icecheng/freeleaps-ops
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request 'Changed the secret configuration of central storage' (#70) from Nicolas_local_ops into master

Browse Source 
Reviewed-on: https://gitea.freeleaps.mathmast.com/freeleaps/freeleaps-ops/pulls/70
This commit is contained in:
Nicolas 2025-08-18 09:39:37 +00:00
commit cd2a0f3963
5 changed files with 49 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
freeleaps/helm-pkg/centralStorage/templates/central-storage/central-storage-config.yaml
View File

@ -13,7 +13,9 @@ data:
MONGODB_PORT: {{ .Values.centralStorage.configs.mongodbPort | toString | b64enc }} MONGODB_PORT: {{ .Values.centralStorage.configs.mongodbPort | toString | b64enc }}
METRICS_ENABLED: {{ .Values.centralStorage.configs.metricsEnabled | default false | toString | b64enc }} METRICS_ENABLED: {{ .Values.centralStorage.configs.metricsEnabled | default false | toString | b64enc }}
PROBES_ENABLED: {{ .Values.centralStorage.configs.probesEnabled | default false | toString | b64enc }} PROBES_ENABLED: {{ .Values.centralStorage.configs.probesEnabled | default false | toString | b64enc }}
DEBUG_MODE: {{ .Values.centralStorage.configs.debugMode | default false | toString | b64enc }} {{- if .Values.centralStorage.configs.debugMode }}
DEBUG_MODE: {{ .Values.centralStorage.configs.debugMode | toString | b64enc }}
{{- end }}
LOG_BASE_PATH: {{ .Values.logIngest.logPath | b64enc | quote }} LOG_BASE_PATH: {{ .Values.logIngest.logPath | b64enc | quote }}
BACKEND_LOG_FILE_NAME: {{ .Values.centralStorage.configs.appName | b64enc | quote }} BACKEND_LOG_FILE_NAME: {{ .Values.centralStorage.configs.appName | b64enc | quote }}
APPLICATION_ACTIVITY_LOG: {{ .Values.centralStorage.configs.appName | printf "%s-activity" | b64enc | quote }} APPLICATION_ACTIVITY_LOG: {{ .Values.centralStorage.configs.appName | printf "%s-activity" | b64enc | quote }}

2
freeleaps/helm-pkg/centralStorage/templates/central-storage/deployment.yaml
View File

@ -100,12 +100,14 @@ spec:
{{- end}} {{- end}}
env: env:
{{- range $key, $value := .Values.centralStorage.configs }} {{- range $key, $value := .Values.centralStorage.configs }}
{{- if not (or (eq $key "mongodbUri") (eq $key "azureStorageDocumentApiKey") (eq $key "azureStorageDocumentApiEndpoint")) }}
- name: {{ $key | snakecase | upper }} - name: {{ $key | snakecase | upper }}
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:
name: central-storage-config name: central-storage-config
key: {{ $key | snakecase | upper }} key: {{ $key | snakecase | upper }}
{{- end }} {{- end }}
{{- end }}
# Inject secrets from FreeleapsSecret object # Inject secrets from FreeleapsSecret object
{{- if .Values.centralStorage.secrets }} {{- if .Values.centralStorage.secrets }}
{{ $targetSecretName := .Values.centralStorage.secrets.target.name }} {{ $targetSecretName := .Values.centralStorage.secrets.target.name }}

2
freeleaps/helm-pkg/centralStorage/templates/central-storage/freeleapssecret.yaml
View File

@ -1,7 +1,7 @@
apiVersion: freeleaps.com/v1alpha1 apiVersion: freeleaps.com/v1alpha1
kind: FreeleapsSecret kind: FreeleapsSecret
metadata: metadata:
name: freeleaps-central-storage-alpha-secrets name: {{ .Values.centralStorage.secrets.target.name }}
namespace: {{ .Release.Namespace }} namespace: {{ .Release.Namespace }}
spec: spec:
secretStoreRef: secretStoreRef:

24
freeleaps/helm-pkg/centralStorage/values.prod.yaml
View File

@ -73,11 +73,29 @@ centralStorage:
serviceApiAccessPort: 8005 serviceApiAccessPort: 8005
mongodbName: freeleaps2 mongodbName: freeleaps2
mongodbPort: 27017 mongodbPort: 27017
mongodbUri: mongodb+srv://freeadmin:0eMV0bt8oyaknA0m@freeleaps2.zmsmpos.mongodb.net/?retryWrites=true&w=majority
azureStorageDocumentApiKey: xbiFtFeQ6v5dozgVM99fZ9huUomL7QcLu6s0y8zYHtIXZ8XdneKDMcg4liQr/9oNlVoRFcZhWjLY+ASt9cjICQ==
azureStorageDocumentApiEndpoint: https://freeleaps1document.blob.core.windows.net/
metricsEnabled: 'true' metricsEnabled: 'true'
probesEnabled: 'true' probesEnabled: 'true'
secrets:
secretStoreRef:
kind: FreeleapsSecretStore
name: freeleaps-main-secret-store
target:
name: "freeleaps-central-storage-prod-secrets"
creationPolicy: "Owner"
refreshInterval: 30s
data:
- key: mongodbUri
remoteRef:
key: "freeleaps-prod-mongodb-uri"
type: Secret
- key: azureStorageDocumentApiKey
remoteRef:
key: "freeleaps-prod-azure-storage-document-api-key"
type: Secret
- key: azureStorageDocumentApiEndpoint
remoteRef:
key: "freeleaps-prod-azure-storage-document-api-endpoint"
type: Secret
vpa: vpa:
minAllowed: minAllowed:
enabled: true enabled: true

22
freeleaps/helm-pkg/centralStorage/values.yaml
View File

@ -69,6 +69,28 @@ central-storage:
metricsEnabled: "false" metricsEnabled: "false"
# PROBES_ENABLED # PROBES_ENABLED
probesEnabled: "false" probesEnabled: "false"
# AKV secrets configuration
secrets:
secretStoreRef:
kind: FreeleapsSecretStore
name: freeleaps-main-secret-store
target:
name: "freeleaps-central-storage-secrets"
creationPolicy: "Owner"
refreshInterval: 30s
data:
- key: mongodbUri
remoteRef:
key: "freeleaps-mongodb-uri"
type: Secret
- key: azureStorageDocumentApiKey
remoteRef:
key: "freeleaps-azure-storage-document-api-key"
type: Secret
- key: azureStorageDocumentApiEndpoint
remoteRef:
key: "freeleaps-azure-storage-document-api-endpoint"
type: Secret
vpa: vpa:
minAllowed: minAllowed:
enabled: false enabled: false