[common] 3.1.0 Addition of secret kind (#596)

Signed-off-by: Nicholas Wilde <ncwilde43@gmail.com>
2025-01-23 15:39:02 +00:00 · 2021-02-28 11:33:07 -08:00 · 2021-02-28 11:33:07 -08:00 · 18966b01ab
commit 18966b01ab
parent ba978447bf
8 changed files with 73 additions and 8 deletions
--- a/charts/common/Chart.yaml
+++ b/charts/common/Chart.yaml
@ -2,7 +2,7 @@ apiVersion: v2
 name: common
 description: Function library for k8s-at-home charts
 type: library
-version: 3.0.1
+version: 3.1.0
 kubeVersion: ">=1.16.0-0"
 keywords:
 - k8s-at-home
@ -11,3 +11,5 @@ home: https://github.com/k8s-at-home/charts/tree/master/charts/common
 maintainers:
 - name: bjw-s
  email: me@bjw-s.dev
+- name: nicholaswilde
+  email: ncwilde43@gmail.com
--- a/charts/common/README.md
+++ b/charts/common/README.md
@ -1,6 +1,6 @@
 # common

-![Version: 3.0.1](https://img.shields.io/badge/Version-3.0.1-informational?style=flat-square) ![Type: library](https://img.shields.io/badge/Type-library-informational?style=flat-square)
+![Version: 3.1.0](https://img.shields.io/badge/Version-3.1.0-informational?style=flat-square) ![Type: library](https://img.shields.io/badge/Type-library-informational?style=flat-square)

