fixed bug with db configuration donetick helm chart

2026-04-05 09:40:38 +00:00 · 2025-09-22 09:19:55 +02:00
parent 741401a79d
commit c81bb1bbd1
6 changed files with 42 additions and 52 deletions
--- a/charts/donetick/Chart.yaml
+++ b/charts/donetick/Chart.yaml
@ -2,7 +2,7 @@ apiVersion: v2
 name: donetick
 description: Donetick helm chart for Kubernetes
 type: application
-version: 1.0.2
+version: 1.0.3
 appVersion: "v0.1.60"
 maintainers:
  - name: Richard Tomik
--- a/charts/donetick/readme.md
+++ b/charts/donetick/readme.md
@ -107,11 +107,18 @@ config:
    type: "postgres"
    host: "postgresql.database.svc.cluster.local"
    port: 5432
-    user: "donetick"
    name: "donetick"
-    # Use existing secret for database credentials
-    existingSecret: "donetick-db-secret"
-    passwordKey: "postgresql-password"
+
+  # Use existing secret for postgres credentials
+  database:
+    type: "postgres"
+    host: "postgresql.database.svc.cluster.local"
+    port: 5432
+    name: "donetick"
+    secrets:
+      existingSecret: "donetick-postgres-secret"
+      userKey: "username"
+      passwordKey: "password"

  # Use existing secret for JWT
  jwt:
@ -179,9 +186,10 @@ ingress:
 Create the required secrets:

 ```bash
-# Database secret
-kubectl create secret generic donetick-db-secret \
-  --from-literal=postgresql-password='your-secure-db-password'
+# Postgres secret
+kubectl create secret generic donetick-postgres-secret \
+  --from-literal=username='donetick' \
+  --from-literal=password='your-secure-db-password'

 # JWT secret
 kubectl create secret generic donetick-jwt-secret \
@ -234,12 +242,9 @@ helm uninstall donetick
 | `config.oauth2.existingSecret`         | Name of existing secret for OAuth2 credentials                    | `""`                |
 | `config.oauth2.clientIdKey`            | Key in the existing secret for OAuth2 client ID                   | `"client-id"`       |
 | `config.oauth2.clientSecretKey`        | Key in the existing secret for OAuth2 client secret               | `"client-secret"`   |
-| `config.database.existingSecret`       | Name of existing secret for database credentials                  | `""`                |
-| `config.database.hostKey`              | Key in the existing secret for database host                      | `"db-host"`         |
-| `config.database.portKey`              | Key in the existing secret for database port                      | `"db-port"`         |
-| `config.database.userKey`              | Key in the existing secret for database user                      | `"db-user"`         |
-| `config.database.passwordKey`          | Key in the existing secret for database password                  | `"db-password"`     |
-| `config.database.nameKey`              | Key in the existing secret for database name                      | `"db-name"`         |
+| `config.database.secrets.existingSecret` | Name of existing secret for postgres credentials                | `""`                |
+| `config.database.secrets.userKey`        | Key in the existing secret for postgres username                | `"username"`        |
+| `config.database.secrets.passwordKey`    | Key in the existing secret for postgres password                | `"password"`        |

 ### Deployment parameters

--- a/charts/donetick/templates/configmap.yaml
+++ b/charts/donetick/templates/configmap.yaml
@ -23,14 +23,18 @@ data:
      migration_retry: {{ .Values.config.database.migration_retry }}
      {{- end }}
      {{- if eq .Values.config.database.type "postgres" }}
-      {{- if not .Values.config.database.existingSecret }}
+      {{- if not .Values.config.database.secrets.existingSecret }}
      host: {{ .Values.config.database.host | quote }}
      port: {{ .Values.config.database.port }}
      user: {{ .Values.config.database.user | quote }}
      password: {{ .Values.config.database.password | quote }}
      name: {{ .Values.config.database.name | quote }}
      {{- else }}
-      # Database credentials will be injected via environment variables from Secret
+      # Database host, port, and name from values, credentials from Secret
+      host: {{ .Values.config.database.host | quote }}
+      port: {{ .Values.config.database.port }}
+      name: {{ .Values.config.database.name | quote }}
+      # Username and password will be injected via environment variables from Secret
      {{- end }}
      {{- end }}
    jwt:
--- a/charts/donetick/templates/deployment.yaml
+++ b/charts/donetick/templates/deployment.yaml
@ -88,7 +88,7 @@ spec:
            - name: {{ .name }}
              value: {{ .value | quote }}
          {{- end }}
-          {{- if or .Values.config.jwt.existingSecret .Values.config.oauth2.existingSecret .Values.config.database.existingSecret }}
+          {{- if or .Values.config.jwt.existingSecret .Values.config.oauth2.existingSecret .Values.config.database.secrets.existingSecret }}
