vCluster - Create fully functional virtual Kubernetes clusters - Each vcluster runs inside a namespace of the underlying k8s cluster. It's cheaper than creating separate full-blown clusters and it offers better multi-tenancy and isolation than regular namespaces.
I use the cloudnative-pg operator to deploy Postgres databases in my Kubernetes host cluster. It automatically creates a Secret with the credentials and endpoint information of how to connect to the Postgres database, as is common. I would like to be able to tell vCluster to get its database connection information from that secret.
This allows me to never need to store the database password in my configuration repository. As it stands, I must store the database password unencrypted in the values.yaml for the Helm release.
Which solution do you suggest?
Support specifying an existingSecret to retrieve this information from. To use the Nextcloud helm chart as an example:
Is your feature request related to a problem?
I use the cloudnative-pg operator to deploy Postgres databases in my Kubernetes host cluster. It automatically creates a Secret with the credentials and endpoint information of how to connect to the Postgres database, as is common. I would like to be able to tell vCluster to get its database connection information from that secret.
This allows me to never need to store the database password in my configuration repository. As it stands, I must store the database password unencrypted in the values.yaml for the Helm release.
Which solution do you suggest?
Support specifying an existingSecret to retrieve this information from. To use the Nextcloud helm chart as an example:
This example uses separate keys for username, password, etc. but just being able to retrieve the uri from a secret would be sufficient
Which alternative solutions exist?
Allow in the Helm chart for a custom config-secret to be specified so I can use SOPS to securely store it encrypted in my configuration repository
Additional context
No response