feat: make dsn optional

[blumTom]

Related Issue or Design Document

Checklist

• [ ] I have read the contributing guidelines and signed the CLA.
• [ ] I have referenced an issue containing the design document if my change introduces a new feature.
• [ ] I have read the security policy.
• [ ] I confirm that this pull request does not address a security vulnerability. If this pull request addresses a security vulnerability, I confirm that I got approval (please contact security@ory.sh) from the maintainers to push the changes.
• [ ] I have added tests that prove my fix is effective or that my feature works.
• [ ] I have added the necessary documentation within the code base (if appropriate).

Further comments

Fix for #659

[CLAassistant]

Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.

---

Thomas Blum seems not to be a GitHub user. You need a GitHub account to be able to sign the CLA. If you have already a GitHub account, please add the email address used for this commit to your account.
_{You have signed the CLA already but the status is still pending? Let us recheck it.}

[dlahn]

Any chance of this getting merged? This would be very helpful for us.

[dlahn]

@piotrmsc @Demonsthere Do you think this could be merged? This would help us a lot.

[piotrmsc]

Hey :) what is your exact use case? Currently it reads from the configured k8s secret if enabled.

[dlahn]

Hey :) what is your exact use case? Currently it reads from the configured k8s secret if enabled.

@piotrmsc The use case is that our DB credentials are in a different secret. I can't even override DSN because this chart is defining it already. This PR would allow us to override it using the value from our DB secret.

[dlahn]

Just want to bump this to see if it could be merged? We would like to be able to override this.

[Demonsthere]

Imho, in general we can accept the feature, providing that it is an option and not the default behaviour. However in order to merge it, the PR would need some more work:

1. Add test cases for values in our hacks/values dir, to check the process in CI (installation and upgrade scenarios without DSN/externally provided DSN)
2. Add docs explaining the flow and examples
3. Propagate the changes to all charts using DSN
4. The CLA needs to be accepted

Is this OK with you?

[dlahn]

@Demonsthere I'm not sure if the initial contributor here is still interested, so I have made a new PR #678 to address this. I did some investigations and this pattern is already in place in Hydra, and actually even in parts of Kratos, so I think this PR will just bring everything in line. I am also using the helpers to do the reference.

[Demonsthere]

Closing in favour of https://github.com/ory/k8s/pull/678