icecheng/freeleaps-ops
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Changed the secret configuration of central storage

Browse Source
This commit is contained in:
Nicolas 2025-08-18 17:38:47 +08:00
parent 44c074532b
commit cd9f42e143
5 changed files with 49 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
freeleaps/helm-pkg/centralStorage/templates/central-storage/central-storage-config.yaml
View File

@ -13,7 +13,9 @@ data:
MONGODB_PORT: {{ .Values.centralStorage.configs.mongodbPort | toString | b64enc }}
METRICS_ENABLED: {{ .Values.centralStorage.configs.metricsEnabled | default false | toString | b64enc }}
PROBES_ENABLED: {{ .Values.centralStorage.configs.probesEnabled | default false | toString | b64enc }}
DEBUG_MODE: {{ .Values.centralStorage.configs.debugMode | default false | toString | b64enc }}
{{- if .Values.centralStorage.configs.debugMode }}
DEBUG_MODE: {{ .Values.centralStorage.configs.debugMode | toString | b64enc }}
{{- end }}
LOG_BASE_PATH: {{ .Values.logIngest.logPath | b64enc | quote }}
BACKEND_LOG_FILE_NAME: {{ .Values.centralStorage.configs.appName | b64enc | quote }}
APPLICATION_ACTIVITY_LOG: {{ .Values.centralStorage.configs.appName | printf "%s-activity" | b64enc | quote }}

2
freeleaps/helm-pkg/centralStorage/templates/central-storage/deployment.yaml
View File

@ -100,12 +100,14 @@ spec:
{{- end}}
env:
{{- range $key, $value := .Values.centralStorage.configs }}
{{- if not (or (eq $key "mongodbUri") (eq $key "azureStorageDocumentApiKey") (eq $key "azureStorageDocumentApiEndpoint")) }}
- name: {{ $key | snakecase | upper }}
valueFrom:
secretKeyRef:
name: central-storage-config
key: {{ $key | snakecase | upper }}
{{- end }}
{{- end }}
# Inject secrets from FreeleapsSecret object
{{- if .Values.centralStorage.secrets }}
{{ $targetSecretName := .Values.centralStorage.secrets.target.name }}

2
freeleaps/helm-pkg/centralStorage/templates/central-storage/freeleapssecret.yaml
View File

@ -1,7 +1,7 @@
apiVersion: freeleaps.com/v1alpha1
kind: FreeleapsSecret
metadata:
name: freeleaps-central-storage-alpha-secrets
name: {{ .Values.centralStorage.secrets.target.name }}
namespace: {{ .Release.Namespace }}
spec:
secretStoreRef:

24
freeleaps/helm-pkg/centralStorage/values.prod.yaml
View File

@ -73,11 +73,29 @@ centralStorage:
serviceApiAccessPort: 8005
mongodbName: freeleaps2
mongodbPort: 27017
mongodbUri: mongodb+srv://freeadmin:0eMV0bt8oyaknA0m@freeleaps2.zmsmpos.mongodb.net/?retryWrites=true&w=majority
azureStorageDocumentApiKey: xbiFtFeQ6v5dozgVM99fZ9huUomL7QcLu6s0y8zYHtIXZ8XdneKDMcg4liQr/9oNlVoRFcZhWjLY+ASt9cjICQ==
azureStorageDocumentApiEndpoint: https://freeleaps1document.blob.core.windows.net/
metricsEnabled: 'true'
probesEnabled: 'true'
secrets:
secretStoreRef:
kind: FreeleapsSecretStore
name: freeleaps-main-secret-store
target:
name: "freeleaps-central-storage-prod-secrets"
creationPolicy: "Owner"
refreshInterval: 30s
data:
- key: mongodbUri
remoteRef:
key: "freeleaps-prod-mongodb-uri"
type: Secret
- key: azureStorageDocumentApiKey
remoteRef:
key: "freeleaps-prod-azure-storage-document-api-key"
type: Secret
- key: azureStorageDocumentApiEndpoint
remoteRef:
key: "freeleaps-prod-azure-storage-document-api-endpoint"
type: Secret
vpa:
minAllowed:
enabled: true

22
freeleaps/helm-pkg/centralStorage/values.yaml
View File

@ -69,6 +69,28 @@ central-storage:
metricsEnabled: "false"
# PROBES_ENABLED
probesEnabled: "false"
# AKV secrets configuration
secrets:
secretStoreRef:
kind: FreeleapsSecretStore
name: freeleaps-main-secret-store
target:
name: "freeleaps-central-storage-secrets"
creationPolicy: "Owner"
refreshInterval: 30s
data:
- key: mongodbUri
remoteRef:
key: "freeleaps-mongodb-uri"
type: Secret
- key: azureStorageDocumentApiKey
remoteRef:
key: "freeleaps-azure-storage-document-api-key"
type: Secret
- key: azureStorageDocumentApiEndpoint
remoteRef:
key: "freeleaps-azure-storage-document-api-endpoint"
type: Secret
vpa:
minAllowed:
enabled: false