Values.externalDatabase.existingSecretConfig.usernameField }}
valueFrom:
secretKeyRef:
name: {{ include "limesurvey.databaseSecretName" . }}
key: {{ .Values.externalDatabase.existingSecretConfig.usernameField }}
{{- else}}
value: {{ .Values.externalDatabase.username }}
{{- end }}
{{- end }}
- name: DB_NAME
{{- if eq .Values.mariadb.enabled true }}
value: {{ .Values.mariadb.auth.database }}
{{- else }}
{{- if .Values.externalDatabase.existingSecretConfig.databaseField }}
valueFrom:
secretKeyRef:
name: {{ include "limesurvey.databaseSecretName" . }}
key: {{ .Values.externalDatabase.existingSecretConfig.databaseField}}
{{- else }}
value: {{ .Values.externalDatabase.database }}
{{- end }}
{{- end }}
- name: DB_TABLE_PREFIX
value: {{ .Values.limesurvey.tablePrefix | quote }}
Expand Down
20 changes: 15 additions & 5 deletions limesurvey/values.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -42,22 +42,26 @@ mariadb:
## Use an externally provisioned database instance
## Ignored when mariadb.enabled is set to true
externalDatabase:
# Type of external database ("mysql" or "psql")
# Type of external database ("mysql" or "pgsql")
type: mysql
# External Database server host
host: mariadb.example.com
# External Database server port
port: 3306
# External Database username
# External Database username (use existingSecretConfig.usernameField to load from secret)
username: limesurvey
# External Database user password
# (ignored when existingSecret is set)
# (ignored when existingSecret is set, use existingSecretConfig.passwordField to change key)
password: null
# External Database database name
# External Database database name (use existingSecretConfig.databaseField to load from secret)
database: limesurvey
# Use an existing secret for retrieving the database password.
# The secret must contain the field "db-password".
# The secret must contain the field "db-password" (field name configurable via existingSecretConfig.passwordField)
existingSecret: null
existingSecretConfig:
passwordField: db-password
usernameField: null
databaseField: null

# Limesurvey Application configuration
limesurvey:
Expand All @@ -76,6 +80,7 @@ limesurvey:
publicKey: ""
secretKey: ""
nonce: ""
# Create with: php -r "var_dump(sodium_bin2hex(sodium_crypto_secretbox_keygen()));"
secretBoxKey: ""
existingSecret: null
listenPort: 8080
Expand All @@ -93,6 +98,11 @@ limesurvey:
debugSql: 0
# Value should be either MyISAM or InnoDB
mysqlEngine: MyISAM
# Probes, disable them when you enable global ssl enforcement, because they won't work with the redirect to https
livenessProbe:
enabled: true
readinessProbe:
enabled: true

## Enable persistence using Persistent Volume Claims
## ref: http://kubernetes.io/docs/user-guide/persistent-volumes/
Expand Down

0 comments on commit 9f741ae

Please sign in to comment.