From 5366ece669637c9d9dc1835e9f5eeae94af3d66a Mon Sep 17 00:00:00 2001 From: Miguel Ruiz Date: Fri, 4 Apr 2025 15:16:56 +0200 Subject: [PATCH] [bitnami/neo4j] Set `usePasswordFiles=true` by default (#32706) * [bitnami/neo4j] Set `usePasswordFiles=true` by default Signed-off-by: Miguel Ruiz * Update CHANGELOG.md Signed-off-by: Bitnami Bot * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Bot * Update CHANGELOG.md Signed-off-by: Bitnami Bot * Fix typo Signed-off-by: Miguel Ruiz --------- Signed-off-by: Miguel Ruiz Signed-off-by: Bitnami Bot Co-authored-by: Bitnami Bot --- bitnami/neo4j/CHANGELOG.md | 8 ++++++-- bitnami/neo4j/Chart.yaml | 2 +- bitnami/neo4j/README.md | 1 + bitnami/neo4j/templates/rbac/rolebinding.yaml | 4 ++-- bitnami/neo4j/templates/statefulset.yaml | 16 ++++++++++++++++ bitnami/neo4j/values.yaml | 3 +++ 6 files changed, 29 insertions(+), 5 deletions(-) diff --git a/bitnami/neo4j/CHANGELOG.md b/bitnami/neo4j/CHANGELOG.md index c7551f44b1..6b47174224 100644 --- a/bitnami/neo4j/CHANGELOG.md +++ b/bitnami/neo4j/CHANGELOG.md @@ -1,8 +1,12 @@ # Changelog -## 0.3.5 (2025-04-02) +## 0.4.0 (2025-04-04) -* [bitnami/neo4j] Release 0.3.5 ([#32775](https://github.com/bitnami/charts/pull/32775)) +* [bitnami/neo4j] Set `usePasswordFiles=true` by default ([#32706](https://github.com/bitnami/charts/pull/32706)) + +## 0.3.5 (2025-04-02) + +* [bitnami/neo4j] Release 0.3.5 (#32775) ([d3164a4](https://github.com/bitnami/charts/commit/d3164a467066be2db9c8925e64fc1b1d2c9bc839)), closes [#32775](https://github.com/bitnami/charts/issues/32775) ## 0.3.4 (2025-04-02) diff --git a/bitnami/neo4j/Chart.yaml b/bitnami/neo4j/Chart.yaml index bb0d712bf5..d849a53227 100644 --- a/bitnami/neo4j/Chart.yaml +++ b/bitnami/neo4j/Chart.yaml @@ -36,4 +36,4 @@ sources: - https://github.com/bitnami/charts/tree/main/bitnami/neo4j - https://github.com/bitnami/containers/tree/main/bitnami/neo4j - https://github.com/neo4j/neo4j -version: 0.3.5 +version: 0.4.0 diff --git a/bitnami/neo4j/README.md b/bitnami/neo4j/README.md index 884af8b9eb..ac61b4019a 100644 --- a/bitnami/neo4j/README.md +++ b/bitnami/neo4j/README.md @@ -200,6 +200,7 @@ If you encounter errors when working with persistent volumes, refer to our [trou | `commonAnnotations` | Annotations to add to all deployed objects | `{}` | | `clusterDomain` | Kubernetes cluster domain name | `cluster.local` | | `extraDeploy` | Array of extra objects to deploy with the release | `[]` | +| `usePasswordFiles` | Mount credentials as files instead of using environment variables | `true` | | `diagnosticMode.enabled` | Enable diagnostic mode (all probes will be disabled and the command will be overridden) | `false` | | `diagnosticMode.command` | Command to override all containers in the chart release | `["sleep"]` | | `diagnosticMode.args` | Args to override all containers in the chart release | `["infinity"]` | diff --git a/bitnami/neo4j/templates/rbac/rolebinding.yaml b/bitnami/neo4j/templates/rbac/rolebinding.yaml index c00b85950b..a3f36b626a 100644 --- a/bitnami/neo4j/templates/rbac/rolebinding.yaml +++ b/bitnami/neo4j/templates/rbac/rolebinding.yaml @@ -3,7 +3,7 @@ Copyright Broadcom, Inc. All Rights Reserved. SPDX-License-Identifier: APACHE-2.0 */}} -{{- if .Values.rbac.create -}} +{{- if .Values.rbac.create }} apiVersion: {{ include "common.capabilities.rbac.apiVersion" . }} kind: RoleBinding metadata: @@ -22,4 +22,4 @@ subjects: - kind: ServiceAccount name: {{ include "neo4j.serviceAccountName" . }} namespace: {{ .Release.Namespace | quote }} -{{- end -}} +{{- end }} diff --git a/bitnami/neo4j/templates/statefulset.yaml b/bitnami/neo4j/templates/statefulset.yaml index 656a19fa0e..b376fd0a77 100644 --- a/bitnami/neo4j/templates/statefulset.yaml +++ b/bitnami/neo4j/templates/statefulset.yaml @@ -129,11 +129,16 @@ spec: value: {{ .Values.service.ports.bolt | quote }} - name: NEO4J_HTTP_ADVERTISED_PORT_NUMBER value: {{ .Values.service.ports.http | quote }} + {{- if .Values.usePasswordFiles }} + - name: NEO4J_PASSWORD_FILE + value: "/opt/bitnami/neo4j/secrets/password" + {{- else }} - name: NEO4J_PASSWORD valueFrom: secretKeyRef: name: {{ include "neo4j.secretName" . }} key: password + {{- end }} {{- if (include "neo4j.tls.bolt.enabled" .) }} - name: NEO4J_BOLT_TLS_LEVEL value: {{ upper .Values.tls.bolt.level | quote }} @@ -223,6 +228,10 @@ spec: - name: empty-dir mountPath: /opt/bitnami/neo4j/run subPath: app-run-dir + {{- if .Values.usePasswordFiles }} + - name: neo4j-secrets + mountPath: /opt/bitnami/neo4j/secrets + {{- end }} {{- if or .Values.existingConfigmap .Values.configuration .Values.apocConfiguration }} - name: config-dir mountPath: /bitnami/neo4j/conf @@ -250,6 +259,13 @@ spec: volumes: - name: empty-dir emptyDir: {} + {{- if .Values.usePasswordFiles }} + - name: neo4j-secrets + projected: + sources: + - secret: + name: {{ include "neo4j.secretName" . }} + {{- end }} - name: data {{- if .Values.persistence.enabled }} persistentVolumeClaim: diff --git a/bitnami/neo4j/values.yaml b/bitnami/neo4j/values.yaml index 3302f1caf7..580135f8dd 100644 --- a/bitnami/neo4j/values.yaml +++ b/bitnami/neo4j/values.yaml @@ -66,6 +66,9 @@ clusterDomain: cluster.local ## @param extraDeploy Array of extra objects to deploy with the release ## extraDeploy: [] +## @param usePasswordFiles Mount credentials as files instead of using environment variables +## +usePasswordFiles: true ## Diagnostic mode ## @param diagnosticMode.enabled Enable diagnostic mode (all probes will be disabled and the command will be overridden) ## @param diagnosticMode.command Command to override all containers in the chart release