Skip to content

Commit

Permalink
Add possibility to define externally added secrets (e.g. created by… (#…
Browse files Browse the repository at this point in the history 
…38)
  • Loading branch information
@mikhainin
mikhainin authored May 29, 2023
1 parent 34b4d15 commit 8814fe8
Show file tree
Hide file tree
Showing 4 changed files with 27 additions and 1 deletion.
2 changes: 1 addition & 1 deletion charts/athens-proxy/Chart.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
apiVersion: v1
name: athens-proxy
version: 0.6.1
version: 0.7.0
appVersion: v0.12.0
description: The proxy server for Go modules
icon: https://raw.githubusercontent.com/gomods/athens/main/docs/static/banner.png
Expand Down
20 changes: 20 additions & 0 deletions charts/athens-proxy/templates/deployment.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -52,10 +52,16 @@ spec:
mountPath: /ssh-keys
{{- $dot := . -}}
{{- range $server := .Values.sshGitServers }}
{{- if $server.existingSecret }}
- name: ssh-git-servers-secret-{{ $server.host | replace "." "-" }}
mountPath: "{{ template "home" $dot }}/.ssh/id_rsa-{{ $server.host }}"
subPath: {{ $server.existingSecret.subPath | quote }}
{{- else }}
- name: ssh-git-servers-secret
mountPath: {{ template "home" $dot }}/.ssh/id_rsa-{{ $server.host }}
subPath: id_rsa-{{ $server.host }}
{{- end }}
{{- end }}
{{- if .Values.image.runAsNonRoot }}
securityContext:
runAsUser: 1000
Expand Down Expand Up @@ -227,6 +233,13 @@ spec:
mountPath: "/etc/gitconfig"
subPath: "gitconfig"
{{- end }}
{{- range $server := .Values.sshGitServers }}
{{- if $server.existingSecret }}
- name: ssh-git-servers-secret-{{ $server.host | replace "." "-" }}
mountPath: "/root/.ssh/id_rsa-{{ $server.host }}"
subPath: {{ $server.existingSecret.subPath | quote }}
{{- end }}
{{- end }}
{{- if .Values.image.runAsNonRoot }}
securityContext:
runAsUser: 1000
Expand Down Expand Up @@ -263,6 +276,13 @@ spec:
- name: ssh-git-servers-secret
secret:
secretName: {{ template "fullname" . }}-ssh-git-servers
{{- range $server := .Values.sshGitServers }}
{{- if $server.existingSecret }}
- name: ssh-git-servers-secret-{{ $server.host | replace "." "-" }}
secret:
secretName: {{ $server.existingSecret.name | quote }}
{{- end }}
{{- end }}
{{- end }}
{{- if .Values.gitconfig.enabled }}
- name: gitconfig
Expand Down
2 changes: 2 additions & 0 deletions charts/athens-proxy/templates/secret-ssh-git-servers.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,8 @@ metadata:
type: Opaque
data:
{{- range $server := .Values.sshGitServers }}
{{- if (not $server.existingSecret) -}}
id_rsa-{{ $server.host }}: {{ $server.privateKey | b64enc | quote }}
{{- end -}}
{{- end }}
{{- end -}}
4 changes: 4 additions & 0 deletions charts/athens-proxy/values.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -159,6 +159,10 @@ sshGitServers: {}
# -----END RSA PRIVATE KEY-----
## ssh port
# port: 22
## ssh private key from the existing secret (to be added separately in "Secret" Resource)
# existingSecret:
# name: ssh-keys
# subPath: secret.id_rsa

goGetWorkers: 3

Expand Down

0 comments on commit 8814fe8

Please sign in to comment.