Sensitive data such as login credentials should not be rendered in a ConfigMap, as cluster operators are often more lenient granting applications read permissions for them.
This PR moves SMTP_LOGIN and SMTP_PASSWORD env vars to a new secret secret-smtp.yaml, unless .Values.mastodon.smtp.existingSecret is defined. In this case, no secret is created and sidekiq will source the login and password variables from .Values.mastodon.smtp.existingSecret.
Porting https://github.com/mastodon/mastodon/pull/19919 to the new repo.
Sensitive data such as login credentials should not be rendered in a
ConfigMap, as cluster operators are often more lenient granting applications read permissions for them.This PR moves
SMTP_LOGINandSMTP_PASSWORDenv vars to a new secretsecret-smtp.yaml, unless.Values.mastodon.smtp.existingSecretis defined. In this case, no secret is created and sidekiq will source theloginandpasswordvariables from.Values.mastodon.smtp.existingSecret.This change is backwards-compatible.