From b8656858ece49ebc7af3097f56ec1a2ca708884f Mon Sep 17 00:00:00 2001 From: "Langhammer, Jens" Date: Tue, 1 Oct 2019 15:42:14 +0200 Subject: [PATCH] k8s(minor): load secrets as env vars --- helm/passbook/templates/appgw-deployment.yaml | 15 ++++++++++ helm/passbook/templates/web-deployment.yaml | 30 +++++++++++++++++++ .../passbook/templates/worker-deployment.yaml | 15 ++++++++++ passbook/root/wsgi.py | 2 +- 4 files changed, 61 insertions(+), 1 deletion(-) diff --git a/helm/passbook/templates/appgw-deployment.yaml b/helm/passbook/templates/appgw-deployment.yaml index 18fc1a85c..7fed4bb99 100644 --- a/helm/passbook/templates/appgw-deployment.yaml +++ b/helm/passbook/templates/appgw-deployment.yaml @@ -32,6 +32,21 @@ spec: - ./manage.py args: - app_gw_web + envFrom: + - configMapRef: + name: {{ include "p2.fullname" . }}-config + prefix: PASSBOOK_ + env: + - name: P2_REDIS__PASSWORD + valueFrom: + secretKeyRef: + name: "{{ .Release.Name }}-redis" + key: redis-password + - name: P2_POSTGRESQL__PASSWORD + valueFrom: + secretKeyRef: + name: "{{ .Release.Name }}-postgresql" + key: postgresql-password ports: - name: http containerPort: 8000 diff --git a/helm/passbook/templates/web-deployment.yaml b/helm/passbook/templates/web-deployment.yaml index 24cb6b488..6708e0851 100644 --- a/helm/passbook/templates/web-deployment.yaml +++ b/helm/passbook/templates/web-deployment.yaml @@ -31,6 +31,21 @@ spec: - ./manage.py args: - migrate + envFrom: + - configMapRef: + name: {{ include "p2.fullname" . }}-config + prefix: PASSBOOK_ + env: + - name: P2_REDIS__PASSWORD + valueFrom: + secretKeyRef: + name: "{{ .Release.Name }}-redis" + key: redis-password + - name: P2_POSTGRESQL__PASSWORD + valueFrom: + secretKeyRef: + name: "{{ .Release.Name }}-postgresql" + key: postgresql-password volumeMounts: - mountPath: /etc/passbook name: config-volume @@ -42,6 +57,21 @@ spec: - ./manage.py args: - web + envFrom: + - configMapRef: + name: {{ include "p2.fullname" . }}-config + prefix: PASSBOOK_ + env: + - name: P2_REDIS__PASSWORD + valueFrom: + secretKeyRef: + name: "{{ .Release.Name }}-redis" + key: redis-password + - name: P2_POSTGRESQL__PASSWORD + valueFrom: + secretKeyRef: + name: "{{ .Release.Name }}-postgresql" + key: postgresql-password ports: - name: http containerPort: 8000 diff --git a/helm/passbook/templates/worker-deployment.yaml b/helm/passbook/templates/worker-deployment.yaml index 649031d11..0a260d942 100644 --- a/helm/passbook/templates/worker-deployment.yaml +++ b/helm/passbook/templates/worker-deployment.yaml @@ -32,6 +32,21 @@ spec: - ./manage.py args: - worker + envFrom: + - configMapRef: + name: {{ include "p2.fullname" . }}-config + prefix: PASSBOOK_ + env: + - name: P2_REDIS__PASSWORD + valueFrom: + secretKeyRef: + name: "{{ .Release.Name }}-redis" + key: redis-password + - name: P2_POSTGRESQL__PASSWORD + valueFrom: + secretKeyRef: + name: "{{ .Release.Name }}-postgresql" + key: postgresql-password ports: - name: http containerPort: 8000 diff --git a/passbook/root/wsgi.py b/passbook/root/wsgi.py index 6ad5ceefd..7729b79ed 100644 --- a/passbook/root/wsgi.py +++ b/passbook/root/wsgi.py @@ -12,6 +12,6 @@ import os from django.core.wsgi import get_wsgi_application from sentry_sdk.integrations.wsgi import SentryWsgiMiddleware -os.environ.setdefault('DJANGO_SETTINGS_MODULE', 'passbook.settings') +os.environ.setdefault('DJANGO_SETTINGS_MODULE', 'passbook.root.settings') application = SentryWsgiMiddleware(get_wsgi_application())