Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

PWB: Support defining sensitive config values via k8s secrets #535

Open
wants to merge 7 commits into
base: main
Choose a base branch
from

Conversation

pat-s
Copy link
Contributor

@pat-s pat-s commented Jul 19, 2024

Applies to

  • launcherPem
  • secureCookieKey
  • userPassword
  • database.conf

When doing so, the rstudio-secret is skipped and individual mounts containing the above-mentioned secret values are injected.

This PR is breaking as the items listed are now maps and existing deployments would need to migrate from launcherPem: <value> to launcherPem.value: <value>.

I've tested this in a deployment of mine and it works as expected so far.

secureCookieKey:
  existingSecret: secure-cookie-key
launcherPem:
  existingSecret: launcher-pem
config:
  database:
    conf:
      existingSecret: database-conf
userPassword:
  existingSecret: workbench-user-password

The advantage of this approach is that it gives power to the users and makes use of "simple" k8s secrets instead of relying on some chart magic which puts together a bundled secret from plain config values.

related #520 #493

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants