[bitnami/tomcat] Add existing secret management (#23558)

This commit is contained in:
Matthieu ROBIN
2024-02-19 12:14:49 +01:00
committed by GitHub
parent 1a1f6b784f
commit 4fd3c1f15e
6 changed files with 34 additions and 21 deletions

View File

@@ -35,4 +35,4 @@ maintainers:
name: tomcat
sources:
- https://github.com/bitnami/charts/tree/main/bitnami/tomcat
version: 10.14.0
version: 10.15.0

View File

@@ -79,25 +79,26 @@ The command removes all the Kubernetes components associated with the chart and
### Tomcat parameters
| Name | Description | Value |
| ------------------------------ | ------------------------------------------------------------------------------------------------------ | ------------------------ |
| `image.registry` | Tomcat image registry | `REGISTRY_NAME` |
| `image.repository` | Tomcat image repository | `REPOSITORY_NAME/tomcat` |
| `image.digest` | Tomcat image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `image.pullPolicy` | Tomcat image pull policy | `IfNotPresent` |
| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` |
| `image.debug` | Specify if debug logs should be enabled | `false` |
| `automountServiceAccountToken` | Mount Service Account token in pod | `false` |
| `hostAliases` | Deployment pod host aliases | `[]` |
| `tomcatUsername` | Tomcat admin user | `user` |
| `tomcatPassword` | Tomcat admin password | `""` |
| `tomcatAllowRemoteManagement` | Enable remote access to management interface | `0` |
| `catalinaOpts` | Java runtime option used by tomcat JVM | `""` |
| `command` | Override default container command (useful when using custom images) | `[]` |
| `args` | Override default container args (useful when using custom images) | `[]` |
| `extraEnvVars` | Extra environment variables to be set on Tomcat container | `[]` |
| `extraEnvVarsCM` | Name of existing ConfigMap containing extra environment variables | `""` |
| `extraEnvVarsSecret` | Name of existing Secret containing extra environment variables | `""` |
| Name | Description | Value |
| ------------------------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------ |
| `image.registry` | Tomcat image registry | `REGISTRY_NAME` |
| `image.repository` | Tomcat image repository | `REPOSITORY_NAME/tomcat` |
| `image.digest` | Tomcat image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `image.pullPolicy` | Tomcat image pull policy | `IfNotPresent` |
| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` |
| `image.debug` | Specify if debug logs should be enabled | `false` |
| `automountServiceAccountToken` | Mount Service Account token in pod | `false` |
| `hostAliases` | Deployment pod host aliases | `[]` |
| `tomcatUsername` | Tomcat admin user | `user` |
| `tomcatPassword` | Tomcat admin password | `""` |
| `existingSecret` | Use existing secret for password details (`tomcatPassword` will be ignored and picked up from this secret). The secret has to contain the key `tomcat-password` | `""` |
| `tomcatAllowRemoteManagement` | Enable remote access to management interface | `0` |
| `catalinaOpts` | Java runtime option used by tomcat JVM | `""` |
| `command` | Override default container command (useful when using custom images) | `[]` |
| `args` | Override default container args (useful when using custom images) | `[]` |
| `extraEnvVars` | Extra environment variables to be set on Tomcat container | `[]` |
| `extraEnvVarsCM` | Name of existing ConfigMap containing extra environment variables | `""` |
| `extraEnvVarsSecret` | Name of existing Secret containing extra environment variables | `""` |
### Tomcat deployment parameters

View File

@@ -47,6 +47,13 @@ Return the proper Docker Image Registry Secret Names
{{- include "common.images.pullSecrets" (dict "images" (list .Values.image .Values.volumePermissions.image .Values.metrics.jmx.image) "global" .Values.global) -}}
{{- end -}}
{{/*
Return the Tomcat credential secret name
*/}}
{{- define "tomcat.secretName" -}}
{{- coalesce .Values.existingSecret (include "common.names.fullname" .) -}}
{{- end -}}
{{/*
Check if there are rolling tags in the images
*/}}

View File

@@ -82,7 +82,7 @@ containers:
- name: TOMCAT_PASSWORD
valueFrom:
secretKeyRef:
name: {{ template "common.names.fullname" . }}
name: {{ include "tomcat.secretName" . }}
key: tomcat-password
- name: TOMCAT_ALLOW_REMOTE_MANAGEMENT
value: {{ .Values.tomcatAllowRemoteManagement | quote }}

View File

@@ -3,6 +3,7 @@ Copyright VMware, Inc.
SPDX-License-Identifier: APACHE-2.0
*/}}
{{- if not .Values.existingSecret }}
apiVersion: v1
kind: Secret
metadata:
@@ -15,3 +16,4 @@ metadata:
type: Opaque
data:
tomcat-password: {{ include "common.secrets.passwords.manage" (dict "secret" (include "common.names.fullname" .) "key" "tomcat-password" "providedValues" (list "tomcatPassword") "length" 10 "strong" false "context" $) }}
{{- end }}

View File

@@ -92,6 +92,9 @@ tomcatUsername: user
## ref: https://github.com/bitnami/containers/tree/main/bitnami/tomcat#creating-a-custom-user
##
tomcatPassword: ""
## @param existingSecret Use existing secret for password details (`tomcatPassword` will be ignored and picked up from this secret). The secret has to contain the key `tomcat-password`
##
existingSecret: ""
## @param tomcatAllowRemoteManagement Enable remote access to management interface
## ref: https://github.com/bitnami/charts/tree/main/bitnami/tomcat#configuration
##