diff --git a/charts/retool/templates/deployment_backend.yaml b/charts/retool/templates/deployment_backend.yaml index 318dfb04..833ab366 100644 --- a/charts/retool/templates/deployment_backend.yaml +++ b/charts/retool/templates/deployment_backend.yaml @@ -78,6 +78,7 @@ spec: - name: POSTGRES_SSL_ENABLED value: {{ template "retool.postgresql.ssl_enabled" . }} {{- if and (not .Values.externalSecrets.enabled) (not .Values.externalSecrets.externalSecretsOperator.enabled) }} + {{- if and (not .Values.env.RETOOL_LOAD_FILE_SECRETS) (not .Values.env.LICENSE_KEY_FILE) }} - name: LICENSE_KEY valueFrom: secretKeyRef: @@ -88,6 +89,8 @@ spec: name: {{ template "retool.fullname" . }} key: license-key {{- end }} + {{- end }} + {{- if and (not .Values.env.RETOOL_LOAD_FILE_SECRETS) (not .Values.env.JWT_SECRET_FILE) }} - name: JWT_SECRET valueFrom: secretKeyRef: @@ -98,6 +101,8 @@ spec: name: {{ template "retool.fullname" . }} key: jwt-secret {{- end }} + {{- end }} + {{- if and (not .Values.env.RETOOL_LOAD_FILE_SECRETS) (not .Values.env.ENCRYPTION_KEY_FILE) }} - name: ENCRYPTION_KEY valueFrom: secretKeyRef: @@ -108,6 +113,8 @@ spec: name: {{ template "retool.fullname" . }} key: encryption-key {{- end }} + {{- end }} + {{- if and (not .Values.env.RETOOL_LOAD_FILE_SECRETS) (not .Values.env.POSTGRES_PASSWORD_FILE) }} - name: POSTGRES_PASSWORD valueFrom: secretKeyRef: @@ -123,6 +130,8 @@ spec: key: postgresql-password {{- end }} {{- end }} + {{- end }} + {{- if and (not .Values.env.RETOOL_LOAD_FILE_SECRETS) (not .Values.env.GOOGLE_CLIENT_SECRET_FILE) }} - name: CLIENT_SECRET valueFrom: secretKeyRef: @@ -134,6 +143,7 @@ spec: key: google-client-secret {{- end }} {{- end }} + {{- end }} {{- range $key, $value := .Values.env }} - name: "{{ $key }}" value: "{{ $value }}" diff --git a/charts/retool/templates/deployment_jobs.yaml b/charts/retool/templates/deployment_jobs.yaml index 54b366ce..75de0ff2 100644 --- a/charts/retool/templates/deployment_jobs.yaml +++ b/charts/retool/templates/deployment_jobs.yaml @@ -79,6 +79,7 @@ spec: - name: POSTGRES_SSL_ENABLED value: {{ template "retool.postgresql.ssl_enabled" . }} {{- if and (not .Values.externalSecrets.enabled) (not .Values.externalSecrets.externalSecretsOperator.enabled) }} + {{- if and (not .Values.env.RETOOL_LOAD_FILE_SECRETS) (not .Values.env.LICENSE_KEY_FILE) }} - name: LICENSE_KEY valueFrom: secretKeyRef: @@ -89,6 +90,8 @@ spec: name: {{ template "retool.fullname" . }} key: license-key {{- end }} + {{- end }} + {{- if and (not .Values.env.RETOOL_LOAD_FILE_SECRETS) (not .Values.env.JWT_SECRET_FILE) }} - name: JWT_SECRET valueFrom: secretKeyRef: @@ -99,6 +102,8 @@ spec: name: {{ template "retool.fullname" . }} key: jwt-secret {{- end }} + {{- end }} + {{- if and (not .Values.env.RETOOL_LOAD_FILE_SECRETS) (not .Values.env.ENCRYPTION_KEY_FILE) }} - name: ENCRYPTION_KEY valueFrom: secretKeyRef: @@ -109,6 +114,8 @@ spec: name: {{ template "retool.fullname" . }} key: encryption-key {{- end }} + {{- end }} + {{- if and (not .Values.env.RETOOL_LOAD_FILE_SECRETS) (not .Values.env.POSTGRES_PASSWORD_FILE) }} - name: POSTGRES_PASSWORD valueFrom: secretKeyRef: @@ -124,6 +131,8 @@ spec: key: postgresql-password {{- end }} {{- end }} + {{- end }} + {{- if and (not .Values.env.RETOOL_LOAD_FILE_SECRETS) (not .Values.env.GOOGLE_CLIENT_SECRET_FILE) }} - name: CLIENT_SECRET valueFrom: secretKeyRef: @@ -135,6 +144,7 @@ spec: key: google-client-secret {{- end }} {{- end }} + {{- end }} {{- range $key, $value := .Values.env }} - name: "{{ $key }}" value: "{{ $value }}" diff --git a/charts/retool/templates/secret.yaml b/charts/retool/templates/secret.yaml index 8532bca7..740b228f 100644 --- a/charts/retool/templates/secret.yaml +++ b/charts/retool/templates/secret.yaml @@ -14,8 +14,12 @@ type: Opaque {{- $secret := lookup "v1" "Secret" .Release.Namespace $secretName | default dict }} {{- $secretData := (get $secret "data") | default dict }} data: + {{ if and (not .Values.env.RETOOL_LOAD_FILE_SECRETS) (not .Values.env.LICENSE_KEY_FILE) }} license-key: {{ .Values.config.licenseKey | default "" | b64enc | quote }} + {{ end }} + + {{ if and (not .Values.env.RETOOL_LOAD_FILE_SECRETS) (not .Values.env.JWT_SECRET_FILE) }} {{ if not .Values.config.jwtSecretSecretName }} {{ if .Values.config.jwtSecret }} jwt-secret: {{ .Values.config.jwtSecret | b64enc | quote }} @@ -25,7 +29,9 @@ data: jwt-secret: {{ randAlphaNum 20 | b64enc | quote }} {{ end }} {{ end }} + {{ end }} + {{ if and (not .Values.env.RETOOL_LOAD_FILE_SECRETS) (not .Values.env.ENCRYPTION_KEY_FILE) }} {{ if not .Values.config.encryptionKeySecretName }} {{ if .Values.config.encryptionKey }} encryption-key: {{ .Values.config.encryptionKey | b64enc | quote }} @@ -35,14 +41,19 @@ data: encryption-key: {{ required "Please set a value for .Values.config.encryptionKey" .Values.config.encryptionKey }} {{ end }} {{ end }} + {{ end }} + {{ if and (not .Values.env.RETOOL_LOAD_FILE_SECRETS) (not .Values.env.GOOGLE_CLIENT_SECRET_FILE) }} {{ if .Values.config.auth.google.clientSecret }} google-client-secret: {{ .Values.config.auth.google.clientSecret | b64enc | quote }} {{ else }} google-client-secret: "" {{ end }} + {{ end }} {{ if not .Values.postgresql.enabled }} + {{ if and (not .Values.env.RETOOL_LOAD_FILE_SECRETS) (not .Values.env.POSTGRES_PASSWORD_FILE) }} postgresql-password: {{ .Values.config.postgresql.password | default "" | b64enc | quote }} {{ end }} + {{ end }} {{- end }}