            # Secret-based environment variables
            {{- if .Values.config.jwt.existingSecret }}
            - name: DT_JWT_SECRET
@ -109,32 +109,17 @@ spec:
                  name: {{ .Values.config.oauth2.existingSecret }}
                  key: {{ .Values.config.oauth2.clientSecretKey }}
            {{- end }}
-            {{- if and .Values.config.database.existingSecret (eq .Values.config.database.type "postgres") }}
-            - name: DT_DB_HOST
-              valueFrom:
-                secretKeyRef:
-                  name: {{ .Values.config.database.existingSecret }}
-                  key: {{ .Values.config.database.hostKey }}
-            - name: DT_DB_PORT
-              valueFrom:
-                secretKeyRef:
-                  name: {{ .Values.config.database.existingSecret }}
-                  key: {{ .Values.config.database.portKey }}
+            {{- if and .Values.config.database.secrets.existingSecret (eq .Values.config.database.type "postgres") }}
            - name: DT_DB_USER
              valueFrom:
                secretKeyRef:
-                  name: {{ .Values.config.database.existingSecret }}
-                  key: {{ .Values.config.database.userKey }}
+                  name: {{ .Values.config.database.secrets.existingSecret }}
+                  key: {{ .Values.config.database.secrets.userKey }}
            - name: DT_DB_PASSWORD
              valueFrom:
                secretKeyRef:
-                  name: {{ .Values.config.database.existingSecret }}
-                  key: {{ .Values.config.database.passwordKey }}
-            - name: DT_DB_NAME
-              valueFrom:
-                secretKeyRef:
-                  name: {{ .Values.config.database.existingSecret }}
-                  key: {{ .Values.config.database.nameKey }}
+                  name: {{ .Values.config.database.secrets.existingSecret }}
+                  key: {{ .Values.config.database.secrets.passwordKey }}
            {{- end }}
          {{- end }}
          {{- with .Values.extraEnv }}
--- a/charts/donetick/templates/secret.yaml
+++ b/charts/donetick/templates/secret.yaml
@ -1,4 +1,4 @@
-{{- if or (not .Values.config.jwt.existingSecret) (and (not .Values.config.oauth2.existingSecret) (or .Values.config.oauth2.client_id .Values.config.oauth2.client_secret)) (and (eq .Values.config.database.type "postgres") (not .Values.config.database.existingSecret)) }}
+{{- if or (not .Values.config.jwt.existingSecret) (and (not .Values.config.oauth2.existingSecret) (or .Values.config.oauth2.client_id .Values.config.oauth2.client_secret)) (and (eq .Values.config.database.type "postgres") (not .Values.config.database.secrets.existingSecret)) }}
 apiVersion: v1
 kind: Secret
 metadata:
@ -10,8 +10,8 @@ data:
  {{- if not .Values.config.jwt.existingSecret }}
  {{ .Values.config.jwt.secretKey }}: {{ .Values.config.jwt.secret | b64enc }}
  {{- end }}
-  {{- if and (eq .Values.config.database.type "postgres") (not .Values.config.database.existingSecret) }}
-  {{ .Values.config.database.passwordKey }}: {{ .Values.config.database.password | b64enc }}
+  {{- if and (eq .Values.config.database.type "postgres") (not .Values.config.database.secrets.existingSecret) }}
+  {{ .Values.config.database.secrets.passwordKey }}: {{ .Values.config.database.password | b64enc }}
  {{- end }}
  {{- if and (not .Values.config.oauth2.existingSecret) .Values.config.oauth2.client_id }}
  {{ .Values.config.oauth2.clientIdKey }}: {{ .Values.config.oauth2.client_id | b64enc }}
--- a/charts/donetick/values.yaml
+++ b/charts/donetick/values.yaml
@ -157,21 +157,17 @@ config:
    # Migration options
    migration_skip: false  # Set to true to skip database migrations
    migration_retry: 3     # Number of retries for failed migrations
-    
-    # These are only required for postgres - direct configuration
+
+    # These are only required for postgres
    host: ""
    port: 5432
-    user: ""
-    password: ""
    name: ""
-    
-    # Secret configuration for database credentials
-    existingSecret: ""        # Name of existing Kubernetes secret
-    hostKey: "db-host"        # Key in the secret for database host
-    portKey: "db-port"        # Key in the secret for database port
-    userKey: "db-user"        # Key in the secret for database user
-    passwordKey: "db-password" # Key in the secret for database password
-    nameKey: "db-name"        # Key in the secret for database name
+
+    # Secret configuration for postgres credentials
+    secrets:
+      existingSecret: ""        # Name of existing Kubernetes secret containing postgres credentials
+      userKey: "username"       # Key in the secret for database username
+      passwordKey: "password"   # Key in the secret for database password
  
  # Security settings
  # For production, use a generated secret and store in a Kubernetes Secret