From df19b7ca5c5077c4237c095ab8f4af4acacf9c1b Mon Sep 17 00:00:00 2001 From: Jim Nicholson Date: Fri, 29 Oct 2021 23:09:29 -0700 Subject: [PATCH] Switch to mittwald's secret generator --- deployment.yaml | 5 +++++ kustomization.yaml | 23 ++++++++++++----------- secrets.yaml | 10 ++++++++++ 3 files changed, 27 insertions(+), 11 deletions(-) create mode 100644 secrets.yaml diff --git a/deployment.yaml b/deployment.yaml index d366eb2..ed19793 100644 --- a/deployment.yaml +++ b/deployment.yaml @@ -34,6 +34,11 @@ env: - name: PGDATA value: /var/lib/postgresql/data/pgdata + - name: POSTGRES_USER + valueFrom: + secretKeyRef: + name: gitea-secrets + key: pg_username - name: POSTGRES_PASSWORD valueFrom: secretKeyRef: diff --git a/kustomization.yaml b/kustomization.yaml index 39169aa..8408d7f 100644 --- a/kustomization.yaml +++ b/kustomization.yaml @@ -1,18 +1,19 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization namespace: gitea -secretGenerator: -- literals: - - pg_password=some1pass5here9 - name: gitea-secrets -generatorOptions: - disableNameSuffixHash: true - labels: - type: generated +# secretGenerator: +# - literals: +# - pg_password=some1pass5here9 +# name: gitea-secrets +# generatorOptions: +# disableNameSuffixHash: true +# labels: +# type: generated resources: - namespace.yaml +- secrets.yaml - storage.yaml - configuration.yaml -- deployment.yaml -- service.yaml -- ingress.yaml +# - deployment.yaml +# - service.yaml +# - ingress.yaml diff --git a/secrets.yaml b/secrets.yaml new file mode 100644 index 0000000..915344e --- /dev/null +++ b/secrets.yaml @@ -0,0 +1,10 @@ +apiVersion: v1 +kind: Secret +type: Opaque +metadata: + name: gitea-secrets + namespace: gitea + annotations: + secret-generator.v1.mittwald.de/autogenerate: pg_password +data: + pg_username: cG9zdGdyZXM= \ No newline at end of file