Skip to content

Commit

Permalink
[stable/sentry] Makes changing the secreyKey possible (helm#19938)
Browse files Browse the repository at this point in the history 
* feat: make specifiying email secret key possible

Signed-off-by: wilmardo <info@wilmardenouden.nl>

* feat: make specifiying postgresql secret key possible

Signed-off-by: wilmardo <info@wilmardenouden.nl>

* feat: make specifiying redis secret key possible

Signed-off-by: wilmardo <info@wilmardenouden.nl>

* chore: bump chartVersion

Signed-off-by: wilmardo <info@wilmardenouden.nl>
Signed-off-by: Artur <artur@upbound.io>
  • Loading branch information
@wilmardo
wilmardo authored and Artur committed Jan 28, 2020
1 parent 0472af2 commit 48efafc
Show file tree
Hide file tree
Showing 10 changed files with 55 additions and 18 deletions.
2 changes: 1 addition & 1 deletion stable/sentry/Chart.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
apiVersion: v1
description: Sentry is a cross-platform crash reporting and aggregation platform.
name: sentry
version: 3.1.7
version: 3.2.0
appVersion: 9.1.2
keywords:
- debugging
Expand Down
9 changes: 7 additions & 2 deletions stable/sentry/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -109,7 +109,8 @@ Parameter | Description
`email.password` | SMTP password | `nil`
`email.use_tls` | SMTP TLS for security | `false`
`email.enable_replies` | Allow email replies | `false`
`email.existingSecret` | SMTP password from an existing secret (key must be `smtp-password`) | `nil`
`email.existingSecret` | SMTP password from an existing secret | `nil`
`email.existingSecretKey` | Key to get from the `email.existingSecret` secret | `smtp-password`
`service.type` | Kubernetes service type | `LoadBalancer`
`service.name` | Kubernetes service name | `sentry`
`service.externalPort` | Kubernetes external service port | `9000`
Expand All @@ -126,12 +127,16 @@ Parameter | Description
`postgresql.postgresqlDatabase` | Postgres database name | `sentry`
`postgresql.postgresqlUsername` | Postgres username | `postgres`
`postgresql.postgresqlHost` | External postgres host | `nil`
`postgresql.postgresqlPassword` | External/Internal postgres password | `nil`
`postgresql.postgresqlPassword` | External/Internal postgres password | `nil`
`postgresql.postgresqlPort` | External postgres port | `5432`
`postgresql.existingSecret` | Name of existing secret to use for the PostgreSQL password | `nil`
`postgresql.existingSecretKey` | Key to get from the `postgresql.existingSecret` secret | `postgresql-password`
`redis.enabled` | Deploy redis server (see below) | `true`
`redis.host` | External redis host | `nil`
`redis.password` | External redis password | `nil`
`redis.port` | External redis port | `6379`
`redis.existingSecret` | Name of existing secret to use for the Redis password | `nil`
`redis.existingSecretKey` | Key to get from the `redis.existingSecret` secret | `redis-password`
`filestore.backend` | Backend for Sentry Filestore | `filesystem`
`filestore.filesystem.path` | Location to store files for Sentry | `/var/lib/sentry/files`
`filestore.filesystem.persistence.enabled` | Enable Sentry files persistence using PVC | `true`
Expand Down
22 changes: 22 additions & 0 deletions stable/sentry/templates/_helpers.tpl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -78,6 +78,17 @@ Set postgres secret
{{- end -}}
{{- end -}}

{{/*
Set postgres secretKey
*/}}
{{- define "sentry.postgresql.secretKey" -}}
{{- if .Values.postgresql.enabled -}}
"postgresql-password"
{{- else -}}
{{- default "postgresql-password" .Values.postgresql.existingSecretKey | quote -}}
{{- end -}}
{{- end -}}

{{/*
Set postgres port
*/}}
Expand Down Expand Up @@ -111,6 +122,17 @@ Set redis secret
{{- end -}}
{{- end -}}

{{/*
Set redis secretKey
*/}}
{{- define "sentry.redis.secretKey" -}}
{{- if .Values.redis.enabled -}}
"redis-password"
{{- else -}}
{{- default "redis-password" .Values.redis.existingSecretKey | quote -}}
{{- end -}}
{{- end -}}