 Function library for k8s-at-home charts

@ -74,7 +74,7 @@ Include this chart as a dependency in your `Chart.yaml` e.g.
 # Chart.yaml
 dependencies:
 - name: common
-  version: 3.0.1
+  version: 3.1.0
  repository: https://k8s-at-home.com/charts/
 ```
 Write a `values.yaml` with some basic defaults you want to present to the user e.g.
@ -252,6 +252,7 @@ helm dependency update
 | probes.startup.spec.timeoutSeconds | int | `1` |  |
 | replicas | int | `1` |  |
 | resources | object | `{}` |  |
+| secret | object | `{}` |  |
 | securityContext | object | `{}` |  |
 | service.additionalPorts | list | `[]` |  |
 | service.additionalServices | list | `[]` |  |
@ -277,6 +278,12 @@ All notable changes to this application Helm chart will be documented in this fi
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).

+### [3.1.0]
+
+#### Added
+
+- Allow setting secret values through Helm values file.
+
 ### [3.0.1]

 #### Fixed
@ -389,6 +396,8 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0

 This is the last version before starting this changelog. All sorts of cool stuff was changed, but only `git log` remembers what that was :slightly_frowning_face:

+[3.1.0]: #3.1.0
+
 [3.0.1]: #3.0.1

 [3.0.0]: #3.0.0
@ -421,4 +430,4 @@ This is the last version before starting this changelog. All sorts of cool stuff
 - Join our [Discord](https://discord.gg/sTMX7Vh) community

 ----------------------------------------------
-Autogenerated from chart metadata using [helm-docs v1.5.0](https://github.com/norwoodj/helm-docs/releases/v1.5.0)
+Autogenerated from chart metadata using [helm-docs v1.5.0](https://github.com/norwoodj/helm-docs/releases/v1.5.0)
--- a/charts/common/README_CHANGELOG.md.gotmpl
+++ b/charts/common/README_CHANGELOG.md.gotmpl
@ -10,6 +10,12 @@ All notable changes to this application Helm chart will be documented in this fi
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).

+### [3.1.0]
+
+#### Added
+
+- Allow setting secret values through Helm values file.
+
 ### [3.0.1]

 #### Fixed
@ -122,6 +128,8 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0

 This is the last version before starting this changelog. All sorts of cool stuff was changed, but only `git log` remembers what that was :slightly_frowning_face:

+[3.1.0]: #3.1.0
+
 [3.0.1]: #3.0.1

 [3.0.0]: #3.0.0
--- a/charts/common/templates/_all.tpl
+++ b/charts/common/templates/_all.tpl
@ -4,7 +4,7 @@ Main entrypoint for the common library chart. It will render all underlying temp
 {{- define "common.all" -}}
  {{- /* Merge the local chart values and the common chart defaults */ -}}
  {{- include "common.values.setup" . }}
-  
+
  {{- /* Enable code-server add-on if required */ -}}
  {{- if .Values.addons.codeserver.enabled }}
    {{- include "common.addon.codeserver" . }}
@ -33,4 +33,8 @@ Main entrypoint for the common library chart. It will render all underlying temp
  {{ include "common.service" . | nindent 0 }}
  {{- print "---" | nindent 0 -}}
  {{ include "common.ingress" .  | nindent 0 }}
+  {{- if .Values.secret -}}
+    {{- print "---" | nindent 0 -}}
+    {{ include "common.secret" .  | nindent 0 }}
+  {{- end -}}
 {{- end -}}
--- a/charts/common/templates/_secret.tpl
+++ b/charts/common/templates/_secret.tpl
@ -0,0 +1,16 @@
+{{/*
+The Secret object to be created.
+*/}}
+{{- define "common.secret" -}}
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ include "common.names.fullname" . }}
+  labels:
+    {{- include "common.labels" . | nindent 4 }}
+type: Opaque
+{{- with .Values.secret }}
+stringData:
+  {{- toYaml . | nindent 2 }}
+{{- end }}
+{{- end }}
--- a/charts/common/templates/lib/controller/_container.tpl
+++ b/charts/common/templates/lib/controller/_container.tpl
@ -27,13 +27,19 @@ The main container included in the controller.
  {{- end }}
  {{- range $key, $value := .Values.envValueFrom }}
  - name: {{ $key }}
-    valueFrom: 
+    valueFrom:
      {{- $value | toYaml | nindent 6 }}
  {{- end }}
  {{- end }}
-  {{- with .Values.envFrom }}
+  {{- if or .Values.envFrom .Values.secret }}
  envFrom:
-    {{- toYaml . | nindent 12 }}
+  {{- with .Values.envFrom }}
+    {{- toYaml . | nindent 2 }}
+  {{- end }}
+  {{- if or .Values.secret }}
+  - secretRef:
+      name: {{ include "common.names.fullname" . }}
+  {{- end }}
  {{- end }}
  {{- include "common.controller.ports" . | trim | nindent 2 }}
  volumeMounts:
--- a/charts/common/values.yaml
+++ b/charts/common/values.yaml
@ -32,6 +32,12 @@ serviceAccount:
  # If not set and create is true, a name is generated using the fullname template
  name: ""

+## Use this to populate a secret with the values you specify.
+## Be aware that these values are not encrypted by default, and could therefore visible
+## to anybody with access to the values.yaml file.
+secret: {}
+  # PASSWORD: my-password
+
 env: {}
  # TZ: UTC

--- a/test/charts/common-test_spec.rb
+++ b/test/charts/common-test_spec.rb
@ -97,6 +97,20 @@ class Test < ChartTest
        jq('.spec.template.spec.containers[0].env[0].name', resource('Deployment')).must_equal values[:envTpl].keys[0].to_s
        jq('.spec.template.spec.containers[0].env[0].value', resource('Deployment')).must_equal 'common-test-admin'
      end
+      
+      it 'set "static" secret variables' do
+        expectedSecretName = 'common-test'
+        values = {
+          secret: {
+            STATIC_SECRET: 'value_of_secret'
+          }
+        }
+        chart.value values
+        puts jq('.metadata', resource('Secret'))
+        jq('.spec.template.spec.containers[0].envFrom[0].secretRef.name', resource('Deployment')).must_equal expectedSecretName
+        jq('.metadata.name', resource('Secret')).must_equal expectedSecretName
+        jq('.stringData.STATIC_SECRET', resource('Secret')).must_equal values[:secret].values[0].to_s
+      end
    end

    describe 'ports settings' do