search

OneUptime / oneuptime

OneUptime is the complete open-source observability platform.
https://oneuptime.com
Apache License 2.0
4.85k stars 228 forks source link

Add option of "existingSecret" for oneuptimeSecret and encryptionSecret #1675

Closed luisxkimo closed 2 months ago

luisxkimo commented 2 months ago

Is your feature request related to a problem? Please describe.

We can't use "external" secrets to add custom values for oneuptimeSecret and encryptionSecret. This makes insecure this secret when we want to upload the helm values file to a repository.

Describe the solution you'd like Like in the configuration of externalPostgres, add to the configuration of the Helm chart to enable use custom existing secret.

Describe alternatives you've considered If I'm right, in _helpers.tpl should be something like this:

- name: ONEUPTIME_SECRET
  {{- if $.Values.oneuptimeSecret }}
  value: {{ $.Values.oneuptimeSecret }}
  {{- else }}

  {{- if $.Values.externalOneuptimeSecret.existingSecret.name }}
  valueFrom:
    secretKeyRef:
        name: {{ printf "%s" $.Values.externalOneuptimeSecret.existingSecret.name }}
        key: {{ $.Values.externalOneuptimeSecret.existingSecret.passwordKey }}
  {{- else }}
  valueFrom:
    secretKeyRef:
      name: {{ printf "%s-%s" $.Release.Name "secrets"  }}
      key: oneuptime-secret
  {{- end }}
  {{- end }}

Same for ENCRYPTION_SECRET

simlarsen commented 2 months ago

This is merged in already. Closing this.