From c81bb1bbd1719b64cad55e4e41a49613f61a7cae Mon Sep 17 00:00:00 2001 From: Richard Tomik Date: Mon, 22 Sep 2025 09:19:55 +0200 Subject: [PATCH] fixed bug with db configuration donetick helm chart --- charts/donetick/Chart.yaml | 2 +- charts/donetick/readme.md | 31 +++++++++++++---------- charts/donetick/templates/configmap.yaml | 8 ++++-- charts/donetick/templates/deployment.yaml | 27 +++++--------------- charts/donetick/templates/secret.yaml | 6 ++--- charts/donetick/values.yaml | 20 ++++++--------- 6 files changed, 42 insertions(+), 52 deletions(-) diff --git a/charts/donetick/Chart.yaml b/charts/donetick/Chart.yaml index 5e88ac7..861c6c4 100644 --- a/charts/donetick/Chart.yaml +++ b/charts/donetick/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: donetick description: Donetick helm chart for Kubernetes type: application -version: 1.0.2 +version: 1.0.3 appVersion: "v0.1.60" maintainers: - name: Richard Tomik diff --git a/charts/donetick/readme.md b/charts/donetick/readme.md index fb35cd1..f61c494 100644 --- a/charts/donetick/readme.md +++ b/charts/donetick/readme.md @@ -107,11 +107,18 @@ config: type: "postgres" host: "postgresql.database.svc.cluster.local" port: 5432 - user: "donetick" name: "donetick" - # Use existing secret for database credentials - existingSecret: "donetick-db-secret" - passwordKey: "postgresql-password" + + # Use existing secret for postgres credentials + database: + type: "postgres" + host: "postgresql.database.svc.cluster.local" + port: 5432 + name: "donetick" + secrets: + existingSecret: "donetick-postgres-secret" + userKey: "username" + passwordKey: "password" # Use existing secret for JWT jwt: @@ -179,9 +186,10 @@ ingress: Create the required secrets: ```bash -# Database secret -kubectl create secret generic donetick-db-secret \ - --from-literal=postgresql-password='your-secure-db-password' +# Postgres secret +kubectl create secret generic donetick-postgres-secret \ + --from-literal=username='donetick' \ + --from-literal=password='your-secure-db-password' # JWT secret kubectl create secret generic donetick-jwt-secret \ @@ -234,12 +242,9 @@ helm uninstall donetick | `config.oauth2.existingSecret` | Name of existing secret for OAuth2 credentials | `""` | | `config.oauth2.clientIdKey` | Key in the existing secret for OAuth2 client ID | `"client-id"` | | `config.oauth2.clientSecretKey` | Key in the existing secret for OAuth2 client secret | `"client-secret"` | -| `config.database.existingSecret` | Name of existing secret for database credentials | `""` | -| `config.database.hostKey` | Key in the existing secret for database host | `"db-host"` | -| `config.database.portKey` | Key in the existing secret for database port | `"db-port"` | -| `config.database.userKey` | Key in the existing secret for database user | `"db-user"` | -| `config.database.passwordKey` | Key in the existing secret for database password | `"db-password"` | -| `config.database.nameKey` | Key in the existing secret for database name | `"db-name"` | +| `config.database.secrets.existingSecret` | Name of existing secret for postgres credentials | `""` | +| `config.database.secrets.userKey` | Key in the existing secret for postgres username | `"username"` | +| `config.database.secrets.passwordKey` | Key in the existing secret for postgres password | `"password"` | ### Deployment parameters diff --git a/charts/donetick/templates/configmap.yaml b/charts/donetick/templates/configmap.yaml index a90a5b1..ddee798 100644 --- a/charts/donetick/templates/configmap.yaml +++ b/charts/donetick/templates/configmap.yaml @@ -23,14 +23,18 @@ data: migration_retry: {{ .Values.config.database.migration_retry }} {{- end }} {{- if eq .Values.config.database.type "postgres" }} - {{- if not .Values.config.database.existingSecret }} + {{- if not .Values.config.database.secrets.existingSecret }} host: {{ .Values.config.database.host | quote }} port: {{ .Values.config.database.port }} user: {{ .Values.config.database.user | quote }} password: {{ .Values.config.database.password | quote }} name: {{ .Values.config.database.name | quote }} {{- else }} - # Database credentials will be injected via environment variables from Secret + # Database host, port, and name from values, credentials from Secret + host: {{ .Values.config.database.host | quote }} + port: {{ .Values.config.database.port }} + name: {{ .Values.config.database.name | quote }} + # Username and password will be injected via environment variables from Secret {{- end }} {{- end }} jwt: diff --git a/charts/donetick/templates/deployment.yaml b/charts/donetick/templates/deployment.yaml index 84585d3..8268d84 100644 --- a/charts/donetick/templates/deployment.yaml +++ b/charts/donetick/templates/deployment.yaml @@ -88,7 +88,7 @@ spec: - name: {{ .name }} value: {{ .value | quote }} {{- end }} - {{- if or .Values.config.jwt.existingSecret .Values.config.oauth2.existingSecret .Values.config.database.existingSecret }} + {{- if or .Values.config.jwt.existingSecret .Values.config.oauth2.existingSecret .Values.config.database.secrets.existingSecret }} # Secret-based environment variables {{- if .Values.config.jwt.existingSecret }} - name: DT_JWT_SECRET @@ -109,32 +109,17 @@ spec: name: {{ .Values.config.oauth2.existingSecret }} key: {{ .Values.config.oauth2.clientSecretKey }} {{- end }} - {{- if and .Values.config.database.existingSecret (eq .Values.config.database.type "postgres") }} - - name: DT_DB_HOST - valueFrom: - secretKeyRef: - name: {{ .Values.config.database.existingSecret }} - key: {{ .Values.config.database.hostKey }} - - name: DT_DB_PORT - valueFrom: - secretKeyRef: - name: {{ .Values.config.database.existingSecret }} - key: {{ .Values.config.database.portKey }} + {{- if and .Values.config.database.secrets.existingSecret (eq .Values.config.database.type "postgres") }} - name: DT_DB_USER valueFrom: secretKeyRef: - name: {{ .Values.config.database.existingSecret }} - key: {{ .Values.config.database.userKey }} + name: {{ .Values.config.database.secrets.existingSecret }} + key: {{ .Values.config.database.secrets.userKey }} - name: DT_DB_PASSWORD valueFrom: secretKeyRef: - name: {{ .Values.config.database.existingSecret }} - key: {{ .Values.config.database.passwordKey }} - - name: DT_DB_NAME - valueFrom: - secretKeyRef: - name: {{ .Values.config.database.existingSecret }} - key: {{ .Values.config.database.nameKey }} + name: {{ .Values.config.database.secrets.existingSecret }} + key: {{ .Values.config.database.secrets.passwordKey }} {{- end }} {{- end }} {{- with .Values.extraEnv }} diff --git a/charts/donetick/templates/secret.yaml b/charts/donetick/templates/secret.yaml index 3b225f7..bbe85c6 100644 --- a/charts/donetick/templates/secret.yaml +++ b/charts/donetick/templates/secret.yaml @@ -1,4 +1,4 @@ -{{- if or (not .Values.config.jwt.existingSecret) (and (not .Values.config.oauth2.existingSecret) (or .Values.config.oauth2.client_id .Values.config.oauth2.client_secret)) (and (eq .Values.config.database.type "postgres") (not .Values.config.database.existingSecret)) }} +{{- if or (not .Values.config.jwt.existingSecret) (and (not .Values.config.oauth2.existingSecret) (or .Values.config.oauth2.client_id .Values.config.oauth2.client_secret)) (and (eq .Values.config.database.type "postgres") (not .Values.config.database.secrets.existingSecret)) }} apiVersion: v1 kind: Secret metadata: @@ -10,8 +10,8 @@ data: {{- if not .Values.config.jwt.existingSecret }} {{ .Values.config.jwt.secretKey }}: {{ .Values.config.jwt.secret | b64enc }} {{- end }} - {{- if and (eq .Values.config.database.type "postgres") (not .Values.config.database.existingSecret) }} - {{ .Values.config.database.passwordKey }}: {{ .Values.config.database.password | b64enc }} + {{- if and (eq .Values.config.database.type "postgres") (not .Values.config.database.secrets.existingSecret) }} + {{ .Values.config.database.secrets.passwordKey }}: {{ .Values.config.database.password | b64enc }} {{- end }} {{- if and (not .Values.config.oauth2.existingSecret) .Values.config.oauth2.client_id }} {{ .Values.config.oauth2.clientIdKey }}: {{ .Values.config.oauth2.client_id | b64enc }} diff --git a/charts/donetick/values.yaml b/charts/donetick/values.yaml index 0888746..e0df060 100644 --- a/charts/donetick/values.yaml +++ b/charts/donetick/values.yaml @@ -157,21 +157,17 @@ config: # Migration options migration_skip: false # Set to true to skip database migrations migration_retry: 3 # Number of retries for failed migrations - - # These are only required for postgres - direct configuration + + # These are only required for postgres host: "" port: 5432 - user: "" - password: "" name: "" - - # Secret configuration for database credentials - existingSecret: "" # Name of existing Kubernetes secret - hostKey: "db-host" # Key in the secret for database host - portKey: "db-port" # Key in the secret for database port - userKey: "db-user" # Key in the secret for database user - passwordKey: "db-password" # Key in the secret for database password - nameKey: "db-name" # Key in the secret for database name + + # Secret configuration for postgres credentials + secrets: + existingSecret: "" # Name of existing Kubernetes secret containing postgres credentials + userKey: "username" # Key in the secret for database username + passwordKey: "password" # Key in the secret for database password # Security settings # For production, use a generated secret and store in a Kubernetes Secret