ghost: added secrets manifest for sensitive variables.

A secret volume named `ghost` is created to store password variables.
2026-02-14 23:37:11 +08:00 · 2016-06-30 13:01:09 +05:30
parent 3034438791
commit 5b83a59bbf
5 changed files with 41 additions and 5 deletions
--- a/ghost/Chart.yaml
+++ b/ghost/Chart.yaml
@@ -2,7 +2,7 @@ name: ghost
 home: http://www.ghost.org/
 source:
 - https://github.com/bitnami/bitnami-docker-ghost
-version: 0.2.0
+version: 0.2.1
 description: A simple, powerful publishing platform that allows you to share your stories with the world
 maintainers:
 - Bitnami <containers@bitnami.com>
--- a/ghost/manifests/ghost-rc.yaml
+++ b/ghost/manifests/ghost-rc.yaml
@@ -28,7 +28,10 @@ spec:
        - name: GHOST_USERNAME
          value: "user"
        - name: GHOST_PASSWORD
-          value: "bitnami1"
+          valueFrom:
+            secretKeyRef:
+              name: ghost
+              key: ghost-password
        - name: GHOST_EMAIL
          value: "user@example.com"
        - name: BLOG_TITLE
@@ -40,7 +43,10 @@ spec:
        - name: SMTP_USER
          value: ""
        - name: SMTP_PASSWORD
-          value: ""
+          valueFrom:
+            secretKeyRef:
+              name: ghost
+              key: smtp-password
        - name: SMTP_SERVICE
          value: ""
        ports:
--- a/ghost/manifests/ghost-secrets.yaml
+++ b/ghost/manifests/ghost-secrets.yaml
@@ -0,0 +1,12 @@
+#helm:generate helmc tpl -d tpl/values.toml -o manifests/ghost-secrets.yaml $HELM_GENERATE_FILE
+apiVersion: v1
+kind: Secret
+metadata:
+  name: ghost
+  labels:
+    provider: ghost
+    heritage: bitnami
+type: Opaque
+data:
+  ghost-password: "Yml0bmFtaTE="
+  smtp-password: ""
--- a/ghost/tpl/ghost-rc.yaml
+++ b/ghost/tpl/ghost-rc.yaml
@@ -28,7 +28,10 @@ spec:
        - name: GHOST_USERNAME
          value: {{ .ghostUser | quote }}
        - name: GHOST_PASSWORD
-          value: {{ .ghostPassword | quote }}
+          valueFrom:
+            secretKeyRef:
+              name: ghost
+              key: ghost-password
        - name: GHOST_EMAIL
          value: {{ .ghostEmail | quote }}
        - name: BLOG_TITLE
@@ -40,7 +43,10 @@ spec:
        - name: SMTP_USER
          value: {{ .smtpUser | quote }}
        - name: SMTP_PASSWORD
-          value: {{ .smtpPassword | quote }}
+          valueFrom:
+            secretKeyRef:
+              name: ghost
+              key: smtp-password
        - name: SMTP_SERVICE
          value: {{ .smtpService | quote }}
        ports:
--- a/ghost/tpl/ghost-secrets.yaml
+++ b/ghost/tpl/ghost-secrets.yaml
@@ -0,0 +1,12 @@
+#helm:generate helmc tpl -d tpl/values.toml -o manifests/ghost-secrets.yaml $HELM_GENERATE_FILE
+apiVersion: v1
+kind: Secret
+metadata:
+  name: ghost
+  labels:
+    provider: ghost
+    heritage: bitnami
+type: Opaque
+data:
+  ghost-password: {{ .ghostPassword | b64enc | quote }}
+  smtp-password: {{ .smtpPassword | b64enc | quote }}