feat(v1.0.1): ajout extraEnvFrom pour référencer Secrets K8s existants (migration legacy pré-Vault)
This commit is contained in:
dahoud
@@ -5,8 +5,8 @@ description: |
|
|||||||
Fournit : Deployment hardened, Service, Ingress avec cert-manager + rate-limit,
|
Fournit : Deployment hardened, Service, Ingress avec cert-manager + rate-limit,
|
||||||
ConfigMap, ExternalSecret (Vault → K8s), NetworkPolicy, PDB, ServiceMonitor, HPA.
|
ConfigMap, ExternalSecret (Vault → K8s), NetworkPolicy, PDB, ServiceMonitor, HPA.
|
||||||
type: application
|
type: application
|
||||||
version: 1.0.0
|
version: 1.0.1
|
||||||
appVersion: "1.0.0"
|
appVersion: "1.0.1"
|
||||||
kubeVersion: ">=1.28.0-0"
|
kubeVersion: ">=1.28.0-0"
|
||||||
maintainers:
|
maintainers:
|
||||||
- name: Lions Infrastructure Team
|
- name: Lions Infrastructure Team
|
||||||
@@ -21,4 +21,5 @@ keywords:
|
|||||||
- microservice
|
- microservice
|
||||||
annotations:
|
annotations:
|
||||||
artifacthub.io/changes: |
|
artifacthub.io/changes: |
|
||||||
- Chart initial (v1.0.0) : Deployment/Service/Ingress/ConfigMap/ExternalSecret/NetworkPolicy/PDB/SM/HPA
|
- v1.0.1 : ajout extraEnvFrom pour Secrets K8s existants (migration legacy)
|
||||||
|
- v1.0.0 : Chart initial — Deployment/Service/Ingress/ConfigMap/ExternalSecret/NetworkPolicy/PDB/SM/HPA
|
||||||
|
|||||||
@@ -67,7 +67,7 @@ spec:
|
|||||||
{{- toYaml . | nindent 12 }}
|
{{- toYaml . | nindent 12 }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
{{- if or (and .Values.configMap.enabled .Values.configMap.envFrom (gt (len (keys .Values.configMap.data)) 0)) .Values.externalSecret.enabled }}
|
{{- if or (and .Values.configMap.enabled .Values.configMap.envFrom (gt (len (keys .Values.configMap.data)) 0)) .Values.externalSecret.enabled .Values.extraEnvFrom }}
|
||||||
envFrom:
|
envFrom:
|
||||||
{{- if and .Values.configMap.enabled .Values.configMap.envFrom (gt (len (keys .Values.configMap.data)) 0) }}
|
{{- if and .Values.configMap.enabled .Values.configMap.envFrom (gt (len (keys .Values.configMap.data)) 0) }}
|
||||||
- configMapRef:
|
- configMapRef:
|
||||||
@@ -77,6 +77,9 @@ spec:
|
|||||||
- secretRef:
|
- secretRef:
|
||||||
name: {{ include "lions-app.secretName" . }}
|
name: {{ include "lions-app.secretName" . }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
{{- with .Values.extraEnvFrom }}
|
||||||
|
{{- toYaml . | nindent 12 }}
|
||||||
|
{{- end }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
{{- if .Values.probes.startup.enabled }}
|
{{- if .Values.probes.startup.enabled }}
|
||||||
startupProbe:
|
startupProbe:
|
||||||
|
|||||||
11
values.yaml
11
values.yaml
@@ -133,6 +133,17 @@ configMap:
|
|||||||
# APP_ENV: production
|
# APP_ENV: production
|
||||||
# KAFKA_BOOTSTRAP_SERVERS: kafka-service.kafka.svc.cluster.local:9092
|
# KAFKA_BOOTSTRAP_SERVERS: kafka-service.kafka.svc.cluster.local:9092
|
||||||
|
|
||||||
|
# ------------------------------------------------------------
|
||||||
|
# extraEnvFrom — envFrom additionnels vers Secrets/ConfigMaps existants
|
||||||
|
# ------------------------------------------------------------
|
||||||
|
# Utile pour référencer des Secrets K8s créés hors Helm (ex: migration
|
||||||
|
# depuis un déploiement legacy, pré-Vault).
|
||||||
|
extraEnvFrom: []
|
||||||
|
# - secretRef:
|
||||||
|
# name: my-existing-db-secret
|
||||||
|
# - configMapRef:
|
||||||
|
# name: my-existing-config
|
||||||
|
|
||||||
# ------------------------------------------------------------
|
# ------------------------------------------------------------
|
||||||
# ExternalSecret (Vault → K8s Secret via ESO)
|
# ExternalSecret (Vault → K8s Secret via ESO)
|
||||||
# ------------------------------------------------------------
|
# ------------------------------------------------------------
|
||||||
|
|||||||
Reference in New Issue
Block a user