Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Helm: Adding existingSecret.registation and existingSecret.passkey; Always store registration and passkey data in a Kubernetes secret #962

Open
wants to merge 1 commit into
base: main
Choose a base branch
from

Conversation

jessebot
Copy link

@jessebot jessebot commented Jul 5, 2024

Description

This PR is for the helm chart and adds the following:

  • Adding existingSecret.registation and existingSecret.passkey
  • Always store registration and passkey data in a Kubernetes secret, even if passed in as plain text
  • Uses a projected volume to ensure registration.yml, passkey,pem, and config.yml all get mounted to the same directory
  • includes the changing of the passkeyfile value from Changed passFile value #841
  • regenerates helm-docs

Fixes #835

@jessebot jessebot requested a review from a team as a code owner July 5, 2024 06:35
…store registration and passkey data in a Kubernetes secret; use projected volume to ensure all data in one directory

Signed-off-by: jessebot <[email protected]>
@jessebot jessebot force-pushed the add-existing-secret-functionality branch from 6179624 to c073b97 Compare July 5, 2024 06:39
@jessebot
Copy link
Author

jessebot commented Jul 5, 2024

I guess I could have the standard config also possible to come from an existing Secret, as it may have data such as client_secret for github oauth? 🤔

mikemrm added a commit to mikemrm/matrix-org-matrix-hookshot that referenced this pull request Sep 22, 2024
This change allows for config files to be sourced from a secret
rather than a config map as these configs may have sensitive data.

In addition to being able to source the config from a secret,
the `extraContainerVolumeMounts` option was added which allows
for mounting additional volumes defined in `extraContainerVolumes`,
such mounting a passkey file secret.

This also solves the same issue in a slightly different way from pr matrix-org#962

Signed-off-by: Mike Mason <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Kubernetes: Helm registration.yml from Secret
1 participant