Pre-install Job does not accept connection string from secret
Currently, the only way to configure secrets for the Pre-install Job is by setting .Values.env.secret.*
. This is not perfect, since values.yaml often contain configuration we want to check into git, while the encryption keys and the full connection string certainly not. I would expect the Job to accept secret ref to get its secrets.
This is already done in all the deployment files (!6 (merged)):
{{- if .Values.existingSecret }}
- secretRef:
name: {{ .Values.existingSecret }}
{{- end }}
I propose to add .Values.existingSecret
as a secretRef to the Pre-install Job.
Potentially also
{{- if .Values.postgresql.enabled }}
- name: DATABASE_PASSWORD
valueFrom:
secretKeyRef:
name: {{ default (include "django.postgresql.fullname" .) .Values.postgresql.auth.existingSecret }}
key: postgres-password
{{- end }}
I am not fluent in this project enough to be sure how this works.
Edited by petrzjunior