{{/*
Set redis port
*/}}
Expand Down
7 changes: 4 additions & 3 deletions stable/sentry/templates/cron-deployment.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -77,7 +77,7 @@ spec:
{{- else }}
name: {{ template "sentry.postgresql.secret" . }}
{{- end }}
key: postgresql-password
key: {{ template "sentry.postgresql.secretKey" . }}
- name: SENTRY_POSTGRES_HOST
value: {{ template "sentry.postgresql.host" . }}
- name: SENTRY_POSTGRES_PORT
Expand All @@ -91,7 +91,7 @@ spec:
{{- else }}
name: {{ template "sentry.redis.secret" . }}
{{- end }}
key: redis-password
key: {{ template "sentry.redis.secretKey" . }}
{{- end }}
- name: SENTRY_REDIS_HOST
value: {{ template "sentry.redis.host" . }}
Expand All @@ -108,10 +108,11 @@ spec:
secretKeyRef:
{{- if .Values.email.existingSecret }}
name: {{ .Values.email.existingSecret }}
key: {{ default "smtp-password" .Values.email.existingSecretKey }}
{{- else }}
name: {{ template "sentry.fullname" . }}
{{- end }}
key: smtp-password
{{- end }}
- name: SENTRY_EMAIL_USE_TLS
value: {{ .Values.email.use_tls | quote }}
- name: SENTRY_SERVER_EMAIL
Expand Down
4 changes: 2 additions & 2 deletions stable/sentry/templates/hooks/db-init.job.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -58,7 +58,7 @@ spec:
{{- else }}
name: {{ template "sentry.postgresql.secret" . }}
{{- end }}
key: postgresql-password
key: {{ template "sentry.postgresql.secretKey" . }}
- name: SENTRY_POSTGRES_HOST
value: {{ template "sentry.postgresql.host" . }}
- name: SENTRY_POSTGRES_PORT
Expand All @@ -72,7 +72,7 @@ spec:
{{- else }}
name: {{ template "sentry.redis.secret" . }}
{{- end }}
key: redis-password
key: {{ template "sentry.redis.secretKey" . }}
{{- end }}
- name: SENTRY_REDIS_HOST
value: {{ template "sentry.redis.host" . }}
Expand Down
4 changes: 2 additions & 2 deletions stable/sentry/templates/hooks/user-create.job.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -58,7 +58,7 @@ spec:
{{- else }}
name: {{ template "sentry.postgresql.secret" . }}
{{- end }}
key: postgresql-password
key: {{ template "sentry.postgresql.secretKey" . }}
- name: SENTRY_POSTGRES_HOST
value: {{ template "sentry.postgresql.host" . }}
- name: SENTRY_POSTGRES_PORT
Expand All @@ -72,7 +72,7 @@ spec:
{{- else }}
name: {{ template "sentry.redis.secret" . }}
{{- end }}
key: redis-password
key: {{ template "sentry.redis.secretKey" . }}
{{- end }}
- name: SENTRY_REDIS_HOST
value: {{ template "sentry.redis.host" . }}
Expand Down
4 changes: 2 additions & 2 deletions stable/sentry/templates/secrets.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,9 +22,9 @@ data:
{{ else }}
user-password: {{ randAlphaNum 16 | b64enc | quote }}
{{ end }}
{{ if or (not .Values.postgresql.enabled) (.Values.postgresql.password) }}
{{ if and (.Values.postgresql.existingSecret) (or (not .Values.postgresql.enabled) (.Values.postgresql.password)) }}
postgresql-password: {{ .Values.postgresql.postgresqlPassword | default "" | b64enc | quote }}
{{ end }}
{{ if and (not .Values.redis.enabled) (.Values.redis.password) }}
{{ if and (.Values.postgresql.existingSecret) (not .Values.redis.enabled) (.Values.redis.password) }}
redis-password: {{ .Values.redis.password | default "" | b64enc | quote }}
{{ end }}
4 changes: 2 additions & 2 deletions stable/sentry/templates/web-deployment.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -76,7 +76,7 @@ spec:
{{- else }}
name: {{ template "sentry.postgresql.secret" . }}
{{- end }}
key: postgresql-password
key: {{ template "sentry.postgresql.secretKey" . }}
- name: SENTRY_POSTGRES_HOST
value: {{ template "sentry.postgresql.host" . }}
- name: SENTRY_POSTGRES_PORT
Expand All @@ -90,7 +90,7 @@ spec:
{{- else }}
name: {{ template "sentry.redis.secret" . }}
{{- end }}
key: redis-password
key: {{ template "sentry.redis.secretKey" . }}
{{- end }}
- name: SENTRY_REDIS_HOST
value: {{ template "sentry.redis.host" . }}
Expand Down
4 changes: 2 additions & 2 deletions stable/sentry/templates/workers-deployment.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -86,7 +86,7 @@ spec:
{{- else }}
name: {{ template "sentry.postgresql.secret" . }}
{{- end }}
key: postgresql-password
key: {{ template "sentry.postgresql.secretKey" . }}
- name: SENTRY_POSTGRES_HOST
value: {{ template "sentry.postgresql.host" . }}
- name: SENTRY_POSTGRES_PORT
Expand All @@ -100,7 +100,7 @@ spec:
{{- else }}
name: {{ template "sentry.redis.secret" . }}
{{- end }}
key: redis-password
key: {{ template "sentry.redis.secretKey" . }}
{{- end }}
- name: SENTRY_REDIS_HOST
value: {{ template "sentry.redis.host" . }}
Expand Down
13 changes: 11 additions & 2 deletions stable/sentry/values.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -92,6 +92,9 @@ email:
user:
password:
enable_replies: false
# When defined the `password` field is ignored
# existingSecret: secret-name
# existingSecretKey: smtp-password

# Name of the service and what port to expose on the pod
# Don't change these unless you know what you're doing
Expand Down Expand Up @@ -194,19 +197,25 @@ postgresql:
nameOverride: sentry-postgresql
postgresqlDatabase: sentry
postgresqlUsername: postgres
# Only used when internal PG is disabled
# The following variables are only used when internal PG is disabled
# postgresqlHost: postgres
# postgresqlPassword: postgres
# postgresqlPort: 5432
# When defined the `postgresqlPassword` field is ignored
# existingSecret: secret-name
# existingSecretKey: postgresql-password

redis:
enabled: true
nameOverride: sentry-redis
# Only used when internal redis is disabled
# The following variables are only used when internal PG is disabled
# host: redis
# Just omit the password field if your redis cluster doesn't use password
# password: redis
# port: 6379
# When defined the `password` field is ignored
# existingSecret: secret-name
# existingSecretKey: redis-password
master:
persistence:
enabled: true
Expand Down

0 comments on commit 48efafc

Please sign in to comment.