search

Twingate-Labs / tg-group-profile-manager-helm

1 stars 0 forks source link

Improvemnt | move PROFILE_CONFIG to configmap #3

Open ErezWeiss opened 1 week ago

ErezWeiss commented 1 week ago

Hi! I'm tired of editing the PROFILE_CONFIG from the K8S secret... I prefer to do it in git with gitops! Now it's either using a secret or configmap... I want the option to take the keys from a secret and the PROFILE_CONFIG from a configmap.

thanks!

emrul commented 1 week ago

Thanks @ErezWeiss - we will review and see what can be done.

ErezWeiss commented 1 week ago

an offer:

apiVersion: apps/v1
kind: Deployment
metadata:
  name: {{ include "tg-group-profile-manager.fullname" . }}
  labels:
    {{- include "tg-group-profile-manager.labels" . | nindent 4 }}
spec:
  replicas: 1
  selector:
    matchLabels:
      {{- include "tg-group-profile-manager.selectorLabels" . | nindent 6 }}
  template:
    metadata:
      {{- with .Values.podAnnotations }}
      annotations:
        {{- toYaml . | nindent 8 }}
      {{- end }}
      labels:
        {{- include "tg-group-profile-manager.selectorLabels" . | nindent 8 }}
    spec:
      containers:
        - name: {{ .Chart.Name }}
          image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
          resources:
{{ toYaml .Values.resources | indent 12 }}
          imagePullPolicy: {{ .Values.image.pullPolicy }}
          ports:
            - name: http
              containerPort: {{ .Values.service.port }}
              protocol: TCP
          env:
            - name: PROFILE_CONFIG
              valueFrom:
                configMapKeyRef:
                  name: {{ .Values.configMapName }}
                  key: profile-config.json
          {{- if not .Values.externalSecretName }}
            - name: TG_ACCOUNT
              value: {{ .Values.variables.twingateAccount }}
            - name: TG_API_KEY
              value: {{ .Values.variables.twingateApiKey }}
            - name: SLACK_SIGNING_SECRET
              value: {{ .Values.variables.slackSigningSecret }}
            - name: SLACK_BOT_TOKEN
              value: {{ .Values.variables.slackBotToken }}
            - name: DEPLOY_ENV
              value: {{ .Values.variables.deployEnv }}
          {{- if .Values.externalSecretName }}
          envFrom:
            - secretRef:
                name: {{ .Values.externalSecretName }}
          {{- end }}
      {{- with .Values.nodeSelector }}
      nodeSelector:
        {{- toYaml . | nindent 8 }}
      {{- end }}
      {{- with .Values.affinity }}
      affinity:
        {{- toYaml . | nindent 8 }}
      {{- end }}
      {{- with .Values.tolerations }}
      tolerations:
        {{- toYaml . | nindent 8 }}
      {{- end }}
ErezWeiss commented 3 days ago

@emrul

emrul commented 3 days ago

Hi @ErezWeiss - thanks for this PR. We will review this and consider it. We're a bit loaded at the moment so it may be a few weeks before we can get back to you. We hope to have the health check PR merged sooner.