From 7ccf7a73f1c47a8c03712c39f7c591e837cf6d08 Mon Sep 17 00:00:00 2001
From: Alex Nordlund <deep.alexander@gmail.com>
Date: Wed, 10 Aug 2022 17:12:58 +0200
Subject: Fix broken dependencies in helm chart and allow using existing
 secrets in the chart (#18941)

* Add ability to specify an existing Secret (#18139)

Closes #18139

* Allow using secrets with external postgres

* Upgrade CronJob to batch/v1

* Allow using redis.auth.existingSecret

* Helmignore mastodon-*.tgz for easy local development

* Upgrade helm dependencies

* Upgrade postgresql to 11

* Allow putting SMTP password into a secret

* Add optional login to SMTP secret

This to allow setting LOGIN either in values.yaml or
in the secret.

* Switch to bitnami charts full archive

This prevents older versions from disappearing, see
https://github.com/bitnami/charts/issues/10539 for
full context.

Co-authored-by: Ted Tramonte <ted.tramonte@gmail.com>
---
 chart/templates/secrets.yaml | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

(limited to 'chart/templates/secrets.yaml')

diff --git a/chart/templates/secrets.yaml b/chart/templates/secrets.yaml
index 0452a8ae1..135d5b61a 100644
--- a/chart/templates/secrets.yaml
+++ b/chart/templates/secrets.yaml
@@ -1,3 +1,4 @@
+{{- if (include "mastodon.createSecret" .) }}
 apiVersion: v1
 kind: Secret
 metadata:
@@ -7,9 +8,12 @@ metadata:
 type: Opaque
 data:
   {{- if .Values.mastodon.s3.enabled }}
+  {{- if not .Values.mastodon.s3.existingSecret }}
   AWS_ACCESS_KEY_ID: "{{ .Values.mastodon.s3.access_key | b64enc }}"
   AWS_SECRET_ACCESS_KEY: "{{ .Values.mastodon.s3.access_secret | b64enc }}"
   {{- end }}
+  {{- end }}
+  {{- if not .Values.mastodon.secrets.existingSecret }}
   {{- if not (empty .Values.mastodon.secrets.secret_key_base) }}
   SECRET_KEY_BASE: "{{ .Values.mastodon.secrets.secret_key_base | b64enc }}"
   {{- else }}
@@ -30,6 +34,10 @@ data:
   {{- else }}
   VAPID_PUBLIC_KEY: {{ required "vapid.public_key is required" .Values.mastodon.secrets.vapid.public_key }}
   {{- end }}
+  {{- end }}
   {{- if not .Values.postgresql.enabled }}
-  postgresql-password: "{{ .Values.postgresql.postgresqlPassword | b64enc }}"
+  {{- if not .Values.postgresql.auth.existingSecret }}
+  postgresql-password: "{{ .Values.postgresql.auth.password | b64enc }}"
+  {{- end }}
   {{- end }}
+{{- end -}}
-- 
cgit